Latest in AI

Showing:sandboxingClear ×

🔥 Trending today

anthropic7 export-controls4 model-access3 spacex3 amazon3 national-security2 open-source2 governance2 ai-policy2 ai-regulation2

Topic

Release New Tool Tutorial Business Paper Benchmark Opinion Regulation

For

General Developers Designers Product Founders Marketing Researchers Students

OpenLumara Creator Challenges Reddit to Hack Its Public Agent Instance
r/LocalLLaMA top day4 days agoIncident
The creator of OpenLumara posted a public challenge asking r/LocalLLaMA users to try breaking into a Discord-hosted instance of the local-model agent. They claimed common prompt-engineering attacks would not work because modules and sandboxes were heavily locked down. The post later listed several successful findings, including missing path traversal protection, an authorization-check bypass, and another undisclosed exploit pending a fix.
micropython-wasm 0.1a2
Simon Willison's Weblog8 days agoRelease
Simon Willison released micropython-wasm 0.1a2, with the main change being a new CLI. The CLI was added from issue #7 and was inspired while drafting a related post about MicroPython in a sandbox. Its purpose is to make the post's “Try it yourself” section easier to demonstrate and follow, especially for readers experimenting with Python, WebAssembly, and sandboxing.
Running Python code in a sandbox with MicroPython and WASM
Simon Willison's Weblog8 days agoNew Tool
Simon Willison describes his latest attempt to safely run Python plugin-style code inside his own applications. The alpha package micropython-wasm uses MicroPython compiled to WebAssembly, executed through the maintained wasmtime Python library. His goals include clean PyPI installation, CPU and memory limits, controlled file and network access, host functions, and reliable documentation.
How we contain Claude across products★ 74
Hacker News (AI keywords)10 days agoCommentary
Anthropic describes containment as the core security strategy for increasingly capable Claude agents. The post compares ephemeral containers for claude.ai, OS-level sandboxing and approvals for Claude Code, and VM isolation for Claude Cowork. It also details missed risks, including pre-trust project config execution, user-delivered prompt injection, exfiltration through approved domains, and reduced enterprise visibility inside VMs.
datasette-agent-micropython 0.1a0
Simon Willison's Weblog11 days agoRelease
Simon Willison released datasette-agent-micropython 0.1a0, an alpha aimed at letting Datasette Agent generate and execute Python safely. The project focuses on sandboxing, with MicroPython and WebAssembly-related techniques suggested by the tags. Willison says the early results look promising and that GPT-5.5 has not yet escaped the sandbox, though this remains an early alpha.
micropython-wasm 0.1a1
Simon Willison's Weblog11 days agoRelease
Simon Willison released micropython-wasm 0.1a1, a small update connected to Python, sandboxing, and WebAssembly. The release fixes limitations that appeared while he was trying to use it to build datasette-agent-micropython. The post does not list detailed changes, so this should be read as an early usability and compatibility improvement rather than a major feature launch.
micropython-wasm 0.1a0
Simon Willison's Weblog12 days agoRelease
Simon Willison released micropython-wasm 0.1a0, an alpha package described as his latest sandboxing experiment. It bundles a lightly customized WASM build of MicroPython with a wrapper for executing code through wasmtime. The post is brief, but relevant to developers tracking Python sandboxing, WebAssembly runtimes, and controlled execution environments.
How we contain Claude across products
Simon Willison's Weblog14 days agoCommentary
Anthropic explains how process sandboxes, VMs, filesystem boundaries, and egress controls limit what Claude agents can access. Claude.ai uses gVisor; local Claude Code uses Seatbelt on macOS and Bubblewrap on Linux; Cowork runs in a full VM. Simon Willison highlights the documentation quality, notes a previously missed file-exfiltration path, and plans to revisit Anthropic's open-source srt tool.
pydantic-monty investigation
Simon Willison's Weblog22 days agoCommentary
Simon Willison revisited pydantic-monty, a sandboxed subset of Python implemented in Rust. He asked Claude Code to inspect the most recent release, following his earlier exploration a few months ago. The key finding is that limits for execution duration, memory, allocations, and recursion depth all appear to behave as advertised.
Datasette Agent 新外掛 datasette-agent-sprites 0.1a0 發布：在 Fly Sprites 沙盒中安全執行指令
Simon Willison's Weblog24 days agoRelease
Well-known open-source developer Simon Willison has recently announced the release of the first alpha version (0.1a0) of `datasette-agent-sprites`. This is a…
代理式架構中的安全邊界 (Security boundaries in agentic architectures)★ 75
Vercel Changelog110 days agoOpinion
In the current evolution of AI applications, AI agents have advanced from simple text generation to complex systems capable of autonomous planning, calling…
Hugging Face 推出 Gaia2 與 ARE：賦能社群深入研究 AI Agent★ 85
Hugging Face Blog265 days agoRelease
AI agents are currently the hottest research direction in the AI field, but how to objectively, safely, and reproducibly evaluate agent capabilities has long…