Agreed and it's a pattern that OpenAI suggested a few days ago, too [1]. I also built a cross platform process level sandboxing that uses parts of OpenAI Codex for the same purpose [2]
[1] https://openai.com/index/the-next-evolution-of-the-agents-sd...