microsandbox: Secure, Fast, and Self-Hosted Platform for Running Untrusted Code

Why MicroSandbox? If you've ever needed to run code that you don't fully trust, whether it's AI-generated, user-submitted, or experimental, the traditional methods often fall short due to security risks, slow boot times, lack of control, and limited compatibility. MicroSandbox addresses these issues by offering: Bulletproof Security: True virtual machine (VM) isolation using microVMs. Instant Startup: Boot times under 200 milliseconds, significantly faster than conventional VMs. Your Infrastructure: Fully self-hosted, giving you complete control over the environment. OCI Compatibility: Works seamlessly with standard container images. AI-Ready: Built-in Model Control Protocol (MCP) support for smooth AI integration. Getting Started with the SDK Step 1: Start the Server First, install MicroSandbox and start the server. Optionally, pull the environment image you need for your tasks. Step 2: Install the SDK MicroSandbox supports multiple languages, including Python, JavaScript, and Rust. Install the SDK for your preferred language. Step 3: Execute the Code Choose the appropriate sandbox environment (e.g., PythonSandbox or NodeSandbox) for your code execution needs. Each environment is optimized for specific tasks, ensuring secure and efficient execution. Project-Based Development Beyond the SDK, MicroSandbox supports project-based development, simplifying the package manager workflow that developers are already familiar with. Creating a Sandbox Project To get started, create a Sandboxfile in your project directory. This file serves as the configuration manifest for your sandbox environments. Adding a Sandbox to the Project Register a new sandbox in your Sandboxfile, specifying the image and sandbox name. For example, adding a sandbox named app configured to use the python image. Running a Sandbox You can run a sandbox defined in your project using simple commands. File changes and installations are automatically persisted to the ./menv directory, making it easy to stop and restart your work without losing progress. Running a Temporary Sandbox For one-off tasks or experimenting with code found online, use temporary sandboxes. These environments leave no trace once exited, providing a clean slate each time. Installing Sandboxes Install a sandbox as a system-wide executable using msb install. This creates a slim launcher, allowing you to start the sandbox from anywhere in your system with a simple command. Use Cases Coding & Dev Environments Description: Enable AI agents to build real applications using professional developer tools. From Git operations to dependency management and testing, everything is handled in a safe, isolated environment. Benefits: Instant creation and fast feedback loops, making it ideal for AI pair programming, coding education, and automated code generation. Data Analysis Description: Facilitate AI-driven data analysis with powerful libraries such as NumPy, Pandas, and TensorFlow. Benefits: Safe, efficient processing that respects data privacy, suitable for financial analysis, medical research, and general data visualization. Web Browsing Agent Description: Develop AI assistants capable of browsing the web to gather information, handle logins, and automate form submissions. Benefits: Contained, easy-to-use environment for tasks requiring web interaction, perfect for research assistants and automated testing tools. Instant App Hosting Description: Share live apps and demos created by AI without deployment hassles. Benefits: Zero-setup deployment and automatic cleanup, making it ideal for educational platforms, AI-generated calculators, and rapid prototyping. Server Architecture MicroSandbox operates with a client-server model. The client process includes your business logic and the MicroSandbox SDK, which sends untrusted code to the MicroSandbox server. The server then runs this code in one of several microVMs, each tailored to specific execution environments like Python or Node.js. Development If you're interested in contributing to MicroSandbox, the Development Guide provides detailed instructions on setting up your development environment, building the project, running tests, and creating releases. Contribution guidelines are available in the CONTRIBUTING.md file. License MicroSandbox is released under the Apache License 2.0. Evaluation by Industry Insiders Industry experts laud MicroSandbox for its robust security and impressive performance. By combining true VM isolation with rapid boot times, it offers a compelling solution for running untrusted code. Its self-hosted nature and OCI compatibility make it highly flexible and scalable, catering to both small projects and large enterprises. The built-in AI support and intuitive project management features further enhance its utility, positioning it as a valuable tool for modern development and data handling workflows. Company Profile MicroSandbox is an innovative open-source project designed to provide secure and efficient execution environments for untrusted code. Developed and maintained by a community of tech enthusiasts and professionals, it has quickly gained traction due to its unique combination of speed, security, and flexibility.