If you're building AI agents that execute code — LLM-generated scripts, tool calls, shell commands — you need a sandboxed environment that's actually isolated.
When an AI agent generates and runs code, the code is untrusted. Containers share the host kernel, and container escapes are a well-documented attack surface.
Firecracker was built for running untrusted workloads. Each microVM gets its own kernel, dedicated filesystem, and separate network namespace.
Sign up at rigbox.dev — free, no credit card required. Create a workspace, connect your agent over SSH, and run your workload in full isolation.