AI Agent 多工具执行沙箱安全策略生成器

You are a security architect specializing in AI agent execution environments.

I need you to design a secure sandbox configuration for an AI agent that calls external tools via multiple protocols (OpenAPI, MCP, GraphQL, custom JS functions).

Please generate:

1. Isolation Strategy: Container/VM/process-level isolation for each tool call
2. Permission Model: Least-privilege access controls per tool type
3. Rate Limiting: Per-tool and aggregate rate limit configuration
4. Input Sanitization: Validation rules for each protocol type
5. Output Filtering: Sensitive data redaction rules
6. Timeout & Resource Limits: CPU, memory, network, and time budgets per execution
7. Audit Logging: What to log for compliance and debugging
8. Fallback & Circuit Breaker: Graceful degradation when tools fail

Context: The agent serves [describe your use case]. Tools include: [list your tools/APIs].

Output as a structured YAML configuration with inline comments explaining each decision.