Daytona
Daytona is a cloud-native development runtime that enables developers and AI agents to instantly create, run, and manage isolated sandboxes for any codebase. Each sandbox runs inside a secure microVM with full Linux compatibility, networking, and persistent storage.
Daytona provides SDKs in Python and TypeScript, allowing applications to programmatically execute code, run processes, upload files, or spin up environments dynamically.
Teams use Daytona to replace complex local setups with reproducible cloud sandboxes that can be started in seconds and accessed through preview URLs, SSH, or APIs. It’s built for automation, observability, and scalability, powering everything from personal development environments to enterprise-grade agent runtimes.
Learn more
InstaClaw
InstaClaw is a consumer AI agent platform that allows users to deploy a fully autonomous personal AI assistant in minutes without coding or technical setup, providing a persistent agent that operates on dedicated infrastructure and can perform real-world tasks on behalf of the user. Each agent runs on its own virtual machine with continuous uptime, enabling it to execute actions such as sending emails, managing calendars, browsing the web, organizing files, conducting research, and automating workflows through natural language instructions. It integrates with common messaging applications like Telegram, WhatsApp, and iMessage, allowing users to interact with their agent as if they were texting, while the system handles execution in the background. InstaClaw includes pre-installed skills such as web browsing, file management, and research tools, and supports expansion through additional capabilities and integrations, enabling agents to handle increasingly complex tasks.
Learn more
NullClaw
NullClaw is an ultra-lightweight autonomous AI assistant infrastructure built in Zig and distributed as a single static binary designed to run efficiently on virtually any hardware. It emphasizes extreme performance and minimal resource usage, shipping as a roughly 678 KB executable that typically consumes about 1 MB of RAM and boots in under two milliseconds. It eliminates traditional runtime overhead by avoiding virtual machines, interpreters, and complex dependency chains, allowing developers to deploy agents simply by running the compiled binary. Despite its small footprint, the framework provides a full autonomous agent stack with support for more than 22 model providers, 18 communication channels, hybrid vector and FTS5 memory, streaming, voice, and multi-layer sandboxing. Security is built in through workspace scoping, explicit command allowlists, encrypted secrets, and strict sandbox isolation using tools such as Landlock, Firejail, or Docker.
Learn more
nono
nono is an open source, kernel-enforced sandbox for AI coding agents and LLM workloads. Unlike policy-based guardrails that intercept and filter operations, nono uses OS security primitives — Landlock on Linux and Seatbelt on macOS — to make unauthorised operations structurally impossible at the syscall level.
Wrap any AI agent — Claude Code, OpenCode, OpenClaw, or any CLI process — with a single command. nono applies default-deny filesystem access, blocks destructive commands (rm, dd, chmod, sudo), isolates credentials and API keys, and cascades all restrictions to child processes. No escape mechanism exists once restrictions are applied.
Built-in profiles get you running in seconds. Secrets inject securely from the system keystore and are zeroised on exit. Audit logging, atomic rollbacks, and Sigstore-attested policy signing are on the roadmap.
Apache 2.0. From the creator of Sigstore.
Learn more
