Shuru is a lightweight sandbox that spins up Linux VMs on macOS using Apple's Virtualization.framework. Boots in about a second on Apple Silicon, and everything is ephemeral by default. There's a checkpoint system for when you do want to persist state, and sandboxes run without network access unless you explicitly allow it.
Single Rust binary, no dependencies.
Built it for sandboxing AI agent code execution, but it works well for anything where you need a disposable Linux environment.
I will steal this to make a local-first version of https://microterm.dev for macOS :)
My idea is to have unified environment across all targets, so the only thing that changes is speed and amount of RAM.
BrandiATMuhkuhtoday at 10:58 PM
Very cool. Was looking for something like this for a new project of mine. (I'm working on a project that is like a marriage of retool+OpenClaw. It's used by SME to quickly build inhouse apps)
praveenhmtoday at 11:10 PM
How does it compare to Lume. It uses Apple's native Virtualization Framework to run macOS and Linux VMs at near-native speed on Apple Silicon.
josephgtoday at 8:24 PM
What does local first mean in this context? Does it just mean local? Like, the software runs locally?
7777777philtoday at 8:12 PM
The agent stack is splitting into specialized layers and sandboxing is clearly becoming its own thing. Shuru, E2B, Modal, Firecracker wrappers.
I've noticed claude forks parallel agents on an assigned task. How would they communicate in isolated sandboxes like these?
Would it be cleaner and more effective for a harness to orchestrate swarms of agents in a single clean linux environment like OrbStack?
xrdtoday at 7:59 PM
What is the benefit of this over lima, for example?
tobyhinloopentoday at 9:34 PM
Neat! I was looking for something like this
Krissotoday at 8:34 PM
Why was using straigt containers not enough?
janlucientoday at 11:04 PM
[dead]
okayokay123today at 9:47 PM
[dead]
conradevtoday at 8:46 PM
Use OrbStack. Itβs faster than Virtualization.framework because it has its own hypervisor.