AI agents that can read files, call APIs, and execute code need strict boundaries. Without sandboxing, a misbehaving agent can: Exfiltrate data — read secrets and send them to external endpoints.