Arrakis: How To Build An AI Sandbox From Scratch - Abhishek Bhardwaj, OpenAI

8.5K views · Jun 03, 2025 · 40:18 min · Watch on YouTube ↗

Takeaway

Run AI-agent-generated code inside lightweight microVMs with snapshot/restore rather than containers — speed and isolation both matter at agent scale.

Summary

Arrakis is an open-source microVM-based sandbox for AI agents: boots <7s (vs ~40s VM), supports snapshot/restore for backtracking, port forwarding, and VNC + pre-installed Chrome for computer-use.
Uses microVMs over containers because KVM gives full kernel isolation against malicious or buggy agent code — containers share host kernel.
Exposes simple REST API (VMs, snapshots, commands, files) plus Python SDK, Go CLI and MCP server; configurable with standard Dockerfiles.
Talk walks Linux execution model -> namespaces/cgroups -> microVMs to explain why hypervisor-based isolation is preferred for agent code execution.
Tied to Linux/dev-kvm; Manus AI, Claude artifacts, ChatGPT Canvas are cited as similar sandbox-driven systems.

sandboxmicrovmagents

Original description

Arrakis (https://github.com/abshkbh/arrakis) provides MicroVM-based secure sandboxes for code execution and full computer use. It features first-class support for backtracking, a Python SDK, and a Model Context Protocol (MCP) server.

In this talk, we go under the hood to explore how to architect an AI sandbox from the ground up. We’ll also dive into why sandboxes are becoming essential infrastructure for AI models and agents — enabling the next big unlock in intelligence.

Links -
Slides for the talk available here - https://tinyurl.com/arrakis-aie
Vibe coding with Claude and Arrakis -https://x.com/abshkbh/status/1907480355529203809