{"id":47246659,"url":"https://github.com/arcboxlabs/arcbox","last_synced_at":"2026-04-05T15:02:17.971Z","repository":{"id":339258624,"uuid":"1127761357","full_name":"arcboxlabs/arcbox","owner":"arcboxlabs","description":"Run AI agents on real and isolated machines — own kernel, filesystem, and network — with \u003c200ms boot. Local first, OCI compatible, pure Rust.","archived":false,"fork":false,"pushed_at":"2026-04-01T13:43:09.000Z","size":50994,"stargazers_count":64,"open_issues_count":9,"forks_count":2,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-04-03T04:56:26.498Z","etag":null,"topics":["ai-agents","computer-use","containers","docker","firecracker","microvm","rust","sandbox","virtual-machine","virtualization"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/arcboxlabs.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE-APACHE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE.md","maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-01-04T14:46:50.000Z","updated_at":"2026-04-02T10:18:10.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/arcboxlabs/arcbox","commit_stats":null,"previous_names":["arcbox-labs/arcbox","arcboxlabs/arcbox","aprilnea/arcbox"],"tags_count":44,"template":false,"template_full_name":null,"purl":"pkg:github/arcboxlabs/arcbox","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arcboxlabs%2Farcbox","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arcboxlabs%2Farcbox/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arcboxlabs%2Farcbox/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arcboxlabs%2Farcbox/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/arcboxlabs","download_url":"https://codeload.github.com/arcboxlabs/arcbox/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arcboxlabs%2Farcbox/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31439442,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-05T13:13:19.330Z","status":"ssl_error","status_checked_at":"2026-04-05T13:13:17.778Z","response_time":75,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agents","computer-use","containers","docker","firecracker","microvm","rust","sandbox","virtual-machine","virtualization"],"created_at":"2026-03-14T07:16:42.167Z","updated_at":"2026-04-05T15:02:17.949Z","avatar_url":"https://github.com/arcboxlabs.png","language":"Rust","readme":"\u003cdiv align=\"center\"\u003e\n\n# ArcBox\n\n**Sandboxed execution engine for AI agents, containers, and virtual machines.**\n\n**Built from scratch in Rust -- from hypervisor to CLI.**\n\n[![License](https://img.shields.io/badge/license-MIT%2FApache--2.0-blue.svg)](LICENSE)\n[![Rust](https://img.shields.io/badge/rust-1.85+-orange.svg)](https://www.rust-lang.org)\n[![Desktop](https://img.shields.io/github/v/release/arcboxlabs/arcbox-desktop?label=desktop\u0026color=green)](https://github.com/arcboxlabs/arcbox-desktop/releases)\n[![Discord](https://img.shields.io/discord/1234567890?logo=discord\u0026label=discord\u0026color=5865F2)](https://arcbox.link/discord)\n[![Telegram](https://img.shields.io/badge/telegram-chat-26A5E4?logo=telegram)](https://arcbox.link/telegram)\n[![Docs](https://img.shields.io/badge/docs-arcbox.dev-blueviolet?logo=gitbook)](https://arcbox.link/docs)\n\n\u003c/div\u003e\n\n---\n\n## Why ArcBox\n\nComputer Use is the next frontier for AI -- agents that can write files, run code, browse the web, and operate a real machine. But giving an agent a full computer means giving it a full attack surface. Containers share the host kernel; a single exploit and the agent is out.\n\nArcBox solves this with Firecracker-style microVMs that boot their own Linux kernel in under 200ms. Each sandbox is a real computer -- real filesystem, real network, real process tree -- with VM-level isolation that containers can't provide. And when you just need Docker, ArcBox is a drop-in replacement for Docker Desktop.