Skip to content

v0.1.0

Choose a tag to compare

View all tags
@lxcshine lxcshine released this 24 Jun 12:09
· 141 commits to master since this release
v0.1.0
7cc7ef1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What is NexusBox?

NexusBox is a secure sandbox platform for AI Agents. It provides an isolated execution environment where AI agents can safely run shell commands, read/write files, execute code, and automate browsers — without any risk to the host machine.

Highlights

MCP (Model Context Protocol) Integration

  • 18 real tools exposed via JSON-RPC 2.0 over HTTP
  • 4 built-in MCP servers: Shell, File, Code, Browser
  • Seamless integration with Trae, Claude Desktop, Cursor, and other MCP-compatible AI assistants
  • Workspace-scoped isolation with path traversal protection

Shell Execution

  • shell_exec — synchronous command execution with timeout control (max 300s)
  • shell_background — background long-running tasks
  • shell_check — monitor background process status

File Operations

  • file_read / file_write / file_list / file_search
  • file_replace / file_delete / file_move
  • Atomic writes and path traversal prevention via resolvePath()

Code Execution

  • code_run — execute Python and Node.js code with timeout limits (max 120s)
  • code_install — install pip/npm packages
  • Temporary file handling with automatic cleanup

Browser Automation

  • CDP (Chrome DevTools Protocol) integration with Chromium
  • browser_navigate / browser_screenshot / browser_click / browser_type
  • browser_eval / browser_get_text

REST API Gateway

  • Unified entry point for shell, file, code, browser, and sandbox management
  • Panic recovery middleware for stability
  • JWT authentication support

Multi-Tenant Isolation

  • 3 isolation levels: Standard, Enhanced, Maximum
  • Per-tenant workspace, network policy, and resource quotas
  • Token bucket rate limiting per tenant
  • VXLAN VNI and cgroup-based hard isolation

Security Hardening

  • Docker: cap_drop ALL , no-new-privileges , memory limits
  • Rootless mode support with UID mapping
  • Seccomp and AppArmor profile management
  • mTLS certificate generation

Scheduling Framework

  • 11-phase scheduling pipeline inspired by Kubernetes scheduler
  • Pluggable plugins: ResourceFit, TenantAffinity, ImageLocality, NodeResourcesBalancedAllocation
  • Priority queue and batch scheduling support

CRI (Container Runtime Interface)

  • CRI-compatible gRPC server for direct kubelet integration
  • Enables Kubernetes to schedule pods onto NexusBox-managed sandboxes

Observability

  • Prometheus metrics ( nexusbox_sandbox_creation_total , nexusbox_sandbox_creation_duration , etc.)
  • OpenTelemetry distributed tracing
  • Structured audit logging with JSON output
  • Health checker with liveness/readiness probes

Full Development Environment (Docker)

  • JupyterLab (port 8888)
  • code-server — VS Code in browser (port 8200)
  • noVNC remote desktop (port 6080)
  • Chromium with CDP (port 9222)
  • Supervisor process manager for 7 services

Kubernetes Ready

  • CRDs for Sandbox, Tenant, and SandboxTemplate
  • Deployment manifests
  • Admission webhook for validation
Assets 2
Loading