Microsandbox is a runtime for creating and managing lightweight, hardware-isolated virtual machines — called sandboxes — that boot directly from standard OCI container images. Each sandbox runs as its own host process with a separate kernel, filesystem, and network stack, providing process-per-sandbox isolation. The project includes a command-line tool and multi-language SDKs (Rust, TypeScript, Python, Go) for programmatic lifecycle control, and it communicates with sandbox agents over Unix sockets using a CBOR-encoded protocol. What distinguishes Microsandbox is its combination of host-manag
microsandbox is a platform that runs untrusted code inside hardware-isolated microVMs, each with its own kernel, filesystem, and network stack. It boots directly from standard OCI container images, supports copy-on-write filesystem layers, and integrates with AI agents to execute tool calls and generated code in isolated environments with secret protection. What sets microsandbox apart is its host-side network proxy that enforces firewall rules, intercepts DNS, inspects TLS traffic, and injects secrets at the network boundary without exposing them inside the VM. It provides SSH access to micr
This project is an OCI-compatible container runtime that executes workloads within lightweight virtual machines. By leveraging hardware-based virtualization, it provides strong security isolation between containerized processes and the host operating system, serving as a drop-in replacement for traditional container execution environments. The runtime distinguishes itself through a hypervisor-agnostic architecture that abstracts underlying virtualization operations, allowing for consistent container lifecycle management across different backends. It integrates directly with standard container
This project is a Python framework for building autonomous, event-driven agent systems. It provides a unified runtime for orchestrating multi-agent workflows, managing persistent conversation state, and executing code within secure, isolated sandbox environments. The framework is designed to handle complex task delegation, allowing agents to invoke other agents as tools while maintaining context across multi-turn interactions. The framework distinguishes itself through its deep integration with the Model Context Protocol, enabling agents to connect to external data sources and remote services