Running AI coding agents safely with Docker Sandboxes and mise

Running an AI coding agent on your host machine is a bit like hiring a contractor and handing them your house keys, your car keys, and your office keycard — just in case they need any of them. There's a better way. This article is about what that looks like in practice. Your agent is an optimizer, not a rule-follower When working with agents you might noticed that if an agent hits a blocker or a problem, it tries to find their way around it. Setting up permission is a good way of catching obvious ways to reach the goal. Unfortunately, give an agent a goal and it will find a path. Looking at the concrete example with blocking access to reading the env variables, an agent found a way to create a python script to fetch the variables. We can't block the agent from generating Python. Why would we? This isn't malicious behavior. The agent isn't trying to attack you — it's trying to complete the task you gave it. If one path is blocked, it tries another. If that's blocked, it tries a third. I