105 dépôts
Secure, isolated environments designed to execute arbitrary scripts or code while preventing unauthorized access to the host system.
Explore 105 awesome GitHub repositories matching devops & infrastructure · Code Execution Sandboxes. Refine with filters or upvote what's useful.
OpenDevin is an autonomous software engineering agent and orchestrator designed to execute coding tasks and manage development workflows using large language models. It functions as a centralized control center for managing and switching between various local and cloud artificial intelligence backends. The system utilizes a Docker sandbox environment to isolate autonomous agents in containers, protecting the host filesystem during code execution. It includes an automated engineering workflow tool that integrates with version control and chat services to trigger tasks via webhooks or scheduled
Runs AI agents in secure, isolated container environments to prevent unauthorized host system access.
Daytona is a cloud-native development environment platform designed to orchestrate ephemeral, containerized workspaces. It provides a centralized system for managing reproducible coding environments as code, ensuring consistency across distributed teams by abstracting the underlying infrastructure. By utilizing declarative configuration, the platform automates the entire lifecycle of development sandboxes, from initial provisioning to resource governance. The platform distinguishes itself through its infrastructure-agnostic runner layer, which allows development environments to be deployed ac
Provides command-line interfaces to interact with and manage isolated code execution sandboxes.
Unsloth is a high-performance training and inference platform designed to optimize the lifecycle of large language and multimodal models. It provides a comprehensive engine for fine-tuning, executing, and managing models locally, with a focus on reducing memory consumption and increasing compute speed on consumer-grade hardware. The platform distinguishes itself through hand-optimized kernels and automated computational graph techniques that maximize hardware throughput. It supports advanced training methodologies, including reinforcement learning for reasoning and efficient adapter-based fin
Runs isolated Bash and Python scripts to verify model outputs, generate files, and perform computations securely.
Open Interpreter is a local language model agent framework that enables the deployment of autonomous agents capable of controlling a local operating system and its applications. It provides an execution environment where language models can run code and scripts directly on a computer to automate system tasks. The framework includes a computer control interface that allows language models to interact with web browsers and native user interfaces through programmatic commands. To ensure system stability, it utilizes a secure sandbox environment for the execution of model-generated code. The sys
Runs model-generated scripts in a secure, isolated native environment to ensure system stability.
Open Interpreter is a coding agent that uses large language models to write and execute code directly on a local host machine. It functions as a system for performing operating system tasks and file manipulations through a natural language interface. The project features a model orchestrator that allows switching between different language model providers and emulation harnesses. It employs a loop-based reasoning process to iteratively generate code and process execution output until a goal is achieved. Its capabilities include cross-platform system automation, local model integration for da
Runs generated commands within a native sandbox on the host machine to perform system tasks.
Open Interpreter is an autonomous agent runtime that translates natural language instructions into executable code to interact with local software and operating systems. It functions as an orchestration framework that connects language models to a secure execution environment, enabling the development of agents capable of managing system resources and performing complex tasks. To ensure safety, the system mandates explicit user verification before executing any generated code and provides robust isolation through containerized sandboxing. The project distinguishes itself through its deep inte
Sandboxes arbitrary script execution within isolated environments to protect the underlying host system.
This project is an interactive coding learning platform and open-source educational courseware designed for mastering web development. It provides a browser-based environment where users can engage with a structured curriculum covering front-end, back-end, and data visualization skills through hands-on exercises. The platform distinguishes itself by integrating a browser-based code sandbox and a nonprofit technical partnership portal. This framework allows learners to transition from guided lessons to building and maintaining real-world software applications for nonprofit organizations. The
Provides secure, isolated code execution sandboxes within the browser to prevent security leaks from user-submitted code.
AstrBot is an orchestration framework designed for building and managing autonomous agents that integrate multimodal artificial intelligence with secure, isolated execution environments. It serves as a platform for coordinating complex agentic workflows, allowing users to connect diverse language, speech, and vision models while maintaining personalized agent personas and domain-specific knowledge bases. The platform distinguishes itself through a modular plugin architecture and a centralized visual dashboard, which together enable users to extend agent capabilities and manage operational set
Runs untrusted agent-generated code within isolated environments to protect the host system from unauthorized access and instability.
Danswer is an LLM application framework and RAG engine that provides a self-hosted interface for connecting large language models to private data. It serves as an enterprise AI chat interface and agent orchestrator, enabling the creation of specialized assistants with custom instructions and knowledge bases. The platform differentiates itself through an observability dashboard for tracking query history and token consumption, as well as a white-labeled interface for customized branding. It includes a multi-step research workflow for producing long-form reports and a sandboxed environment for
Provides isolated environments to securely execute code for data analysis and graph generation.
Nanoclaw is an LLM agent orchestrator and multi-platform chat gateway designed to deploy and manage isolated AI agents. It provides a containerized runtime that executes agents within sandboxed Linux containers, ensuring filesystem and state isolation through dedicated workspaces and host bind-mounts. The project distinguishes itself through a unified routing pipeline that connects agents to diverse messaging platforms, including WhatsApp, Discord, Slack, Telegram, Signal, and iMessage. It integrates the Model Context Protocol to extend agent capabilities via managed external data and functio
Limits agent filesystem access to a specific allowlist of directories to prevent host system corruption.
