Minimal Linux sandboxes to manage AI-Generated Code with ease
Embedded Rust sandbox with seccomp and DNS rebinding protection, no VM required.
A lightweight, multi-layer Linux sandbox combining namespaces, pivot_root, seccomp-bpf, capability dropping, and an evidence-based verdict engine (Truthimatics Public Version) for secure, auditable code execution.
Embedded Rust sandbox with seccomp and DNS rebinding protection, no VM required.
Personal portfolio page, not an actual tool or product to use.
Full RISC-V Linux VM in WASM booting in under a second is genuinely wild.
Virtualenv for system isolation—your configs carry over but SSH keys stay protected.
MCP sandbox isolation for agents; E2B/Modal/Docker/WASM backends already exist separately.
AI agent renders live dashboards, charts, quizzes to canvas while running real Linux sandbox on your phone.