Skip to content

vrn21/bouvet

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
crates
crates
 
 
docs
docs
 
 
images
images
 
 
scripts
scripts
 
 
terraform
terraform
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Cargo.toml
Cargo.toml
 
 
Dockerfile
Dockerfile
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

Bouvet Logo

Bouvet

Isolated code execution sandboxes for AI agents

AboutHow It WorksMCP ToolsDocumentation

License Rust Firecracker Ask DeepWiki

What is Bouvet?

Bouvet ("boo-veh") is an MCP server that creates secure, isolated sandboxes for AI agents to execute code.

When an AI agent needs to run Python, Node.js, or shell commands, Bouvet spins up a lightweight microVM in ~200ms. The code runs in complete isolation separate kernel filesystem and network then the sandbox is destroyed. Nothing persists, nothing leaks.

The problem it solves: AI agents need a safe place to run untrusted code. Docker isn't enough containers share the host kernel. Bouvet uses Firecracker microVMs for true hardware-level isolation the same technology that powers AWS Lambda.

Who it's for: Developers building AI agents with Claude, Cursor, or any MCP-compatible client who need secure code execution without managing infrastructure.

How It Works

┌─────────────┐     ┌─────────────┐     ┌─────────────────────────┐
│  AI Agent   │────▶│ bouvet-mcp  │────▶│  Firecracker microVM    │
│  (Claude)   │     │ (MCP Server)│     │  ┌─────────────────┐    │
└─────────────┘     └─────────────┘     │  │  bouvet-agent   │    │
                                        │  │  (guest daemon) │    │
                                        │  └─────────────────┘    │
                                        └─────────────────────────┘
  1. AI agent requests a sandbox via MCP
  2. Bouvet boots a microVM with your chosen toolchain
  3. Agent executes code, reads/writes files
  4. Sandbox is destroyed when done

Each microVM has ~256MB RAM, 1 vCPU, and a full Linux environment with Python, Node.js, and common dev tools pre-installed.

Features

  • True Isolation — Each sandbox is a separate VM, not a container
  • Fast Startup — Warm pool enables sub-200ms sandbox creation
  • Multi-Language — Python, Node.js, Rust, Bash, and shell access
  • MCP Native — Works with Claude, Cursor, and any MCP client

MCP Tools

Tool Description
create_sandbox Create a new isolated sandbox
destroy_sandbox Destroy a sandbox and free resources
list_sandboxes List all active sandboxes
execute_code Run Python, Node.js, or Bash code
run_command Execute shell commands
read_file Read file contents from sandbox
write_file Write file contents to sandbox
list_directory List directory contents

Documentation

Document Description
Self-Hosting Guide Deploy Bouvet on your own infrastructure
Configuration Environment variables and options
Architecture Technical deep dive

License

Apache 2.0 — See LICENSE for details.

Built with 🔥 Firecracker and 🦀 Rust

About

Sandbox for Agents

deepwiki.com/vrn21/bouvet

Topics

rust ai mcp sandbox agents

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Languages