Cool example with Replit's AI deleting a prod db, thanks for that!
One tool I'd add here is mirrord by MetalBear.
It tackles sandboxing from a different angle: instead of isolating the agent away from real systems, it lets your local process (or AI agent) run in the context of a remote Kubernetes environment, mirroring traffic, env vars, file I/O, and network calls from the cluster to your local machine.
The agent stays isolated locally, but gets to "see" and "act" against production-like state. Lets multiple developers and agents work with message queues and databases without stepping on each other.
Disclosure: I work there - though the product is getting a lot of love in OSS & enterprise on its own.
Cool example with Replit's AI deleting a prod db, thanks for that!
One tool I'd add here is mirrord by MetalBear.
It tackles sandboxing from a different angle: instead of isolating the agent away from real systems, it lets your local process (or AI agent) run in the context of a remote Kubernetes environment, mirroring traffic, env vars, file I/O, and network calls from the cluster to your local machine.
The agent stays isolated locally, but gets to "see" and "act" against production-like state. Lets multiple developers and agents work with message queues and databases without stepping on each other.
Disclosure: I work there - though the product is getting a lot of love in OSS & enterprise on its own.