We Built Secure, Scalable Agent Sandbox Infrastructure
7 hours ago
- #Agent Sandbox
- #Unikraft
- #Control Plane
- Started with browser-only agents on AWS Lambda, scaling instantly with isolated invocations.
- Added code execution in an isolated sandbox, keeping security intact by separating it from the backend.
- Identified two patterns for isolation: isolate the tool (Pattern 1) or isolate the agent (Pattern 2).
- Transitioned from Pattern 1 to Pattern 2, making agents disposable with no secrets or state to preserve.
- Implemented Unikraft micro-VMs for production sandboxes, booting quickly and scaling to zero when idle.
- Used Docker containers for development and evaluations, maintaining consistency across environments.
- Hardened sandboxes with bytecode-only execution, privilege drop, and environment stripping for security.
- Designed the control plane as a stateless FastAPI service, acting as a proxy for all external communications.
- Enabled LLM proxying and file sync via presigned URLs, keeping sandboxes stateless and secure.
- Scaled infrastructure independently with Unikraft for sandboxes and ECS Fargate for the control plane.