The capability ceiling — how ACT sandboxes third-party tools

Handing a third-party tool to your AI agent is the same problem as handing a third-party binary to cron. The tool's author may be a good actor or not. The agent may misuse the tool or not. The operator - you - wants a floor on how bad either outcome can get. ACT's policy layer is about installing that floor. This post walks through how it works, from the wasmtime VM up to the DNS resolver.