docs: clarify sandboxing config option

2026-01-08 21:51:21 +01:00
parent d55750189e
commit 13ddd40a59
3 changed files with 9 additions and 1 deletions
--- a/docs/gateway/sandboxing.md
+++ b/docs/gateway/sandboxing.md
@@ -8,7 +8,10 @@ status: active
 # Sandboxing

 Clawdbot can run **tools inside Docker containers** to reduce blast radius.
-The Gateway stays on the host; tool execution runs in an isolated sandbox.
+This is **optional** and controlled by configuration (`agent.sandbox` or
+`routing.agents[id].sandbox`). If sandboxing is off, tools run on the host.
+The Gateway stays on the host; tool execution runs in an isolated sandbox
+when enabled.

 This is not a perfect security boundary, but it materially limits filesystem
 and process access when the model does something dumb.