awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

41 repositorios

Awesome GitHub RepositoriesSecure Execution Environments

Isolated runtimes designed to execute scripts safely within protected boundaries.

Distinguishing note: Focuses on the security and isolation of the execution environment rather than general script runners.

Explore 41 awesome GitHub repositories matching security & cryptography · Secure Execution Environments. Refine with filters or upvote what's useful.

Awesome Secure Execution Environments GitHub Repositories

Encuentra los mejores repositorios con IA.Buscaremos los repositorios que mejor coincidan usando IA.
  • microsoft/ai-agents-for-beginnersAvatar de microsoft

    microsoft/ai-agents-for-beginners

    67,369Ver en GitHub↗

    This project is a structured educational resource and technical guide for designing and implementing autonomous systems using large language models. It provides a comprehensive curriculum and code samples focused on agentic design patterns, autonomous development, and the creation of systems capable of planning and executing multi-step tasks. The resource details the implementation of agentic retrieval-augmented generation, where models autonomously plan and refine data searches. It covers a wide array of orchestrators and design patterns, including metacognitive reflection for self-correctin

    Utilizes sandbox environments and runtime state objects to isolate task execution and prevent context clutter.

    Jupyter Notebookagentic-aiagentic-frameworkagentic-rag
    Ver en GitHub↗67,369
  • heyputer/puterAvatar de HeyPuter

    HeyPuter/puter

    42,318Ver en GitHub↗

    Puter is a browser-based desktop environment and cloud-native development platform that provides a virtualized graphical workspace. It enables developers to build and deploy full-stack web applications by integrating cloud storage, authentication, and serverless backend logic directly into the browser, eliminating the need for traditional server infrastructure. The platform distinguishes itself through a unified cloud storage layer and a distributed network runtime that facilitates peer-to-peer communication and cross-origin resource fetching. It features a sophisticated cross-window orchestr

    Executes high-performance scripts within a protected and isolated environment to build scalable applications.

    TypeScriptcloudcloud-oscloud-storage
    Ver en GitHub↗42,318
  • qwibitai/nanoclawAvatar de qwibitai

    qwibitai/nanoclaw

    29,956Ver en GitHub↗

    Nanoclaw is an LLM agent orchestrator and multi-platform chat gateway designed to deploy and manage isolated AI agents. It provides a containerized runtime that executes agents within sandboxed Linux containers, ensuring filesystem and state isolation through dedicated workspaces and host bind-mounts. The project distinguishes itself through a unified routing pipeline that connects agents to diverse messaging platforms, including WhatsApp, Discord, Slack, Telegram, Signal, and iMessage. It integrates the Model Context Protocol to extend agent capabilities via managed external data and functio

    Runs agents in isolated runtimes specifically configured for their lifecycle and resource needs.

    TypeScriptai-agentsai-assistantclaude-code
    Ver en GitHub↗29,956
  • gitlawb/openclaudeAvatar de Gitlawb

    Gitlawb/openclaude

    28,988Ver en GitHub↗

    OpenClaude is an LLM orchestration interface and multi-provider AI gateway that connects various AI providers and local models to an integrated tool suite. It functions as an agentic tool execution environment and a system for AI-powered code editor integration, enabling in-editor chat and automated coding tasks. The project provides a gRPC AI agent service that exposes model capabilities and file editing tools to external applications as a headless service. It also includes a configuration layer for managing provider credentials and routing specific agents to different model APIs. The syste

    Provides a runtime environment specifically configured for executing model-driven shell and file system operations.

    TypeScriptaiai-agentai-tools
    Ver en GitHub↗28,988
  • openai/openai-agents-pythonAvatar de openai

    openai/openai-agents-python

    27,191Ver en GitHub↗

    This project is a Python framework for building autonomous, event-driven agent systems. It provides a unified runtime for orchestrating multi-agent workflows, managing persistent conversation state, and executing code within secure, isolated sandbox environments. The framework is designed to handle complex task delegation, allowing agents to invoke other agents as tools while maintaining context across multi-turn interactions. The framework distinguishes itself through its deep integration with the Model Context Protocol, enabling agents to connect to external data sources and remote services

    Provides secure, isolated workspaces for executing agent tasks and managing file operations.

