We Reverse-Engineered Docker Sandbox's Undocumented MicroVM API (www.rivet.dev)

Docker has quietly released an undocumented API for spawning microVMs, which the community has reverse-engineered to create the open-source Sandbox Agent SDK. This new API allows developers to orchestrate coding agents within secure environments, offering a crucial advancement for safely running untrusted code, a task not well-suited for conventional Docker containers due to their shared kernel architecture. The move is significant as it enhances security measures for workloads such as AI coding agents like Claude and Codex, which require high levels of access while maintaining system integrity. The microVMs provide a lightweight virtualization option, enabling better isolation compared to traditional containers, which can expose hosts to risks if compromised. By implementing a separate kernel for each microVM, Docker Sandboxes offer an effective solution for risk-free execution of user-submitted scripts and multi-tenant applications. The SDK simplifies interaction with this undocumented API, allowing developers to create, manage, and communicate with multiple agents efficiently. While currently limited to specific agents and operating systems, this innovation paves the way for broader applications in secure coding assistance and containerized development environments.