Autonomous LLMs write and execute raw commands. Stop running them in host-shared Docker containers. Sandforge boots ephemeral, dedicated guest kernels in under **250ms**, completely decoupling untrusted process runtimes from host hardware.
go test ./internal/policy/...Read low-level architectural breakdowns, configure path sandbox boundaries, and integrate SDKs.
Learn about the separate control and execution planes, trust boundaries, and VSOCK wire formatting.
How Sandforge performs symlink evaluating path checks and whitelist filters prior to execution allocation.
Configure low-level Apple Virtualization bootloaders, directory mounts, and serial consoles.
Persist compiler build archives (GOCACHE, npm modules) between runs inside ephemeral sandboxes.
Sandboxes are fully isolated network-offline environments. Host-Guest communication is established exclusively over **Virtual Sockets (VSOCK)**, operating direct physical transfers across the hypervisor bus.
{
"op": "exec",
"payload": {
"command": ["go", "test", "./..."],
"cwd": "/workspace",
"env": {
"GOOS": "linux",
"CGO_ENABLED": "0"
},
"timeout_sec": 30
}
}Sandforge is entirely open-source, written in idiomatic Go, and custom-tuned for zero-trust autonomous agent execution.