Enterprises have been hesitant to connect AI agents to internal APIs due to security concerns around credential management, as compromised agents can misuse authentication tokens. Anthropic is addressing this issue with self-hosted sandboxes and MCP tunnels, which allow tool execution within the enterprise's infrastructure and connect agents to private servers without exposing credentials, thereby improving security and control over agent workflows.
For enterprises deploying AI agents, the key action is to leverage Anthropic's self-hosted sandboxes to keep tool execution within your own infrastructure, thus securing credentials by moving control to the network boundary. This approach changes the threat model significantly by preventing sensitive credentials from being exposed in the agent's context, unlike traditional sandbox methods. Start by implementing sandboxes in your infrastructure, given their availability in public beta, to enhance your deployment security before exploring MCP tunnels, which remain in research preview.