Definition
Plain language
A scratch copy where an AI agent's risky edit is tried out and cleaned before it touches the real files.
As stated in the literature
In DASGuard, a sandboxed duplicate where a proposed file write is applied and the changed spans scanned, so a sanitized version can be committed to the real workspace rather than blocked outright.
Why it matters: It lets a defense fix a risky edit and keep the safe parts rather than blocking the whole action, so security doesn't come at the cost of usefulness.
For example, before letting an agent overwrite a real document, the system applies the change in a throwaway copy first to inspect and clean it.
Heard on the show
“It uses what they call a shadow workspace: it applies the proposed edit to a shadow copy first, scans just the changed parts, and then commits a cleaned version to the real workspace.”Episode 105 — The Trojan Is Your Agent's Memory: Why Single-Step Defenses Miss Persistent Attacks