Sandboxes Won't Save You From OpenClaw
Summary
The Tachyon Security article argues that sandboxing AI agents is not sufficient for safety; misbehavior arises from permission and access control to third-party services. It advocates for granular, per-account agent permissions and new interfaces to manage agent authorization, drawing parallels with Plaid and OAuth limitations, and concludes with a call for vulnerability audits of agent designs.