Tigris embedded a browser-based shell demo on their homepage using @tigrisdata/agent-shell, a TypeScript package that emulates bash without running real OS processes. Instead of spinning up actual bash pods, the shell uses just-bash to fake coreutils and routes filesystem operations to Tigris object storage buckets. This makes it lightweight, isolated, and safe for AI agents — agents can be confined to a bucket fork that gets destroyed after their run. The post explains the security model (no real syscalls, TypeScript-controlled 'dependency injection'), discusses what makes something a 'shell', and argues that lightweight sandboxed environments with durable storage are critical infrastructure for future multi-agent architectures.
Table of contents
So why did you do this? How is this secure? The window is too tiny, how do I make it bigger? Conclusion Sort: