中文

MimoBox

Run AI-generated code safely, locally, and instantly.

No API keys. No Docker. No cloud.

MimoBox is a local sandbox runtime for AI agents. It provides multi-layer isolation — OS (Landlock + Seccomp), WebAssembly (Wasmtime), and microVM (KVM) — through a unified SDK, CLI, MCP server, and Python binding. Download a single binary and start executing code safely.

---

Why MimoBox?

• Local-first — Runs entirely on your machine. No data leaves your network, no API keys required.
• Multi-layer isolation — OS-level (Landlock + Seccomp + Namespaces), Wasm (Wasmtime), and microVM (KVM) backends with smart auto-routing.
• Ultra-low latency — OS cold start P50 8.24 ms, Wasm cold start P50 1.01 ms, warm pool acquire P50 0.19 µs.
• Agent-native — MCP server with 11 tools, Python SDK, LangChain / OpenAI Agents SDK integration out of the box.

Quick Start

Install

curl -fsSL https://raw.githubusercontent.com/showkw/mimobox/master/scripts/install.sh | bash

Python

Python wheels are coming to PyPI. For now, build from source (requires Rust toolchain):

git clone https://github.com/showkw/mimobox.git && cd mimobox
pip install maturin
maturin build --release -m crates/mimobox-python/Cargo.toml
pip install target/wheels/*.whl

Rust

[dependencies]
mimobox-sdk = { git = "https://github.com/showkw/mimobox.git", branch = "master" }
# After crates.io publication: mimobox-sdk = "0.1.0"

MCP Server

mimobox-mcp                              # stdio mode (default)
mimobox-mcp --transport http --port 8080 # Streamable HTTP mode

Add to your MCP client config:

{
  "mcpServers": {
    "mimobox": {
      "command": "mimobox-mcp"
    }
  }
}

Integration Examples

LangChain

from mimobox import Sandbox
from langchain_core.tools import tool

@tool
def sandbox_run_command(command: str) -> str:
    """Run a command inside a secure sandbox."""
    with Sandbox() as sb:
        return sb.execute(command).stdout

OpenAI Agents SDK

from mimobox import Sandbox
from agents import function_tool

@function_tool
def sandbox_execute(command: str) -> str:
    """Run a command inside a secure sandbox."""
    with Sandbox() as sb:
        return sb.execute(command).stdout

Python SDK

from mimobox import Sandbox

with Sandbox() as sandbox:
    result = sandbox.execute("/bin/echo hello")
    print(result.stdout, end="")

# File API
with Sandbox() as sandbox:
    sandbox.write_file("/tmp/hello.py", "print('hello')")
    result = sandbox.execute("python3 /tmp/hello.py")
    entries = sandbox.list_dir("/tmp")

Platform Support

Platform	OS Sandbox	Wasm Sandbox	microVM Sandbox
Linux (x86_64)	Landlock + Seccomp + Namespaces	Wasmtime	KVM (requires /dev/kvm + guest assets)
macOS (ARM64, Intel)	Seatbelt	Wasmtime	Not available

Isolation Layers

Layer	Backend	Best For
OS-level	Linux Landlock + Seccomp + Namespaces; macOS Seatbelt	Fast local commands, default smart routing
Wasm	Wasmtime + WASI	Deterministic portable workloads
microVM	Linux KVM + guest protocol + pools + snapshot/fork	Strong isolation, production workloads

Performance

Metric	P50
OS cold start	8.24 ms
Wasm cold start	1.01 ms
Warm pool acquire	0.19 µs
microVM cold start	253 ms
microVM snapshot restore (pooled)	28 ms

Status: MimoBox is in alpha (v0.1.x). It has not undergone a formal security audit. See SECURITY.md for threat model and known limitations.

Documentation

• Getting Started — Installation, CLI usage, and SDK examples
• Architecture — Workspace structure and smart routing
• API Reference — Rust SDK types and methods
• Python SDK — Python binding installation and usage
• MCP Server — Tool reference and client integration
• MCP Configuration — Templates for Claude Desktop, Cursor, VS Code
• Performance — Benchmark methodology and detailed metrics
• FAQ & Troubleshooting — Common issues and solutions

License

Licensed under either of Apache License, Version 2.0 or MIT license at your option.