The agent’s hands move in your house — the brain stays elsewhere
Anthropic isn’t shipping a model here; it’s building the wall around it: Self-Hosted Sandboxes and MCP Tunnels. Tool execution moves into your infrastructure, a tunnel opens exactly one outbound channel — no inbound ports. Cloudflare transports the traffic but cannot read the payloads.
We separate cleanly what is documented — and what isn’t:
- Documented: in-house tool execution, three security layers (outer mTLS, inner TLS, per-server OAuth), encrypted transport.
- Not (fully) solved: the agent loop stays at Anthropic — orchestration metadata still flows there. Beta/preview is not a certified, contract-ready state.
In a regulated setting the first question is never “how good is the model?”
It’s: who accessed which data, when, with what authorisation — and can you reconstruct that without gaps? That’s why the guide doesn’t end at “it runs”; it ends at a GDPR reality check and an acceptance matrix.
The complete PoC guide
The full hands-on guide takes you from zero to a running, verifiable setup — copy-paste-ready Docker/TLS setup, seven steps with checkpoints, plus the compliance reality check. Print-optimised below as a PDF.
Evaluating this for regulated health data? We’re happy to book a free demo call and walk the loop boundary with you.
Read the full article — sign up free
The full article is member content. Magic-link login, no credit card, no risk — and the rest of the article is readable immediately.