Matchlock: Linux-based sandboxing for AI agents
Summary
Matchlock is a Linux-based sandbox tool that runs AI agents in ephemeral microVMs with default lockdown. It injects secrets via a MITM proxy so secrets never enter the VM, and all outbound data is controlled by a host side policy; it also provides a Go and Python SDK to embed sandboxes in applications.