Developer Tools●●●Banger
Containarium – self-hosted sandbox for AI agents, MCP-native
Dual MCP server architecture lets agents safely exec shell commands inside isolated LXC containers.
Big BrainZero to OneSolve My Problem
hsin003
511mo ago
Back to browse
GitHub Repository
Locki: AI sandboxing without the taste of sand
39 starsPython
Locki – AI sandboxing for real-world projects
by PufPufPuf·Apr 3, 2026·3 points·4 comments
AI Analysis
●●●BangerSolve My ProblemWizardry
Single VM with LXC isolation beats spawning full VMs per worktree—starts in 10 seconds.
Strengths
- •VM is the security boundary, not LXC—honest about what's actually protecting you.
- •VSCode worktree integration shows agent changes natively in sidebar.
- •Runs Docker, Kubernetes, systemd services inside sandboxes without host risk.
Weaknesses
- •Linux/macOS only, no Windows support mentioned.
- •First VM boot takes minutes before the 10s sandbox starts work.
Category
Target Audience
Developers running AI coding agents on real projects
Similar To
Daytona · E2B · GitHub Codespaces
Post Description
Hello HN! I was bothered that no existing sandboxing solution can run my $job project, due to the limitations of running inside an OCI container, or some sort of limited process like landlock / bubblewrap etc. My options were spawning a new VM per worktree, which takes minutes to boot and allocates a chunk of RAM... or build a custom solution which uses just a single VM plus LXC containers -- the kind of containers with a full init system, capable of running systemd services, OCI containers and even full Kubernetes distributions.
So here it is. Fresh container start takes <10s. Works best with VSCode, which will neatly show changes from all worktrees in the sidebar, letting you review, edit and commit them easily. Let me know what you think!
Similar Projects
Security●●Solid
Nixcage – Sandbox AI coding agents per project with Nix and direnv
direnv auto-activation with bubblewrap sandboxing isolates agents per project.
Big BrainNiche Gem
hamidr
103mo ago
Developer Tools●●Solid
Bx – macOS native sandbox for AI and coding tools
Native macOS sandboxing stops AI agents from reading your SSH keys without Docker overhead.
Solve My ProblemBig BrainNiche Gem
holtwick
802mo ago
Developer Tools●●●Banger
YoloAI: Sandboxed agent, no permission fatigue, diff/apply workflow
Eliminates permission fatigue by sandboxing agents, then diffing before apply.
Big BrainSolve My ProblemZero to One
kstenerud
103mo ago
AI/ML●●Solid
Run Claude Code in a Local Sandbox
802 stars proves devs want this — sandbox AI agents before they rm -rf your home directory.
Solve My ProblemShip It
mkagenius
103mo ago
Developer Tools●●Solid
Run Claude Code with –dangerously-skip-permissions in a Docker sandbox
Docker sandbox for Claude Code's dangerous flag when Anthropic won't let you run it bare.
Solve My ProblemShip It
sayil
222mo ago