These tools are not designed to roam freely around your computer. They are designed to operate inside boundaries.
The agent works inside a limited environment — usually just the project or folder you gave it. Not your whole computer.
It stops and asks before doing anything consequential. You stay in control of what actually happens.
Configure how autonomous you want it to be. More locked-down for sensitive work, more freedom for routine tasks.
Do not paste or upload anything you would not be comfortable storing in Box, Google Drive, or another shared cloud service.
Do not give it access to email, your bank, payroll, calendars, or other accounts unless that access is truly necessary.
Avoid passwords, API keys, private tokens, SSNs, student records, medical data, and unpublished sensitive documents.
Give it one folder, one repo, or one task first, not your whole machine or all your accounts.
Let it draft, summarize, or prepare actions first; approve important actions yourself.
Safety controls reduce risk, but they do not make the output correct.