I've been using this for a few months to provide a defensible sandboxed execution environment for internal software stacks.
It's basically a single file bwrap+AppArmor virtualenv wrapper with practically zero startup time and provides a easy way to provide your agent the ability to write code for, and run it against an internal virtualenv software stack.
It's basically a single file bwrap+AppArmor virtualenv wrapper with practically zero startup time and provides a easy way to provide your agent the ability to write code for, and run it against an internal virtualenv software stack.
No container build or equivalent overhead.