I have come to appreciate coding agents to be valuable tools for working with computer program code in any capacity, such as learning about any program’s architecture, diagnosing bugs or developing proofs of concept. Depending on the use-case, reviewing each command the agent wants to run can get tedious and time-consuming very quickly. To safely run a coding agent without review, I wanted a Virtual Machine (VM) solution where the agent has no access to my personal files and where it’s no big deal if the agent gets compromised by malware: I can just throw away the VM and start over.

Lobsters is a community-driven platform for sharing and discussing links to articles, tutorials, and projects related to technology and programming. Readers can learn about a wide range of topics, from software development and system administration to cybersecurity and artificial intelligence. With user submissions, comments, and voting, Lobsters provides a platform for collaborative learning and knowledge sharing among technology enthusiasts.

Lobsters

Setting up ephemeral virtual machines on NixOS using microvm.nix provides a safe sandbox for running AI coding agents without exposing personal files. The approach uses declarative configuration to create disposable VMs with shared workspaces, network isolation via bridge networking and NAT, and integration with tools like Claude Code. The setup includes network configuration with systemd-networkd, shared directories for workspaces and Nix store, and project-specific package environments. Claude Skills can automate the creation of new MicroVMs by analyzing existing configurations and generating similar structures. This method enables running untrusted code safely while maintaining minimal maintenance overhead through NixOS's declarative model.

Coding Agent VMs on NixOS with microvm.nix