Run agents in disposable microVM sandboxes with network allowlists and secret injection using Matchlock
Launch risky agent work inside disposable microVMs when you need stronger isolation, sealed egress, and host-side secret injection instead of direct host access.
What it does
Run agents in disposable microVM sandboxes with network allowlists and secret injection using Matchlock
Launch risky agent work inside disposable microVMs when you need stronger isolation, sealed egress, and host-side secret injection instead of direct host access.
Prerequisites
Local shell, Matchlock CLI, virtualization support for the target host, and the agent image or command you want to run inside the microVM
Installation
Use the upstream install or setup path that matches your environment:
- brew tap jingkaihe/essentials
- brew install matchlock
- docker save myapp:latest | matchlock image import myapp:latest # Import from tarball
- pip install matchlock
Requirements and caveats from upstream:
- matchlock run --image python:3.12-alpine \
- --allow-host "api.openai.com" python agent.py
- --secret ANTHROPIC_API_KEY@api.anthropic.com python call_api.py
Basic usage or getting-started notes:
-
AI agents need to run code, but giving them unrestricted access to your machine is a risk. Matchlock lets you hand an agent a full Linux environment that boots in under a second - isolated and disposable.
-
System Requirements
-
Linux with KVM support
-
Extracted from upstream docs: https://raw.githubusercontent.com/jingkaihe/matchlock/HEAD/README.md
Documentation
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,574 chars)