AI Code Sandbox

An increasingly important part of the AI stack is running untrusted code in a sandbox.

List of code sandbox for AI offerings:

• CloudFlare Sandbox SDK
• Vercel Sandbox
• Daytona
• Anthropic sandbox-runtime
• Coder (open source, conainers)
• Concave (open source, firecracker)
• CodeRunner (apple containers)

Rolling your own:

• sandbox-exec (macOS)
• NsJail (Linux)
• firejail (Linux)
• firecracker (Linux)
• RestrictedPython (python)

I’m still looking for a WebAssembly alternative for a lightweight, language specific code sandbox for use with agents.

See also:

• The lethal trifecta of AI agents isn’t solved by a sandbox alone, but is certainly part of it

Links to this note

• Rustpython With Wasm

  RustPython is a python interpreter written in rust. What makes it interesting is that it does no use cpython which makes it much more straightforward to target WebAssembly and do things like execute untrusted code on a host machine.