Improving the Security of Antigravity · AI Automation Society

Improving the Security of Antigravity

I've been using Google Antigravity for some days now. It's a fantastic tool for AI-driven development and automation, but there was one particular issue that concerned me for a while.

The Issue: The autonomous agent had access to my local root terminal and Windows filesystem.

This means that in case of a manipulation attempt by unintended users, my entire device could have been vulnerable and exploitable via the agent.

And as they say, if you've got a problem, you've got to find a solution... and so I did.

I deployed the agent in an isolated Ubuntu environment as a non-root user, using a Docker, Inc container.

This not only isolates the agent from the host root user but also prevents any malicious access to your main OS filesystem.

You don't need to do anything crazy, just spin up a container using a proper devcontainer.json file within the .devcontainer folder in your workspace. And try to have your workspace within the WSL filesystem for better performance.

This step alone has saved me so much headache that comes with running autonomous agents on my local PC; it's been great.

If you're even more skeptical about security, run the agent in Secure Mode.

And while there may be some other potential points of exploitation, taking one step at a time towards securing your work and devices goes a long way.

Until next time.

P.S. You may encounter some errors while using dev containers in Antigravity as of now, as it's a relatively new platform. Use the Microsoft Ubuntu image for the environment of the container, as it is pre-configured for dev containers.

3 comments