zlacker

[return to "Deno Sandbox"]
1. emschw+Hb[view] [source] 2026-02-03 18:16:54
>>johnsp+(OP)
> In Deno Sandbox, secrets never enter the environment. Code sees only a placeholder

> The real key materializes only when the sandbox makes an outbound request to an approved host. If prompt-injected code tries to exfiltrate that placeholder to evil.com? Useless.

That seems clever.

◧◩
2. Tepix+mf[view] [source] 2026-02-03 18:29:45
>>emschw+Hb
It must be performing a man-in-the-middle for HTTPS requests. That makes it more difficult to do things like certificate pinning.
[go to top]