https://www.blog-des-telecoms.com/tags/ai/Recent content in AI on Mathias WOLFFHugofr<a href="https://www.blog-des-telecoms.com">Blog des télécoms</a> © 2009 - 2026 by <a href="https://www.linkedin.com/in/mathias-wolff-47a7941/">Mathias WOLFF</a> is licensed under <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/">CC BY-NC-SA 4.0</a><img src="https://mirrors.creativecommons.org/presskit/icons/cc.svg" style="max-width: 1em;max-height:1em;margin-left: .2em;"><img src="https://mirrors.creativecommons.org/presskit/icons/by.svg" style="max-width: 1em;max-height:1em;margin-left: .2em;"><img src="https://mirrors.creativecommons.org/presskit/icons/nc.svg" style="max-width: 1em;max-height:1em;margin-left: .2em;"><img src="https://mirrors.creativecommons.org/presskit/icons/sa.svg" style="max-width: 1em;max-height:1em;margin-left: .2em;">Sun, 03 May 2026 15:33:48 +0200https://www.blog-des-telecoms.com/blog/securing-pi-ai-coding-agent-greywall/Sun, 03 May 2026 10:00:00 +0200https://www.blog-des-telecoms.com/blog/securing-pi-ai-coding-agent-greywall/<p><strong>AI coding agents</strong> like <strong>pi</strong> have become essential daily companions. But by default, <strong>pi</strong> runs in <strong>YOLO</strong> mode: full <strong>filesystem</strong> access, unrestricted command execution, no permissions. It&rsquo;s a deliberate design choice by its creator, but this freedom comes with real risks. Today, let&rsquo;s explore <strong>Greywall</strong>, a tool that <strong>sandboxes</strong> pi using a <strong>deny-by-default</strong> approach at the <strong>kernel</strong> level.</p> <h2 id="why-sandbox-an-ai-coding-agent">Why Sandbox an AI Coding Agent?<a href="#why-sandbox-an-ai-coding-agent" class="post-heading__anchor" aria-hidden="true">#</a> </h2> <p><strong>pi</strong> in YOLO mode is convenient but risky. Without restrictions, the agent can:</p>