This project provides a self-hosted platform for securely executing untrusted user or AI-generated code. It addresses the limitations of traditional methods like local execution, containers, and VMs by offering hardware-level isolation with instant startup times, all within your own infrastructure. The target audience includes developers, AI agents, and data analysts who need to run potentially malicious or experimental code without compromising system security or sacrificing performance.

How It Works

Microsandbox leverages microVMs powered by libkrun for strong, hardware-level isolation. This approach provides superior security compared to containerization, which shares host kernels. The system boasts sub-200ms boot times, significantly faster than traditional VMs, enabling near-instantaneous code execution. It is OCI compatible, allowing the use of standard container images, and includes built-in MCP support for seamless integration with AI tools.

Quick Start & Requirements

• Install Server: curl -sSL https://get.microsandbox.dev | sh
• Start Server: msb server start --dev
• Pull Environment: msb pull microsandbox/python
• Install SDK: pip install microsandbox (SDKs for JS, Rust, and others available)
• Prerequisites: None explicitly stated beyond standard OS and shell.
• Docs: SDK README

Highlighted Details

• Hardware-level VM isolation for strong security.
• Boot times under 200ms.
• OCI compatible, works with standard container images.
• Built-in MCP support for AI integration.
• SDKs for Python, JavaScript, Rust, and more.
• Project-based development with Sandboxfile for environment management.

Maintenance & Community

The project is actively developed with a clear contribution guide. Community expansion for SDKs is encouraged.

Licensing & Compatibility

Licensed under the Apache License 2.0, permitting commercial use and integration with closed-source projects.

Limitations & Caveats

The SDK is currently in Beta. The first run of an environment image will incur a download delay.