\n\n## Three-Tier Runtime\n\n| Tier | Isolation | Boot Time | Overhead | Use Case |\n|------|-----------|-----------|----------|----------|\n| **Container** | Namespace + chroot | Instant | ~1 MB | Standard Docker workloads |\n| **Sandbox** | microVM (own kernel) | \u003c200ms | ~10-30 MB | Untrusted code, CI/CD, AI agents |\n| **Machine** | Independent VM | ~1.5s | ~200 MB | Full Linux dev environment |\n\n```\nHost\n├── arcbox daemon (Docker API + gRPC)\n│\n├── System VM (Container + Sandbox tiers, shared kernel)\n│   └── arcbox-agent\n│       ├── Container Runtime ── namespace + chroot\n│       └── Sandbox Runtime ─── KVM microVM (\u003c200ms boot)\n│\n├── Machine VM \"ubuntu-dev\" (independent kernel + rootfs)\n└── Machine VM \"alpine-test\"\n```\n\n### Sandbox — Computer Use Runtime\n\nGive an AI agent a real computer it can't break out of.\n\n- **\u003c200ms cold boot** -- KVM microVM with minimal device model (virtio-MMIO only, no PCI/ACPI/BIOS)\n- **\u003c50ms warm start** -- snapshot/restore for instant sandbox cloning\n- **VM-level isolation** -- each sandbox runs its own kernel; a vulnerability in one cannot escape to others\n- **Real computer** -- real filesystem, real networking, real process tree -- not a simulated shell\n- **Disposable** -- spin up, let the agent work, tear down; no state leaks between sessions\n- **Docker-compatible** -- `docker run --runtime=sandbox untrusted-image`\n\n### Container\n\nDrop-in Docker engine replacement. Point your existing Docker CLI at ArcBox:\n\n```bash\narcbox docker enable\ndocker run -d -p 8080:80 nginx\n```\n\n### Machine\n\nFull Linux VMs with persistent storage, SSH access, and their own init system.\n\n```bash\narcbox machine create dev --distro ubuntu\narcbox machine ssh dev\n```\n\n## Quick Start\n\n```bash\n# Install\ncurl -sSL https://install.arcbox.dev | sh\n\n# Start the daemon\narcbox daemon start\n\n# Enable Docker compatibility\narcbox docker enable\n\n# Run a container\ndocker run -d -p 8080:80 nginx\ncurl http://localhost:8080\n```\n\n## What Works Today\n\n- **Container lifecycle** -- `run`, `stop`, `rm`, `logs`, `exec`, `inspect`\n- **Image management** -- pull from Docker Hub and OCI registries (ARM64)\n- **Port forwarding** -- `-p 8080:80` maps host ports into containers\n- **Volume mounts** -- bind mounts and named volumes\n- **Networking** -- internet access, DNS resolution, inter-container DNS\n- **Docker Compose** -- `docker-compose up/down` for multi-container stacks\n- **Context switching** -- `arcbox docker enable/disable` to toggle with Docker Desktop\n- **Machine management** -- `create/start/stop/rm/ls/inspect/exec/ssh`\n- **40+ Docker API endpoints** -- Docker Engine API v1.43 compatible\n\n## Performance\n\nCustom VirtIO stack, zero-copy networking, purpose-built VirtioFS.\n\n| Metric | Container | Sandbox | Machine |\n|--------|-----------|---------|---------|\n| Boot | Instant | \u003c200ms cold / \u003c50ms warm | ~1.5s |\n| Memory | ~1 MB | ~10-30 MB | ~200 MB |\n| File I/O (vs native) | \u003e90% | \u003e85% | \u003e90% |\n\n|  | ArcBox | E2B (Firecracker) | Docker Desktop |\n|--|--------|-------------------|----------------|\n| Sandbox boot | \u003c200ms | ~150ms | N/A |\n| Container boot | Instant | N/A | Instant |\n| Idle memory | \u003c150 MB | Cloud-only | 1-2 GB |\n\n## Known Limitations\n\n| Feature | Status |\n|---------|--------|\n| `docker build` | Not yet -- use `docker buildx` or pre-built images |\n| Sandbox runtime (`--runtime=sandbox`) | Designed, not yet implemented |\n| Machine distro management | Designed, not yet implemented |\n| x86/amd64 images (Rosetta) | Not yet -- ARM64 only |\n| Linux host | macOS first, Linux planned |\n| GUI | CLI only -- desktop app planned |\n\n## Requirements\n\n- macOS 13 (Ventura) or later\n- Apple Silicon (M1/M2/M3/M4) -- Intel support in progress\n- Docker CLI installed (ArcBox replaces the engine, not the CLI)\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for build instructions, code standards,\nand development setup.\n\n## License\n\n[MIT](LICENSE-MIT) OR [Apache-2.0](LICENSE-APACHE)\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\n**[Website](https://arcbox.dev)** · **[Docs](https://arcbox.link/docs)** · **[Discord](https://arcbox.link/discord)**\n\n\u003c/div\u003e\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farcboxlabs%2Farcbox","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Farcboxlabs%2Farcbox","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farcboxlabs%2Farcbox/lists"}