Risk
Endpoint Agent Sandbox Bypass
Description
Endpoint coding agents and assistants run with sandbox-bypassing flags (--dangerously-skip-permissions, YOLO mode, wildcard tool allowlists), executing tools and code without per-action approval.
Example
Developer enables YOLO mode in Claude Code on a corporate laptop; the agent executes shell commands, file writes, and HTTP calls without prompts.
Assets Affected
AI Agent
Agent Config
Agent Execution Sandbox
Mitigation
- Enforce policy on endpoint agents disabling YOLO/skip-permissions modes
- require explicit per-tool allowlists
- instrument EDR for sandbox-bypass flag usage
- audit endpoint agent configurations.
Standards Mapping
- ISO: A.4.5, A.6.2.6
- OWASP agentic: ASI05, ASI02
- OWASP LLM: LLM06:2025
- EU AI Act: Art. 15(5)
- DASF: Agents-Core 13.11, Agents-MCP Client 13.32
- AIUC-1: B008, B006