30 open-source projects similar to hyperlight-dev/hyperlight, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Hyperlight alternative.
Microsandbox is a runtime for creating and managing lightweight, hardware-isolated virtual machines — called sandboxes — that boot directly from standard OCI container images. Each sandbox runs as its own host process with a separate kernel, filesystem, and network stack, providing process-per-sandbox isolation. The project includes a command-line tool and multi-language SDKs (Rust, TypeScript, Python, Go) for programmatic lifecycle control, and it communicates with sandbox agents over Unix sockets using a CBOR-encoded protocol. What distinguishes Microsandbox is its combination of host-manag
Microsandbox is a microVM sandbox runtime and hardware-isolated code executor designed for running untrusted code. It functions as an embedded virtual machine manager that allows applications to spawn and control lightweight virtual machines directly within code without the need for a background daemon. The system provides a secure execution environment for AI agents by exposing server controls that allow them to execute tools and manage files. It utilizes standard container image formats and volume workflows to initialize guest virtual machines and implements a secret management mechanism th
microsandbox is a platform that runs untrusted code inside hardware-isolated microVMs, each with its own kernel, filesystem, and network stack. It boots directly from standard OCI container images, supports copy-on-write filesystem layers, and integrates with AI agents to execute tool calls and generated code in isolated environments with secret protection. What sets microsandbox apart is its host-side network proxy that enforces firewall rules, intercepts DNS, inspects TLS traffic, and injects secrets at the network boundary without exposing them inside the VM. It provides SSH access to micr
rkt is a pod-native container engine and runtime for Linux that executes containerized applications as isolated pods. It serves as an OCI container runtime and a Linux container manager, supporting the execution of images based on Open Container Initiative, appc, and Docker specifications. The project distinguishes itself by offering hardware-level container isolation, allowing pods to run within virtual machines using KVM or QEMU for a dedicated kernel. It further separates itself through secure container deployment practices, utilizing SELinux mandatory access control and TPM-backed integri
vm2 is a Node.js JavaScript sandbox and runtime virtualizer designed to execute untrusted code. It functions as a secure code evaluator and module isolator that protects the host process by creating an isolated execution environment with restricted access to the Node.js runtime. The system distinguishes itself through a security framework that utilizes object proxying and deep freezing to prevent sandboxed scripts from modifying the host global context or shared objects. It implements strict module access control using allow-lists and path restrictions to govern which built-in or external dep
Rhai is an embedded scripting engine and dynamically typed language designed for integration into Rust applications. It functions as an abstract syntax tree compiler and native interop layer, allowing developers to map Rust types and functions into a scripting environment for bidirectional communication. The project serves as a framework for creating customizable domain-specific languages. It allows for the definition of custom operators, syntax, and restricted execution environments, enabling the creation of specialized languages with tailored functional sets. The engine covers a broad rang
CubeSandbox is a Kubernetes-based platform for executing AI agents in secure, lightweight environments. It provides a code execution sandbox that uses hardware isolation and dedicated guest kernels to run untrusted code without risking the host system. The project features a network egress firewall that restricts outbound communication via domain allowlists and audit logging. It also includes a container snapshotting manager capable of capturing the runtime memory and disk state of environments to enable instant cloning and recovery. The platform covers cluster orchestration through a web-ba
Isolated-vm is a library for creating secure, memory-isolated JavaScript execution environments within Node.js. It functions as a manager for the underlying engine, allowing developers to instantiate multiple independent execution contexts that share no memory or global state. This architecture is designed to support the execution of untrusted third-party code while preventing interference with the main application process. The project distinguishes itself by enforcing strict resource constraints, including memory limits and CPU execution timeouts, to ensure host system stability. It provides
This project provides a secure, containerized execution engine designed to run untrusted code within isolated environments. It functions as a library for integrating code interpretation into autonomous agents and intelligent assistant workflows, ensuring that host systems remain protected while enabling dynamic data processing and file manipulation. The platform distinguishes itself through a multi-backend architecture that abstracts diverse container runtimes, allowing for flexible deployment and automated backend failover. It supports interactive, multi-turn workflows by maintaining persist
