Security

Some coding agents allow you to configure permissions within them, for example automatically, via a whitelist, or within a sandbox. However, these permissions remain vulnerable to the Lethal Trifecta if your coding agent has access to private data, is exposed to untrusted content, and can communicate externally.

In such cases, we define our own virtual environments and permissions so that the coding agent cannot escape from this environment.

See also

• Federal Office for Information Security (BSI): Evasion Attacks on LLMs - Countermeasures in Practice