Doing so would be an effective admission that LLM guardrails are inherently probabilistic, unpredictable, and insecure. Plus the only truly robust sandbox approach would be clunky setup of a local VM.
Doing so would be an effective admission that LLM guardrails are inherently probabilistic, unpredictable, and insecure. Plus the only truly robust sandbox approach would be clunky setup of a local VM.
That clunky VM setup is a what Claude Cowork does, which is Claude Code with extra safety features for non-programmers.
There was a big thread about that here the other day: https://news.ycombinator.com/item?id=48479452