Rate Limiting & Sandboxing

Rate Limiting & Sandboxing

To prevent DoS and lateral exploitation, tools and agents should run in isolated sandboxes and adhere to rate-limiting quotas.

Sandboxing Approaches:

  • Docker + seccomp profiles
  • gVisor or Firecracker for syscall isolation
  • Python: subprocess with chroot or jail + resource cgroups

Rate Limiting Dimensions:

  • Per-user call limit (e.g., 100 tasks/hour)
  • Per-model or per-tool CPU time
  • Concurrent tool chain length

Advanced Option:
Implement circuit breakers, if a workflow exceeds a threshold (latency, depth, memory), auto-abort and log.

ON THIS PAGE