Reading up on gVisor
4 deep · digging since jan 07
- GitHub - anthropics/defending-code-reference-harness: Skills for threat modeling, scanning, triage, patching, plus an autonomous scanning harness you can /customize
Anthropic released an open-source reference harness and Claude Code skills for automating vulnerability discovery, triage, and patching using Claude, alongside a managed product called Claude Security.
- How we contain Claude across products
Anthropic details how it contains AI agent blast radius across three products using sandboxes, VMs, and human-in-the-loop controls, while documenting missed risks like pre-trust code execution and user-mediated prompt injection.
- GitHub - kubernetes-sigs/agent-sandbox: agent-sandbox enables easy management of isolated, stateful, singleton workloads, ideal for use cases like AI agent runtimes.
Kubernetes SIG Apps introduces agent-sandbox, a CRD and controller for managing isolated, stateful, singleton workloads like AI agent runtimes.
- A field guide to sandboxes for AI
Sandboxing tools for AI agents differ fundamentally by boundary (containers, gVisor, microVMs, Wasm), not just by policy, and picking the wrong one creates either leaks or excessive cost.