What is sandboxing for AI agents?

Sandboxing runs an AI agent in an isolated execution environment with restricted permissions. It enforces least privilege at the infrastructure level. In the Borealis framework, sandboxing is a recommended deployment practice that structurally reinforces constraint adherence - limiting blast radius if an agent malfunctions or is prompt-injected.

AI Trust Glossary · Canonical Definition

Sandboxing

Running an AI agent in an isolated execution environment with restricted permissions - limiting what actions it can take and what data it can access.

Borealis Research Team · Updated March 2026 · View all 47 terms

Explanation

Sandboxing enforces least privilege at the execution level. An agent in a sandbox can only access systems and data it has been explicitly granted. Sandbox escape - gaining access to resources it should not have - is a critical security failure.

Why it matters

Unconstrained AI agents with broad system access represent catastrophic risk if they malfunction or are compromised. Sandboxing limits blast radius. An agent that hallucinates or is prompt-injected in a proper sandbox causes limited damage; one with unrestricted access can cause unlimited damage.

How Borealis uses it

Sandboxing is a recommended deployment practice that directly supports constraint adherence. Agents deployed with proper sandboxing have a structural enforcement layer reinforcing behavioral constraints. Audit evidence should include sandbox configuration to demonstrate infrastructure-level constraint enforcement.