Resumo Executivo

  1. Isolation matters for agents by ensuring a single agent holds access to all necessary systems and credentials, making it impossible for an attacker to compromise the entire monitoring stack.
  2. A single sandbox solution allows for code execution within a single process memory, preventing the agent from reading customer request payloads, querying aggregate latency metrics, or searching past incident reports.
  3. A single sandbox cannot restrict access to only one system, as it requires all three systems to be read, queried, and written in the same session, creating three distinct problems: mixed sensitivity levels, PII in logs, and internal doctored metrics.

Texto original analisado via motor FOSS-Core.