I think that this is a plugin library for teams that want to offer a platform for the public (or an LLM-AI) to submit code to. If your team writes some code, you don't generally sandbox it from yourself, you just amend your program: you don't need a sandbox. But, if you want to run code that you don't trust, you should run it in a way that prevents it from causing problems if it is actually dangerous (like a virus or accidentally overwrites your files with blank files). That's what a sandbox like kyushu promises to do.
So, with a sandbox library like this, you could - say - write a website that hosts games (like itch.io or newgrounds) that hosts games on the world wide web. The sandbox part can give you confidence that, if a villain's programmer henchmen uploads a virus instead of a game, it can't infect your platform or other games on the website. Or, if a LLM-AI written game is accidentally tries to take up all the memory of the computer, it can't ask the operating system for more than is in the sandbox.
Firecracker launches small, but otherwise general purpose virtual machines. Containers, at least the standard implementations that most of us use, use kernel features like namespaces to isolate workloads, but still share a kernel so the sandboxing is not as strong.
Wasm is a virtual machine, just like for example the jvm is, that is designed around only allowing the executed program access to the host runtime via specific apis that are subject to security policies. It does not run arbitrary software, but rather only software built to target specifically wasm.
The software this post is about is just bundling a wasm runtime with other software for convenience.
Others mentioned better use cases than I could probably come with. Not sure it's a strong use case but, one thing I could maybe mention too is the fact that it ships as a standalone artifact. It's portable and, if reproducible, can provide some sort of guarantee on what's effectively running for those who care.
ELI5: Imagine you want to run a heavy, powerful 3D video game engine inside a standard web browser or a lightweight desktop app, without making it slow or unsafe.
JavaScript alone can't handle that kind of heavy lifting efficiently. That’s where Wasm comes in. It lets you run high-performance native code (like C++) at near-native speed safely in the sandbox.
For example, I'm currently using Wasm to run a complex 3D geometry engine (Manifold) inside a lightweight CAD app (Nasscad). It gives you web flexibility with desktop power.
I think they are asking about the tool itself, not WASM.
This tool seems useful for running 0 dependency JavaScript with isolation through web assembly as an alternative to the isolation and ease of use provided by tools such as cloudflare workers.
So, with a sandbox library like this, you could - say - write a website that hosts games (like itch.io or newgrounds) that hosts games on the world wide web. The sandbox part can give you confidence that, if a villain's programmer henchmen uploads a virus instead of a game, it can't infect your platform or other games on the website. Or, if a LLM-AI written game is accidentally tries to take up all the memory of the computer, it can't ask the operating system for more than is in the sandbox.