A field guide to sandboxes for AI

luiscardoso.dev/blog/sandboxes-for-ai

arts 🦇

Playground Engine, a Firecracker-powered microVM orchestrator

labs.iximiuz.com/playgrounds

Boot Linux microVMs in <1s - for sandboxes and services.

Firecracker
slicervm.com

Kata Containers
exe.dev

Popularization of the infinitesimally small with the help of Blender software. State of the art!

@epicspaceman

2022-2024 : chat
2024-2025 : agentic coding
2026-2027 : agentic system
2028-xxxx  : world physics

claude.com/blog/cowork-research-preview

In The Lord of the Rings, the palantír allows its user to see everything, but at a great cost: loss of control and manipulation. Palantir Technologies echoes this idea in the real world.

By aggregating massive amounts of data, Palantir provides governments and intelligence agencies with extraordinary surveillance and analytical power. While effective for security and intelligence, this concentration of data poses serious risks to privacy, transparency, and individual freedom.

As Tolkien warned, great vision without limits can be dangerous especially when few control what is seen.

palantir.com

December 2025
DNS over HTTPS (DoH) server
394k hits

https://doh-own-recursion.nicolas-dorriere.fr/dns-query

Sprites (fly.io)

Sprites provide stateful Linux environments with hardware isolation via Firecracker VMs. They support checkpoint & restore, ideal for AI agents or untrusted binaries. Each Sprite runs on an isolated network to prevent unauthorized access, offering a simple and secure home for arbitrary code execution.

fly.io/blog/code-and-let-live

sprites.dev

sprites.dev/blog

demo

Game interface for controlling agents

I handle marketing for a 3D-printed Dr. Martens keychain
Photoroom + Affinity + CeWe print machine

Claude code temporal fix  2.0.75 -> 2.1.0 crash

https://github.com/anthropics/claude-code/issues/16682#issuecomment-3720697072

alien technology vera rubin

LXC containers are quite interesting because they provide a real Linux OS with all UNIX tools available to agents like Opus 4.5, along with very fast machine (container) creation times. Kata also seems to be a good alternative for isolating agents.

opus 4.5 x tmux = agentic farm

2026 will mark the moment when people truly begin using AI to create their own custom software.
Software is about to become radically personalized.

Local AI

Ministral 3 
⌁ 3B, 8B, 14B
⌁ 256K tokens
⌁ Text + Vision
⌁ Apache 2.0

Versus

Beelink GTR9 Pro
128GB ram
2000 dollars