Comment by raesene9
What specifically are you concerned about when running an LLM agent in a container versus a VM.
Assuming a standard Docker/Podman container with just the project directory mounted inside it, what vectors are you expecting the LLM to use to break out?
From “How it works” in the readme:
> yolobox uses container isolation (Docker or Podman) as its security boundary…
I have no issue with running agents in containers FWIW, just in framing it as a security feature.
> what vectors are you expecting the LLM to use to break out?
You can just search for “Docker CVE”.
Here is one later last year, just for an example: https://nvd.nist.gov/vuln/detail/CVE-2025-9074