zlacker

>>makebo+(OP)
Why not some of the existing microvm efforts?

Cloud Hypervisor and Firecracker both have an excellent reputation for ultra lightweight VM's. Both are usable in the very popular Kata Containers project (as well as other upstart VM's Dragonball, & StratoVirt). In us by for example the CNCF Confidential Containers https://github.com/kata-containers/kata-containers/blob/main... https://confidentialcontainers.org/

There's also smaller efforts such as firecracker-containerd or Virtink, both which bring OCI powered microvms into a Docker like position (easy to slot into Kubernetes), via Firecracker and Cloud Hypervisor respectively. https://github.com/smartxworks/virtink https://github.com/firecracker-microvm/firecracker-container...

Poking around under the hood, microsandbox appears to use krun. There is krunvm for OCI support (includes MacOS/arm64 support!). https://github.com/containers/krunvm https://github.com/slp/krun

The orientation as a safe sandbox for AI / MCP tools is a very nicely packaged looking experience, and very well marketred. Congratulations! I'm still not sure why this warrants being it's own project.

>>jaunty+Ug
If we get enough of these sandboxes, maybe we will finally get one that's easy for me to run on my own machines.

>>simonw+zh
Which platforms do you use?

>>mike_h+gi
macOS on my laptop, anything that runs in a container for when I deploy things.

>>simonw+Qm
If you use macOS then it has a great sandboxing system built in (albeit, undocumented). Anthropic are starting to experiment with using it in Claude Code to eliminate permission prompts. Claude can choose to run commands inside the sandbox, in which case they execute immediately.

I've thought about making one of these for other coding agents. It's not quite as trivial as it looks and I know how to do it, also on Windows, although it seems quite a few coding agents just pretend Windows doesn't exist unfortunately.