Been reading a bit more on #sprites from #flyio and #Docker Sandboxes.
The gist is trying to isolate as much as possible. So you can run insecure workloads on these environments. Which is usually agentic by default.

Though, for secure workloads, they still make no sense. 😅