OpenScience is an open-source workbench that aims to connect a research loop: literature work, hypotheses, code, experiments, analysis, and write-ups. Its architecture places an agent runtime next to tools for shell access, editing, LSP, MCP, and scientific connectors. That makes it a useful project to study even before deciding whether to adopt it.
The most important part of its public documentation is not the feature list. Its security document says the agent can run shell commands, read and write files, and access the web. It also says that the permission system is not an isolation boundary; for real isolation, use a container or VM.
That distinction is worth carrying into every tool-using agent evaluation.
Top comments (1)
That distinction matters. A research workbench can still touch sensitive context, external sources, generated claims, and decisions that later move into production.
Calling it a sandbox can make teams under-specify permissions and logging. The safer framing is: this is a lower-risk workspace, but it still needs boundaries, provenance, and a clear path for what graduates into real work.