Running AI agents safely in a microVM using docker sandbox

This is a practical argument for reclaiming the speed of dangerous-mode agents without accepting host-level risk. The key move is shifting the trust boundary into an isolated microVM with its own kernel, network controls, and credential handling. It frames agent safety less as a model problem and more as an infrastructure problem, which feels like the more durable path.