Should AI coding tools be sandboxed by default before they’re allowed to touch local files?