>_ Bashlet
Last login: Tue Oct 24 10:42:15 on ttys001
Open Source

Sandboxed
Bash
Execution

// Secure sandbox for AI agents.
// Execute shell commands safely.
// Multiple backends available.

quick_install.sh
$ curl -fsSL https://bashlet.dev/install.sh | sh
bash -- 80x24
~ bashlet create --name demo --mount ./src:/workspace
[INFO] Initializing sandbox...
[INFO] Setting up isolation...
[SUCCESS] Session 'demo' created
~ bashlet run demo "ls /workspace"
main.rs lib.rs tests/
~ bashlet run demo "cat /workspace/main.rs | head -3"
fn main() {
println!("Hello, world!");
}
~ bashlet terminate demo
[INFO] Tearing down sandbox...
[EXIT] Session terminated. Clean exit.
~

./Why_You_Need_A_Sandbox

# Let AI agents execute shell commands safely.
# Isolate untrusted code from your system.

echo "Give your AI agent safe access to the shell." >> manifesto.txt

┌──┐
folder_open

01_Filesystem

> Mount local directories
> Control access paths
> Read-only or read-write

┌──┐
check_circle

02_Isolation

> Run untrusted scripts
> Test in isolation
> No host system access

┌──┐
construction

03_Tooling

> Access standard CLI tools
> git, npm, pip
> Full shell capabilities

ROOT_ACCESS_CONTROL

// Robust runtime environment designed for unpredictability.
// Architecture Diagram follows:

010101010101010101 101010101010101010 001100110011001100 110011001100110011 010101010101010101 101010101010101010
shield_lock

Secure Isolation

Every session runs in a sandboxed environment.
Choose from multiple backends: WASM, Firecracker.
Host isolation: ENABLED.

isolation_level: "sandbox-hardened"
host_access: "mounted-dirs-only"
folder_shared

Dir Mounting

> Expose only needed dirs
> Mount at specific paths
> Everything else blocked

history

Sessions

> Persistent config
> Multi-step workflows
> State preserved

visibility
bug_report

Full Debuggability

The entire execution path remains visible.
See commands, file access, and output. No black boxes.

stdout: captured stderr: captured

./Usage

# Simple CLI for AI agents to run one-shot commands and persistent sessions.

bolt 01_One-Shot_Execution

# Run a single command in an isolated sandbox.

Shell 
# Basic command
bashlet exec "echo hello world"

# With mounted directory
bashlet exec --mount ./src:/workspace "ls /workspace"

# With environment variables
bashlet exec --env MESSAGE="Hello" "echo \$MESSAGE"

history 02_Session_Management

# Create persistent sandbox sessions that maintain configuration.

Shell 
# Create a session
bashlet create --name my-session --mount ./src:/workspace

# Run commands in the session
bashlet run my-session "ls /workspace"
bashlet run my-session "cat /workspace/README.md"

# Or create and run in one step (idempotent)
bashlet run dev -C --mount ./src:/workspace "ls /workspace"

# List active sessions
bashlet list

# Terminate when done
bashlet terminate my-session

$ Command_Reference

Command Description
bashlet exec "cmd" One-shot command execution in sandbox
bashlet create Create a new persistent session
bashlet run SESSION "cmd" Run command in an existing session
bashlet run SESSION -C "cmd" Run command, creating session if missing
bashlet list List all active sessions
bashlet terminate SESSION Terminate a session