You wake up, open X, and see the post: new tool/model just dropped. By the time you finish your coffee, it’s installed, pointed at your repo, and already making “helpful” suggestions. It works. It feels safe. But what did you actually just hand over access to, and how would you even notice if it crossed a line?

In this talk, we’ll uncover why testing every new AI model or AI tool can quietly introduce serious security risks. Using real example inspired by incidents like OpenClaw, we’ll show how AI systems can access internal data, influence code paths, and create vulnerabilities without ever asking for permission.

We’ll discuss why experimentation without guardrails can bypass existing security controls and normalise unsafe patterns. Most importantly, focusing on what teams can do instead. The talk includes a live walkthrough using the Kubernetes agent-sandbox project to showcase how AI agents can be isolated, sandboxed, and constrained with clear boundaries.