And if I really need to kick off a box very quickly, OpenRouter Spawn seems like it'll do 95% of what I need it to do: https://github.com/OpenRouterLabs/spawn
Still missing better restrictions though.