    Pythonagentsaiframework
    Ver en GitHub↗27,191
  • modelscope/agentscopeAvatar de modelscope

    modelscope/agentscope

    26,928Ver en GitHub↗

    AgentScope is a multi-agent framework and orchestration platform designed for building and coordinating teams of language model agents. It provides a system for managing multiple agents that collaborate to solve complex tasks through structured communication and state sharing. The project distinguishes itself with a focus on production-ready deployment and security, featuring a multi-tenant hosting service that ensures session isolation between different users. It includes a sandboxed tool execution environment and fine-grained permission controls to manage how agents access system resources

    Provides isolated runtimes for running agent-driven code with fine-grained control over system resource permissions.

    Python
    Ver en GitHub↗26,928
  • yeasy/docker_practiceAvatar de yeasy

    yeasy/docker_practice

    26,111Ver en GitHub↗

    This project is a Docker educational resource and a collection of practical examples designed for learning containerization technologies. It serves as a guide for understanding container fundamentals, including the creation and management of custom images and the use of registries. The repository provides specialized references for container security hardening, such as managing kernel privileges and implementing supply chain security. It also includes tutorials for multi-container orchestration and a DevOps guide focused on CI/CD automation and image optimization. The material covers a broad

    Configures isolated runtimes and execution policy engines to secure autonomous agent tasks.

    Gobookcloud-computingcontainer
    Ver en GitHub↗26,111
  • forem/foremAvatar de forem

    forem/forem

    22,726Ver en GitHub↗

    Forem is an open-source platform designed for building and managing technical communities. It functions as a social publishing engine that enables members to share long-form content, participate in threaded discussions, and engage through social interactions. The platform provides tools for organizations to maintain branded profiles, host community hackathons, and facilitate collaborative learning through structured educational tracks. Beyond its social features, Forem integrates advanced capabilities for AI agent workflow orchestration and codebase knowledge graphing. It allows developers to

    Protects system integrity by running agent-generated code within isolated, secure execution environments.

    Rubycommunitydiscussionfeedback
    Ver en GitHub↗22,726
  • googlecontainertools/distrolessAvatar de GoogleContainerTools

    GoogleContainerTools/distroless

    22,254Ver en GitHub↗

    Distroless provides a collection of security-hardened, minimal base container images designed to reduce attack surfaces by excluding non-essential system utilities, package managers, and shells. These images are constructed to contain only an application and its specific runtime dependencies, enforcing the principle of least privilege by configuring environments for non-root execution. The project distinguishes itself through a focus on supply chain integrity and reproducible builds. It utilizes declarative build configurations to track package versions and validates container image integrity

    Deploys production applications within hardened, non-root execution environments that exclude unnecessary system tools.

    Starlarkbazeldocker
    Ver en GitHub↗22,254
  • nvidia/nemoclawAvatar de NVIDIA

    NVIDIA/NemoClaw

    21,237Ver en GitHub↗

    NemoClaw is an LLM agent orchestrator and sandboxed execution environment designed to deploy and manage the lifecycles of large language model agents. It provides a secure runtime that isolates persistent agents from the underlying host system to ensure operational security. The system includes a secure LLM inference gateway that acts as a managed routing layer, securing communication between AI agents and inference engines to prevent unauthorized access. It also integrates with NVIDIA OpenShell to run specialized agents within a secure shell environment. Operational control is provided thro

    Maintains long-running agent states within secure containers to support continuous operation without context loss.

