What this artifact is for
The quick orientation layer before you go deeper upstream.
Summary
Description: “a capability-based, multiplexing sandbox tool, built for developers - lift'n'shift seamless path to prod. Run agents securely without needing any additional infra, zero setup, zero latency.”
Seed description: Secure, kernel-enforced capability sandbox for AI agents (Landlock on Linux, Seatbelt on macOS) — blocks dangerous commands and enforces OS-level security primitives
Category: Tools & Utilities
Best for: Adding OS-level safety boundaries around agent workflows
How to read this page
Workflow tags: safety
Integrations: github, claude-code, codex
Caveats: No caveats captured yet
Maturity: No maturity signals captured
README excerpt
More of the actual upstream surface so you can skim here before deciding to open the repo.
From the creator of Sigstore The standard for secure software attestation, used by PyPI, npm, brew, and Maven Central
[!WARNING] Early alpha -- not yet security audited for production use. Active development may cause breakage.
[!NOTE] Claude Code Logins from within the sandbox - there has been a regression in v0.36.0 impacting claude code logins - which we hope is now fixed in v0.37.0. If however, you're still seeing the issue, please open an issue…
Preview source: captured upstream text ↗
Quick topics
Skim bullets
- WSL2 support -- Auto-detection with ~84% feature coverage out of the box. Run nono setup --check-only to see what's available. (#522)
Sources and provenance
Everything on this page should be traceable back to the list seed or an upstream surface.
Discovery reason: Listed in the awesome-pi-agent README
Discovered from: seed artifact
Claim confidence: high
Surface capture kind: repo-readme