The sandbox approach mentioned by @arty_prof is essential, but there’s also the 'Data Leakage' side of the coin.
If an LLM agent has access to your local filesystem to 'help' with code, it essentially has a map of your credentials.
Aside from Dockerizing everything, are people using localized, air-gapped LLMs for sensitive security logic to prevent the 'Phone Home' risk entirely? Curious if anyone has successfully integrated something like Ollama into their dev-flow for this specific reason.
Restrict any db operations, for example restrict to run migrations with prisma orm.
Also restrict access to .env or your project configuration with credentials even for dev environment.