The agent harness belongs outside the sandbox
4 hours ago
- #Multi-User Systems
- #AI Agent Harness
- #Sandbox Architecture
- Two main architectures for agent harnesses: inside the sandbox and outside the sandbox.
- Harness inside the sandbox: simpler execution, reuses off-the-shelf harnesses, but limits multi-user scalability and security.
- Harness outside the sandbox: better security, allows sandbox suspension, easier multi-user handling, but requires solving durable execution and filesystem virtualization.
- Durable execution achieved using Inngest to handle long-running agent loops and survive failures.
- Sandbox lifecycle managed with Blaxel for fast resume times (25ms) to minimize cold start delays.
- Filesystem virtualization routes file operations to database or sandbox based on path prefixes, maintaining the trained LLM interface.
- Challenges include keeping up with evolving patterns, handling bash tool leaks, and managing consistency in multi-user memory updates.