Containment
vm-7f3a
Sealed
Secret
OPENAI_API_KEY
=
••••••••
Secret
DATABASE_URL
=
••••••••
reveal
main.js
/tmp · ephemeral
0 files
empty · wiped on teardown
$ probe the boundary…
GET sdk.vercel.ai
GET api.github.com
write /tmp
Teardown
Allowlisted egress passes · everything else hits the wall