Kata Containers is an OCI container runtime that launches containers inside lightweight virtual machines to combine hardware-level isolation with container operational speed. It functions as a hardware-isolated container engine and lightweight VM hypervisor, providing a virtual machine monitor interface that abstracts multiple hypervisors to optimize for performance or specific hardware emulation. The project distinguishes itself through a confidential computing runtime that leverages hardware-backed trusted execution environments, such as Intel TDX and AMD SEV-SNP, to protect data in use. It
Firejail is a Linux application sandbox and kernel security wrapper that isolates untrusted applications from the host system. It uses kernel namespaces and seccomp filters to restrict filesystem access, drop kernel capabilities, and limit the system attack surface. The project is distinguished by its use of predefined security profiles to automatically apply filesystem restrictions and syscall limits based on the executable being launched. It provides specialized isolation for portable packages such as AppImages and implements X11 display isolation via proxy servers to prevent keyboard loggi
This project is an OCI-compatible container runtime that executes workloads within lightweight virtual machines. By leveraging hardware-based virtualization, it provides strong security isolation between containerized processes and the host operating system, serving as a drop-in replacement for traditional container execution environments. The runtime distinguishes itself through a hypervisor-agnostic architecture that abstracts underlying virtualization operations, allowing for consistent container lifecycle management across different backends. It integrates directly with standard container
Cloud Hypervisor is a Rust-based hypervisor and KVM virtual machine monitor designed to execute 64-bit guest operating systems. It functions as a user-space virtual machine manager that employs a minimal emulation layer to reduce memory overhead and latency for cloud workloads. The project distinguishes itself through the use of a memory-safe language to implement a virtio device emulator and a user-space device model. It provides a standardized web API for managing virtual machine lifecycles and resource configurations. The platform covers broad virtualization capabilities, including the em
HAMi is a hardware orchestration and virtualization system designed to manage accelerators within Kubernetes. It functions as a device plugin that partitions physical hardware into isolated virtual slices, enabling multiple containers to share a single device through enforced memory limits and compute quotas. The project provides a virtualization manager and a heterogeneous compute scheduler that distributes tasks across diverse accelerator types. It uses packing and topology policies to optimize workload placement and allows for specific hardware targeting using unique device identifiers. T
This project is an infrastructure platform designed to provide secure, isolated, and ephemeral cloud-based Linux environments for AI agents and automated code execution. It functions as an orchestrator that provisions on-demand virtual machines, allowing developers to run arbitrary code generated by large language models within hardware-level security boundaries. The platform distinguishes itself through its ability to manage stateful, long-lived sessions that persist across multiple execution calls, enabling complex, multi-step workflows. It supports high-concurrency scaling, allowing for th
Bubblewrap is a Linux sandbox runner that creates lightweight, isolated execution environments for running untrusted applications. It combines Linux user, mount, network, PID, and UTS namespaces with seccomp-BPF system call filtering to restrict filesystem, network, process, and inter-process communication access. The project provides comprehensive process isolation by giving each sandbox its own private tmpfs root with selective bind-mounts, a separate network stack containing only a loopback interface, an independent process ID space, and remapped user and group identifiers. It applies secc
Harvester is a hyperconverged infrastructure software platform that combines compute, storage, and networking into a single system for managing virtualized environments on bare metal servers. It functions as a virtualization management platform and KVM hypervisor manager, providing a centralized interface to orchestrate the full lifecycle of virtual machines. The project distinguishes itself by integrating Longhorn distributed block storage to provide redundant, software-defined storage and a bare metal provisioning tool for automated deployment. This allows for the orchestration of infrastru
Eel is a framework for creating desktop applications using a Python backend and a web-based frontend. It acts as a bidirectional bridge between Python and JavaScript, allowing developers to build graphical user interfaces with HTML and JavaScript that communicate with local system logic. The project facilitates two-way communication by enabling the exposure of Python functions to the browser and allowing the backend to trigger JavaScript functions. It uses a local server to render web interfaces as standalone desktop windows and provides tools to bundle the Python code and web assets into a s
MobX State Tree is a structured, tree-based state management library for JavaScript applications that combines typed model definitions with reactive snapshots and patch-based change tracking. It provides a reactive state container with runtime and compile-time type safety, where application state is defined as a tree of typed models with collocated actions, computed views, and lifecycle hooks for predictable state mutations. The library is built around an action-centric mutation model that encapsulates all state changes within named functions that directly modify the tree, supported by genera