    TypeScriptai-agentsnvidiaopenclaw
    Ver en GitHub↗21,237
  • agent0ai/agent-zeroAvatar de agent0ai

    agent0ai/agent-zero

    18,103Ver en GitHub↗

    Agent Zero is an autonomous AI agent framework designed to execute complex, multi-step workflows by managing its own environment, persistent memory, and external tool interactions. It functions as a Python-based automation library that enables agents to write code, execute terminal commands, and perform system-level tasks independently. The system is built to handle large-scale operations through hierarchical agent delegation, allowing for the coordination of subordinate agents to maintain focus and context. The platform distinguishes itself through a focus on secure, isolated execution and s

    Executes autonomous scripts and system-level commands within a sandboxed environment to ensure secure and isolated operations.

    Pythonagentaiassistant
    Ver en GitHub↗18,103
  • rightnow-ai/openfangAvatar de RightNow-AI

    RightNow-AI/openfang

    17,834Ver en GitHub↗

    OpenFang is an operating system for LLM agents designed to orchestrate autonomous agents with built-in task scheduling, tool sandboxing, and multi-model routing. It provides a secure AI execution environment that integrates prompt injection scanning, cryptographic audit trails, and resource metering to ensure controlled processing. The platform distinguishes itself through a comprehensive security architecture, featuring fuel-metered tool sandboxing and an immutable activity audit trail based on cryptographic hash-chains. It implements high-assurance identity verification via signed manifests

    Implements an isolated runtime for agents featuring prompt injection scanning and resource metering.

    Rustagent-frameworkai-agentsllm
    Ver en GitHub↗17,834
  • anthropics/claude-quickstartsAvatar de anthropics

    anthropics/claude-quickstarts

    17,085Ver en GitHub↗

    Claude Quickstarts is a development framework and collection of reference implementations designed for building autonomous agents. It provides the foundational patterns necessary to orchestrate multi-agent workflows, enabling models to perform complex, multi-step tasks across software engineering, customer support, and computer-use domains. The platform distinguishes itself through specialized capabilities for desktop and browser automation, allowing agents to interact with graphical interfaces by capturing visual context and executing precise mouse and keyboard inputs. It includes robust inf

    Packages agents into containerized templates to ensure secure and consistent execution environments.

    Python
    Ver en GitHub↗17,085
  • hkuds/deepcodeAvatar de HKUDS

    HKUDS/DeepCode

    14,539Ver en GitHub↗

    DeepCode is an agentic development framework designed to orchestrate autonomous AI agents for software engineering tasks. It functions as a multi-agent workflow orchestrator that translates natural language requirements into functional codebases by coordinating specialized agents for architectural planning, intent analysis, and implementation. The platform integrates multiple language models to power these automated routines, providing a unified environment for complex development projects. The system distinguishes itself through its ability to transform academic research papers into executab

    Provides configuration settings for operational environments, model selection, and response constraints for autonomous coding agents.

    Pythonagentic-codingllm-agent
    Ver en GitHub↗14,539
  • crowdsecurity/crowdsecAvatar de crowdsecurity

    crowdsecurity/crowdsec

    12,574Ver en GitHub↗

    CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection. It functions as an intrusion detection system that parses logs and network traffic to identify malicious patterns, utilizing a bucket-based threshold detection model to aggregate events and trigger alerts. The platform is built on a modular architecture that includes a centralized local API server for managing security signals and a relational database for persistent storage of remediation decisions. What distinguishes the project is its decoupled enforcement model, which offl

    Runs automated logic before, during, or after request evaluation to dynamically adjust security rules and remediation actions.

    Goattacks-preventiondetectionids
    Ver en GitHub↗12,574
  • nearai/ironclawAvatar de nearai

    nearai/ironclaw

    12,456Ver en GitHub↗

    Ironclaw is an LLM orchestration framework and AI agent gateway designed to connect large language models with external tools, messaging interfaces, and persistent memory systems. It functions as a communication layer that routes interactions between users and AI models via HTTP webhooks and various messaging channels. The system focuses on secure tool execution through a WebAssembly sandbox and isolated containers, which allows the framework to run untrusted code and dynamically generate new tools from natural language descriptions. Security middleware provides prompt injection defense and s

    Runs untrusted code in isolated, resource-constrained environments to expand AI capabilities without compromising the host.

