There's a conversation developers keep having right now, and it's the same conversation in three different disguises. "How do I run this AI agent without it nuking my repo?" "How do I try this MCP server without handing a stranger's code my shell?"
"How do I check out this random GitHub project without installing half of it into my laptop?" Three questions, one answer. All three are untrusted code