Yeah, it seems "sandboxing" is the current catch-all buzzword in AI products to hand-wave away any security concerns. Which often raises more questions than it answers for something like a generalist dev agent that has access to an endless number of tools/APIs/etc that could allow for a trivial bypass depending on the whims of the agent while problem solving.