Most coding agents default to running generated code with full access to secrets, creating a major risk for data exfiltration. It's essential that developers are deliberate in defining and enforcing security boundaries. How we're thinking about this ↓