Whilst it is safer to run inside a Vm/container, it doesn't make it safe.
Yes, having your entire filesystem deleted is much less likely now (bonus points for zfs snapshots of the image for each operation) Your context is still vulnerable, as anything the VM has access too.
dk8996 32 minutes ago [-]
Interesting. Im looking for solution to run multiple OpenClaw bots in the cloud, with security and isolation in mind.
ews 9 minutes ago [-]
I ended up using guix shells (container mode) for my agents and sharing just the directories they need
Rendered at 21:33:09 GMT+0000 (Coordinated Universal Time) with Vercel.
Yes, having your entire filesystem deleted is much less likely now (bonus points for zfs snapshots of the image for each operation) Your context is still vulnerable, as anything the VM has access too.