aigate drops kernel sandbox for AI agents

This is a smart response to the biggest unresolved problem in local AI tooling: the model is not the security boundary, the kernel is. If aigate works reliably in practice, it turns AI-agent safety from “please behave” into enforceable policy.

• –The pitch is unusually concrete: deny reads on `.env`, `secrets/`, and `*.pem`, then block `curl`, `wget`, and `ssh` before the agent ever gets a chance to exfiltrate anything
• –It targets real developer workflows by wrapping existing tools instead of asking teams to switch editors or agent stacks
• –Linux support looks strongest, with mount namespaces, network namespaces, and cgroups v2 giving it more than just file-level protection
• –The open-source angle matters here because developers can inspect the enforcement model instead of trusting another opaque security layer
• –The main question is adoption friction: anything that needs `sudo` setup and OS-specific primitives has to be dead simple or most developers will fall back to weaker defaults