https://github.com/nolabs-ai/nono
Sandbox any AI agent in seconds - zero setup, zero latency.
https://github.com/nolabs-ai/nono
agent-sandbox agent-security ai-agent-sandbox ai-agent-security ai-agents ai-security ai-security-tool code-execution llm-security mcp mcp-security security sigstore supply-chain-security zero-trust
Last synced: 1 day ago
JSON representation
Sandbox any AI agent in seconds - zero setup, zero latency.
- Host: GitHub
- URL: https://github.com/nolabs-ai/nono
- Owner: nolabs-ai
- License: apache-2.0
- Created: 2026-01-31T09:25:45.000Z (5 months ago)
- Default Branch: main
- Last Pushed: 2026-06-25T14:31:10.000Z (9 days ago)
- Last Synced: 2026-06-25T15:26:54.061Z (9 days ago)
- Topics: agent-sandbox, agent-security, ai-agent-sandbox, ai-agent-security, ai-agents, ai-security, ai-security-tool, code-execution, llm-security, mcp, mcp-security, security, sigstore, supply-chain-security, zero-trust
- Language: Rust
- Homepage: https://nono.sh
- Size: 45.8 MB
- Stars: 2,808
- Watchers: 11
- Forks: 197
- Open Issues: 146
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
- Security: SECURITY.md
- Agents: AGENTS.md
Awesome Lists containing this project
README

Built by the team that brought you
Sigstore
The standard for secure software attestation, used by PyPI, npm, brew, and Maven Central
---
> [!NOTE]
> In the lead-up to a 1.0 release, APIs are stabilizing. API changes may still occur where necessary, but will be kept to a minimum.
**Run AI agents in a zero latency sandbox in seconds and with zero setup** — *Claude Code, Codex, Pi, CoPilot, Hermes, OpenCode, OpenClaw* and more — nono gets you up and running within seconds, with no daemon, no container, no VM, and no disk space usage. Out of the box, nono enforces a least-privilege sandbox and supports macOS, Linux, and Windows (WSL2).
From here **fork the config**, tweak it, theme it, make it your own, and share it with your team or the community via the [nono registry](https://registry.nono.sh).
**Want to operationalise and run at scale or within your team?** Engineers at some of the largest tech companies in the world use nono as part of their workflows or to run AI agents in production.
**Copied by many** — nono pioneered the zero-latency, zero-setup agent sandbox, and continues to innovate and lead the way in agent sandboxing.
---
## Quickstart
#### curl
```bash
curl -fsSL https://nono.sh/install.sh | sh
```
#### macOS / Linux (Homebrew)
```bash
brew install nono
```
**Other platforms** — Debian/Ubuntu, Fedora, Arch, RHEL, openSUSE, WSL2, and Nix: [see install instructions](https://nono.sh/docs/cli/getting_started/installation).
## Run it!
Search for an agent in the registry, then run it:
```bash
$ nono search opencode
always-further/opencode - Official Opencode Plugin
$ nono run --profile always-further/opencode -- opencode
```
That's it. `opencode` now runs with read/write access to the current directory and **nothing else** — your SSH keys, your cloud credentials, the rest of your disk are invisible to it.
Profiles for all the popular agents live at [registry.nono.sh](https://registry.nono.sh), secured and ready to pull. Each one bundles the right filesystem scope, network allowlist, hooks, skills and more.
## Make it your own!
Outgrow the defaults? Scaffold a profile and tweak it — same command you already know:
```bash
nono profile init opencode --extends always-further/opencode
nono run --profile opencode -- opencode
```
Are you an agent developer and want to publish your own agent package? We would love to have you and promote your work! [See the docs](https://nono.sh/docs/cli/features/package-publishing).
## Ready to go deep?
Head over to the [docs](https://nono.sh/docs) and discover nono's rich composable policy system, credentials injection, L7 filtering, supply chain security, rollback, multiplexing, audit and more.
## Library support
nono provides FFI bindings for Rust, Python, TypeScript, and Go.
Also available as [Python](https://github.com/nolabs-ai/nono-py), [TypeScript](https://github.com/nolabs-ai/nono-ts), and [Go](https://github.com/nolabs-ai/nono-go) bindings.
## Contributing
We encourage using AI tools to contribute. However, you must understand and carefully review any AI-generated code before submitting. Security is paramount. If you don't understand how a change works, ask in [Discord](https://discord.gg/pPcjYzGvbS) first.
## Security
If you discover a security vulnerability, please **do not open a public issue**. Follow the process in our [Security Policy](https://github.com/nolabs-ai/nono/security).
## License
Apache-2.0