Contribute to amlalabs/amla-sandbox development by creating an account on GitHub.

Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

amla-sandbox is a WebAssembly-based sandbox for executing LLM-generated code with capability-based security. Unlike popular agent frameworks that use subprocess or exec() (exposing systems to prompt injection attacks), it provides memory isolation through WASM and enforces explicit tool access constraints. The sandbox supports JavaScript and shell execution, allows agents to write single scripts instead of multiple tool calls (reducing token costs), and includes a virtual filesystem with no network access. It integrates with LangGraph and offers constraint validation on tool parameters, method patterns, and call limits. The solution requires no Docker or VM infrastructure and compiles to a single binary.