Capsule Bash – Sandboxed Bash for Agents

Name: Capsule Bash – Sandboxed Bash for Agents
Availability: InStock
Author: mavdol04

by mavdol04·May 4, 2026·3 points·3 comments

Visit Project View on HN

AI Analysis

●●●BangerBig BrainSolve My ProblemZero to One

Returns exact filesystem diffs per command, solving the silent-failure problem in agent loops.

Strengths

•Reimplements Bash commands in TypeScript to enforce structured output and prevent silent failures.
•Pluggable runtime architecture allows swapping Wasm sandboxes without changing core logic.
•Built-in MCP server integration enables immediate adoption by existing agentic workflows.

Weaknesses

•Requires Python and pip just to compile the sandbox, adding friction to the dev setup.
•Niche utility outside of AI agent contexts; standard Bash remains superior for human users.

Post Description

I've always felt that existing Bash wasn't adapted for agents. It gives way too much freedom and not enough feedback to enrich the context after each command.

I ended up building this TypeScript-based sandboxed Bash. If we compare it to other alternatives, it is divided into two layers:

- The core, with all the Bash commands and the operator logic.

- The runtime, a pluggable part that manages code execution in the sandbox. There's a Wasm runtime available based on a Rust runtime I launched a few months ago. [1]

In practice, the core calls the runtime to execute code and get back structured information from the sandbox, including exact filesystem changes (what was created, modified or deleted) and direct feedback in stdout.

I added commonly used commands, including `python3 -c` and `node -e`, but if you find an edge case where the current commands aren't enough, let me know.

GitHub: https://github.com/capsulerun/bash

[1]: https://news.ycombinator.com/item?id=46871387