# Docker AI, what’s new with MCP, Agents, Sandboxes, and more

Page: https://stenobird.com/podcast/devops-and-docker-talk-cloud-native-interviews-and-tooling/docker-ai-what-s-new-with-mcp-agents-sandboxes-and-more
Text version: https://stenobird.com/podcast/devops-and-docker-talk-cloud-native-interviews-and-tooling/docker-ai-what-s-new-with-mcp-agents-sandboxes-and-more.md
Podcast: [DevOps and Docker Talk: Cloud Native Interviews and Tooling](https://stenobird.com/podcast/devops-and-docker-talk-cloud-native-interviews-and-tooling)
Published: 2026-04-07T18:09:00+00:00
Episode link: https://podcast.bretfisher.com/episodes/docker-ai-what-s-new-with-mcp-agents-sandboxes-and-more
Audio file: https://media.transistor.fm/9f9fbfbd/aec78fc6.mp3
Processing state: processed
JSON: https://stenobird.com/v1/public/podcasts/devops-and-docker-talk-cloud-native-interviews-and-tooling/episodes/docker-ai-what-s-new-with-mcp-agents-sandboxes-and-more
Duration seconds: 4718

## Resource

Docker is evolving from a container runtime into a critical security and orchestration layer for AI agents. This episode explores how Docker Sandboxes and Hardened Images provide the necessary isolation and governance for running autonomous LLM workflows.

## Highlights
- Main idea: Docker Sandboxes provide a micro-VM environment to execute AI agents with network and filesystem isolation
- Practical takeaway: Use Docker Hardened Images to reduce the attack surface of your production workloads by minimizing CVE counts
- Failure mode: Relying solely on LLM-native permission models (like Claude's) is insufficient against sophisticated prompt injection attacks
- Main idea: The Model Context Protocol (MCP) Toolkit enables dynamic discovery of tools and servers for AI agents within Docker
- Practical takeaway: Implement Docker Agent with GitHub Actions to automate PR reviews and documentation consistency checks

## Topics

Docker Sandboxes, AI Agents, Model Context Protocol, DevOps Automation, Container Security, Hardened Images, LLM Orchestration, Agentic DevOps

## Chapters
- 1:00 — Docker's AI Evolution: An overview of Docker's recent release cycle, moving beyond container management into specialized AI tooling and product lines.
- 13:00 — Docker Hardened Images: A deep dive into the ecosystem of hardened system packages and the availability of free vs. paid catalog options.
- 25:05 — The Shift to Agentic DevOps: Discussing the rapid adoption of new AI paradigms and the need for tools that manage autonomous command execution.
- 37:20 — Docker Sandboxes & Security: Exploring the necessity of multiple isolated sandboxes to prevent agents from accessing sensitive host data or cross-pollinating environments.
- 43:00 — Model Runner & MCP Integration: Technical details on running models via Docker Model Runner and using the MCP Toolkit for tool discovery.
- 1:00:20 — Automating the SDLC with Cagent: How the Docker Agent and GitHub Actions can automate documentation scans and pull request reviews.
- 1:12:20 — The Future of AI Governance: Reflecting on the 'early PHP days' of AI and the critical need for infrastructure that segments human access from AI access.

## Actions

- request_transcript: `POST https://stenobird.com/v1/public/podcasts/devops-and-docker-talk-cloud-native-interviews-and-tooling/episodes/docker-ai-what-s-new-with-mcp-agents-sandboxes-and-more/transcription-requests` — Idempotently request low-priority transcript generation for this episode.
- read_markdown: `GET https://stenobird.com/podcast/devops-and-docker-talk-cloud-native-interviews-and-tooling/docker-ai-what-s-new-with-mcp-agents-sandboxes-and-more.md` — Read the agent-friendly Markdown representation of this episode resource.

A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed.

## Transcript

Full transcripts are not published on public pages unless there is a clear rights basis.