SAIL 2.0

/

Operate - Safe Execution Environment - Sandbox

/

Endpoint Agent Sandbox Bypass

6.11

.

Endpoint Agent Sandbox Bypass

sail
6.11
Risk

Endpoint Agent Sandbox Bypass

Description

Endpoint coding agents and assistants run with sandbox-bypassing flags (--dangerously-skip-permissions, YOLO mode, wildcard tool allowlists), executing tools and code without per-action approval.

Example

Developer enables YOLO mode in Claude Code on a corporate laptop; the agent executes shell commands, file writes, and HTTP calls without prompts.

Assets Affected

AI Agent

Agent Config

Agent Execution Sandbox

Mitigation
  • Enforce policy on endpoint agents disabling YOLO/skip-permissions modes
  • require explicit per-tool allowlists
  • instrument EDR for sandbox-bypass flag usage
  • audit endpoint agent configurations.
Standards Mapping
  • ISO: A.4.5, A.6.2.6
  • OWASP agentic: ASI05, ASI02
  • OWASP LLM: LLM06:2025
  • EU AI Act: Art. 15(5)
  • DASF: Agents-Core 13.11, Agents-MCP Client 13.32
  • AIUC-1: B008, B006