>_ Bashlet

Last login: Tue Oct 24 10:42:15 on ttys001

Open Source

Sandboxed
Bash
Execution

// Secure sandbox for AI agents.
// Execute shell commands safely.
// Multiple backends available.

quick_install.sh

$ curl -fsSL https://bashlet.dev/install.sh | sh

bash -- 80x24

➜ ~ bashlet create --name demo --mount ./src:/workspace

[INFO] Initializing sandbox...
[INFO] Setting up isolation...
[SUCCESS] Session 'demo' created

➜ ~ bashlet run demo "ls /workspace"

main.rs lib.rs tests/

➜ ~ bashlet run demo "cat /workspace/main.rs | head -3"

fn main() {
println!("Hello, world!");
}

➜ ~ bashlet terminate demo

[INFO] Tearing down sandbox...
[EXIT] Session terminated. Clean exit.

➜ ~

./Why_You_Need_A_Sandbox

# Let AI agents execute shell commands safely.
# Isolate untrusted code from your system.

echo "Give your AI agent safe access to the shell." >> manifesto.txt

┌──┐

folder_open

01_Filesystem

> Mount local directories
> Control access paths
> Read-only or read-write

┌──┐

check_circle

02_Isolation

> Run untrusted scripts
> Test in isolation
> No host system access

┌──┐

construction

03_Tooling

> Access standard CLI tools
> git, npm, pip
> Full shell capabilities

ROOT_ACCESS_CONTROL

// Robust runtime environment designed for unpredictability.
// Architecture Diagram follows:

010101010101010101 101010101010101010 001100110011001100 110011001100110011 010101010101010101 101010101010101010

shield_lock

Secure Isolation

Every session runs in a sandboxed environment.
Choose from multiple backends: WASM, Firecracker.
Host isolation: ENABLED.

isolation_level: "sandbox-hardened"

host_access: "mounted-dirs-only"

folder_shared

Dir Mounting

> Expose only needed dirs
> Mount at specific paths
> Everything else blocked

history

Sessions

> Persistent config
> Multi-step workflows
> State preserved

visibility

bug_report

Full Debuggability

The entire execution path remains visible.
See commands, file access, and output. No black boxes.

stdout: captured stderr: captured

./Usage

# Simple CLI for AI agents to run one-shot commands and persistent sessions.

bolt 01_One-Shot_Execution

# Run a single command in an isolated sandbox.

Shell

# Basic command
bashlet exec "echo hello world"

# With mounted directory
bashlet exec --mount ./src:/workspace "ls /workspace"

# With environment variables
bashlet exec --env MESSAGE="Hello" "echo \$MESSAGE"

history 02_Session_Management

# Create persistent sandbox sessions that maintain configuration.

Shell

# Create a session
bashlet create --name my-session --mount ./src:/workspace

# Run commands in the session
bashlet run my-session "ls /workspace"
bashlet run my-session "cat /workspace/README.md"

# Or create and run in one step (idempotent)
bashlet run dev -C --mount ./src:/workspace "ls /workspace"

# List active sessions
bashlet list

# Terminate when done
bashlet terminate my-session

settings 03_Presets

# Define reusable environment configurations in ~/.config/bashlet/config.toml

config.toml

# Define a preset with mounts and env vars
[presets.kubectl]
mounts = [
  ["/usr/local/bin/kubectl", "/usr/local/bin/kubectl", true],
  ["~/.kube", "/home/.kube", true]
]
env_vars = [["KUBECONFIG", "/home/.kube/config"]]
setup_commands = ["kubectl version --client"]

Shell

# Use a preset
bashlet create --name k8s --preset kubectl
bashlet exec --preset kubectl "kubectl get pods"

$ Command_Reference

Command	Description
bashlet exec "cmd"	One-shot command execution in sandbox
bashlet exec --preset NAME "cmd"	One-shot with preset configuration
bashlet create	Create a new persistent session
bashlet create --preset NAME	Create session with preset
bashlet run SESSION "cmd"	Run command in an existing session
bashlet run SESSION -C "cmd"	Run command, creating session if missing
bashlet list	List all active sessions
bashlet terminate SESSION	Terminate a session