Agentic programming workflows rather remind me of genetic programming. The agent has a validation step that looks like a fitness function, and both run iterative trials.
I find it odd that people recommend Docker for sandboxing agentic coding tools. Isn't it easier to just create a separate user account on the machine?
It's an established security boundary, and viewing output is easy (just make the user's home directory world readable).