This project is a Python framework for building autonomous, event-driven agent systems. It provides a unified runtime for orchestrating multi-agent workflows, managing persistent conversation state, and executing code within secure, isolated sandbox environments. The framework is designed to handle complex task delegation, allowing agents to invoke other agents as tools while maintaining context across multi-turn interactions. The framework distinguishes itself through its deep integration with the Model Context Protocol, enabling agents to connect to external data sources and remote services
Executes untrusted code and system operations in isolated, ephemeral environments to safely perform computations.
AgentScope is a multi-agent framework and orchestration platform designed for building and coordinating teams of language model agents. It provides a system for managing multiple agents that collaborate to solve complex tasks through structured communication and state sharing. The project distinguishes itself with a focus on production-ready deployment and security, featuring a multi-tenant hosting service that ensures session isolation between different users. It includes a sandboxed tool execution environment and fine-grained permission controls to manage how agents access system resources
Implements a security layer that runs tools and custom code in isolated environments to prevent system interference.
FastMCP is a Python framework designed for building servers that expose functions, resources, and prompts to AI models using the Model Context Protocol. It simplifies the development process by automatically deriving tool metadata, input schemas, and documentation directly from Python function signatures and type hints. The framework provides a unified container for managing these components, allowing developers to build modular applications that integrate seamlessly with AI assistants. The project distinguishes itself through its support for interactive, server-defined user interface compone
Executes LLM-generated Python code within isolated, resource-constrained sandbox environments.
Forem is an open-source platform designed for building and managing technical communities. It functions as a social publishing engine that enables members to share long-form content, participate in threaded discussions, and engage through social interactions. The platform provides tools for organizations to maintain branded profiles, host community hackathons, and facilitate collaborative learning through structured educational tracks. Beyond its social features, Forem integrates advanced capabilities for AI agent workflow orchestration and codebase knowledge graphing. It allows developers to
Runs agent-generated code within secure, isolated environments to prevent unauthorized access to host infrastructure.
Letta is a framework for building, deploying, and managing autonomous AI agents that maintain persistent state across long-term interactions. It provides a comprehensive suite of primitives for defining agents with configurable personas, modular memory blocks, and tool-use capabilities, enabling them to retain user preferences and conversation history over extended sessions. The platform distinguishes itself through its advanced memory management and orchestration capabilities. It allows agents to autonomously update their own memory, perform retrieval-augmented generation, and coordinate com
Runs code in multiple programming languages within a secure, isolated environment to perform computations, data analysis, or external API interactions.
Claude Code Templates is a comprehensive framework for orchestrating specialized AI agents and automating development workflows within local environments. It provides a structured system for defining, configuring, and deploying AI personas that handle specific technical tasks, ranging from backend architecture and frontend implementation to security auditing and infrastructure management. The project distinguishes itself through a configuration-driven approach that allows teams to standardize development environments and share reusable agent definitions across projects. It includes a robust C
Runs code and system tasks within secure, restricted environments to protect the host system from unauthorized operations.
Activepieces is an open-source, self-hosted workflow automation platform designed to connect third-party applications through modular triggers and actions. It provides a low-code integration framework that allows users to build, manage, and execute complex business logic sequences within isolated, sandboxed environments. The platform distinguishes itself through its focus on embeddability and enterprise-grade security. It features an embedded automation builder that can be integrated into external applications via iframes, supported by comprehensive identity and access management tools such a
Executes user-defined code and integration logic within isolated containers to ensure system security.
Devika is an autonomous AI software engineering system designed to plan, write, and debug code from high-level natural language instructions. It functions as an agentic software engineer that decomposes complex objectives into actionable coding steps for autonomous execution. The system integrates cloud-based and self-hosted large language models through a provider-agnostic layer, allowing for multi-model reasoning and code completion. It distinguishes itself by combining these models with a sandboxed execution environment for running code across different operating systems and a web-browsing
Runs AI-generated code within secure, isolated environments across different operating systems with real-time output streaming.
FlameGraph is a performance profiling and visualization toolkit designed to identify bottlenecks in software execution. It functions as a processing engine that transforms raw stack trace samples into interactive, hierarchical diagrams. By representing aggregated execution frequency as nested rectangles, the tool allows developers to visualize hot code paths and analyze system behavior across both kernel and user-space environments. The project distinguishes itself through its ability to perform differential profile analysis, which highlights performance regressions or improvements by compari
Executes diagnostic programs within a secure, verified kernel environment to prevent system instability.
Qwen-code is an AI-powered development framework designed for orchestrating intelligent coding agents within terminal and IDE environments. It provides a comprehensive infrastructure for automating software maintenance, code generation, and complex refactoring tasks by managing multi-agent workflows and persistent session states. The system is built to handle both interactive development and automated background processes, ensuring that agents can execute shell commands and file operations safely within isolated, sandboxed environments. What distinguishes this project is its focus on granular
Executes code and shell commands within isolated sandboxes to ensure system security.