https://github.com/google/capsem
https://github.com/google/capsem
Last synced: 7 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/google/capsem
- Owner: google
- License: apache-2.0
- Created: 2025-09-26T16:07:23.000Z (8 months ago)
- Default Branch: main
- Last Pushed: 2026-05-12T01:24:11.000Z (20 days ago)
- Last Synced: 2026-05-12T01:31:22.485Z (20 days ago)
- Language: Rust
- Size: 15.5 MB
- Stars: 39
- Watchers: 1
- Forks: 6
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Audit: audit.toml
- Citation: CITATION.cff
- Security: SECURITY.md
Awesome Lists containing this project
- awesome-agent-runtime-security - capsem - kernel, air-gapped | macOS-native sandbox running agents in Linux VMs via Apple Virtualization.framework. Custom kernel compiled with `CONFIG_INET=n` (no IP stack) and `CONFIG_MODULES=n` (no loadable modules), read-only rootfs, BLAKE3 boot asset integrity, no systemd. | (Sandboxing & Isolation)
README
Capsem
The fastest way to ship with AI securely.
Sandbox AI coding agents in hardware-isolated Linux VMs on macOS and Linux.
Full network control, HTTPS inspection, MCP tool routing, and per-session telemetry.
## Install
```sh
curl -fsSL https://capsem.org/install.sh | sh
```
Pre-built packages (`.pkg` for macOS and `.deb` for Linux) are also available from the [latest release](https://github.com/google/capsem/releases/latest). See the [Getting Started](https://capsem.org/getting-started/) guide for details.
## Quick start
```sh
capsem uname -a
capsem echo hello
capsem 'ls -la /proc/cpuinfo'
```
## Documentation
Full documentation at **[capsem.org](https://capsem.org)**.
| Topic | Link |
|-------|------|
| Getting Started | [capsem.org/getting-started](https://capsem.org/getting-started/) |
| Architecture | [capsem.org/architecture/hypervisor](https://capsem.org/architecture/hypervisor/) |
| Security | [capsem.org/security/overview](https://capsem.org/security/overview/) |
| Custom Images | [capsem.org/architecture/custom-images](https://capsem.org/architecture/custom-images/) |
| Snapshots | [capsem.org/usage/snapshots](https://capsem.org/usage/snapshots/) |
| Benchmarks | [capsem.org/benchmarks/results](https://capsem.org/benchmarks/results/) |
| Troubleshooting | [capsem.org/debugging/troubleshooting](https://capsem.org/debugging/troubleshooting/) |
| Development | [capsem.org/development/getting-started](https://capsem.org/development/getting-started/) |
| Just Recipes | [capsem.org/development/just-recipes](https://capsem.org/development/just-recipes/) |
| Release Notes | [capsem.org/releases](https://capsem.org/releases/0-15/) |
## Disclaimer
This project is not an official Google project. It is not supported by Google and Google specifically disclaims all warranties as to its quality, merchantability, or fitness for a particular purpose.
## License
See [LICENSE](LICENSE).