Description
AI agents, MCP servers, and LLM workloads can be constrained with a kernel-enforced Landlock sandbox. It is useful for developers and security teams that need stronger boundaries around automated tools.
Sandboxing reduces risk but does not make unsafe workloads harmless. Define filesystem and process permissions carefully and test policies before relying on them.