Better to run a simple full virtual machine. It's easy to spin one up on any modern linux distro (okay, not as easy it is in Qubes-- only three mouse clicks, but still pretty easy).

There are many advantages of running it in a VM: really clean and strong sandboxing and it's easy to put that VM behind its own VPN / firewall external to the VM to reduce the escape risk.). It's also handy if you run a different distro than the agent ecosystem, since you can just run whatever OS works best for the agent.