    Rust
    Ver en GitHub↗12,456
  • alibaba/opensandboxAvatar de alibaba

    alibaba/OpenSandbox

    11,682Ver en GitHub↗

    OpenSandbox is a secure sandbox runtime and containerized code execution engine designed to run AI-generated code and scripts in isolated environments. It serves as a workload orchestrator that prevents host system contamination by utilizing kernel-level isolation to execute arbitrary commands and scripts. The project distinguishes itself by providing a model context server that bridges large language models to the sandbox for performing file operations and system commands. It also includes a remote GUI sandbox that supports browser automation and desktop interfaces via remote access protocol

    Provides isolated runtimes designed to execute AI-generated scripts safely within protected boundaries to prevent host system contamination.

    Python
    Ver en GitHub↗11,682
  • e2b-dev/e2bAvatar de e2b-dev

    e2b-dev/E2B

    10,950Ver en GitHub↗

    E2B is a cloud-based infrastructure platform designed to provide secure, isolated execution environments for code and shell commands. It functions as an ephemeral orchestrator that provisions lightweight virtual machines, allowing developers and autonomous agents to run untrusted processes within a sandbox that is completely separated from the host system. The platform distinguishes itself through its focus on programmable, serverless workspaces that support the full lifecycle of cloud-based development. By utilizing hardware-level isolation and snapshot-based resumption, it enables the near-

    Provides programmable workspaces for autonomous agents to run untrusted code securely.

    MDXagentaiai-agent
    Ver en GitHub↗10,950
  • wasmedge/wasmedgeAvatar de WasmEdge

    WasmEdge/WasmEdge

    10,665Ver en GitHub↗

    WasmEdge is an extensible WebAssembly runtime that executes WebAssembly bytecode in a secure sandbox for cloud, edge, and embedded applications. It functions as a multi-language compiler, compiling applications written in Rust, JavaScript, Go, and Python into WebAssembly bytecode for sandboxed execution, and as a server-side JavaScript runtime that runs JavaScript programs with ES6 modules, NPM packages, and Node.js-compatible APIs. The runtime also serves as an AI inference runtime, executing AI models from JavaScript using WASI-NN plug-ins for inference tasks on personal devices and edge har

    Applies security measures to ensure safe execution of any WebAssembly module, protecting the host system.

    C++artificial-intelligencecloudcloud-native
    Ver en GitHub↗10,665
  • android/ndk-samplesAvatar de android

    android/ndk-samples

    10,513Ver en GitHub↗

    The Android NDK samples provide a comprehensive collection of code examples demonstrating how to integrate C and C++ native code into Android applications. This repository serves as a practical guide for developers utilizing the Android Native Development Kit to implement performance-critical application components that require direct hardware access and low-level system interaction. The project highlights the use of the Java Native Interface to bridge managed code with native modules, enabling cross-language function calls and efficient data exchange. It demonstrates how to manage native act

    Defends against memory-based attack vectors using hardware-level protection features on supported processors.

    C++
    Ver en GitHub↗10,513
Ant.123Siguiente
  1. Home
  2. Security & Cryptography
  3. Secure Execution Environments

Explorar subetiquetas

  • Agent Execution Environments2 sub-etiquetasIsolated runtimes specifically configured for running autonomous agents and their associated tasks. **Distinct from Secure Execution Environments:** Distinct from general secure execution environments: specifically tailored for the lifecycle and resource needs of AI agents.
  • Security Hook Frameworks1 sub-etiquetaInterfaces for running custom logic during request evaluation to adjust security behavior. **Distinct from Secure Execution Environments:** Distinct from Secure Execution Environments: focuses on lifecycle hooks rather than runtime isolation.