MicroPython is a lean implementation of Python 3 optimized to run on microcontrollers and other resource-constrained systems. It serves as a cross-platform embedded runtime and hardware abstraction layer, providing a firmware framework that maps high-level software commands to specific microcontroller registers across diverse processor architectures. The project functions as an embedded language interpreter that enables rapid prototyping on hardware through an interactive read-eval-print loop. It supports a wide range of target environments, including ARM, ESP32, STM32, RISC-V, and WebAssembl
Wasmtime is a WebAssembly runtime and sandboxed bytecode executor designed to run WebAssembly bytecode on a host system. It functions as an embeddable engine that integrates into applications through native APIs and language-specific bindings, as well as a standalone execution environment accessible via a command line interface. It is a WASI compatible runtime, implementing the WebAssembly System Interface to provide portable access to system resources. The engine utilizes a JIT compilation model to translate intermediate representation into optimized machine code for various CPU architecture
Incus is a unified orchestration platform for managing system containers, OCI application containers, and virtual machines through a single control plane. It brings together cluster infrastructure management, secure multi-tenancy, software-defined networking, and pluggable storage backend orchestration into one cohesive system exposed via a full REST API and command-line interface. What distinguishes Incus is its ability to run multiple instance types side by side—full Linux system containers, OCI application containers, and QEMU virtual machines—all managed with consistent tooling. Networkin
OpenSquilla is an LLM agent orchestration framework designed to coordinate multi-step AI workflows and tool execution using directed acyclic graphs. It functions as a centralized system for managing specialized skill packages and executing complex reasoning sequences. The project distinguishes itself through a routing gateway that directs tasks to different AI providers based on complexity, cost, and performance. It utilizes a multi-tier AI memory system that organizes working, episodic, and semantic knowledge using local embeddings and SQLite, alongside a secure execution sandbox that isolat
Goja is a JavaScript engine and ECMAScript compliant interpreter implemented entirely in Go. It serves as an embedded scripting engine that allows Go applications to execute JavaScript code and integrate a programmable scripting layer without relying on Cgo or external native dependencies. The project functions as a bridge between Go and JavaScript, enabling bidirectional data exchange and function invocation. It allows Go hosts to expose native structs, slices, and maps as JavaScript objects and arrays, while providing mechanisms to export script values and functions back into native Go type
Gravity is an embeddable, bytecode-compiled programming language designed to provide programmable logic within host applications. It is a garbage-collected language that utilizes a mark-and-sweep system to automate memory management and prevent leaks. The language is characterized by a concurrent fiber-based execution model, allowing multiple non-blocking tasks to run simultaneously. It also functions as a JSON-native language, featuring built-in serialization tools to convert complex data structures to and from JSON format. The project includes a virtual machine and a compiler that transfor
Extism is a cross-language WebAssembly plugin framework that lets applications written in any programming language load and execute plugins written in any other language. It provides a universal plugin system where host applications use idiomatic SDKs to load WebAssembly modules, call exported functions, and pass data back and forth, while plugin authors use development kits that handle memory management and host interaction so they can focus on business logic. The framework distinguishes itself through its comprehensive approach to cross-language integration, offering schema-driven binding g
Flatpak is a sandboxed application framework and standardized packaging format for Linux desktop applications. It functions as a distribution system that allows a single application bundle to run consistently across multiple Linux operating systems without requiring per-distribution builds. The project provides a runtime dependency manager that bundles specific library versions or shared runtimes to create predictable execution environments. It includes a sandbox permission manager to control application access to system hardware and resources, ensuring security and consistent behavior betwee
Tools to set up a quick macOS VM in QEMU, accelerated by KVM.
Lua is an embeddable scripting language written in ISO C, designed to be integrated into host applications for runtime customization. It provides a C-based scripting engine and a prototype-based object model that utilizes associative arrays and metatables to implement inheritance and complex data structures. The language features a cooperative multitasking system that manages concurrent execution threads via coroutines and an incremental garbage collector for automatic memory management. It includes a safe code sandbox to isolate global state and run untrusted scripts within a protected envir