If AI is going to work inside a real project, it should not freely modify your main working directory. Your normal checkout may contain uncommitted changes, temporary debugging, unsynced documents, production configuration, or personal scripts. If an AI agent deletes, rewrites, or runs the wrong thing there, accountability becomes messy. That is why a project-specific AI delivery pipeline needs work isolation and stage-gated workers. Isolation is not distrust Isolation does not mean AI will always fail. It is normal engineering practice. Human engineers use branches, PRs, CI, review, and release gates. AI should be placed in a similarly traceable workspace. Isolation can take many forms: a Git branch; a worktree; a slot workspace; a sandbox; a temporary project directory; a dedicated evidence directory; constrained tool permissions. The important point is that AI execution is separated from the user's normal workspace.…