jail-ai

Name: jail-ai
Author: cyrinux

cyrinux October 5, 2025

6 copies 0 downloads

A Rust-based jail wrapper for sandboxing AI agents (Claude, Copilot, Cursor, Gemini, Jules)

Agent Definition

# 🔒 jail-ai

A Rust-based jail wrapper for sandboxing AI agents using podman. Provides isolation, resource limits, and workspace management for secure AI agent execution.

[![Crates.io](https://img.shields.io/crates/v/jail-ai.svg)](https://crates.io/crates/jail-ai)
[![License](https://img.shields.io/badge/license-MIT%2FApache--2.0-blue.svg)](LICENSE)

## ✨ Features

- 🤖 **AI Agent Integration**: Pre-configured support for Claude Code, GitHub Copilot CLI, Gemini Agent, Gemini CLI, Codex CLI, Jules CLI, OpenCode, and Pi
- 🏗️ **Layered Container System**: Smart image building with automatic project type detection (Rust, Go, Node.js, Python, Java, PHP, C/C++, C#, Terraform, Kubernetes)
- ⚡ **Performance Optimizations**: LRU cache, batch operations, parallel builds, and background pre-fetching for faster execution
- 📦 **Nix Flakes Support**: Automatic detection and loading of Nix development environments
- 🔄 **Workspace Auto-mounting**: Current directory automatically mounted to `/workspace` in the jail
- 🔒 **Minimal Auth by Default**: Gemini auto-mounts only API credentials; other agents require explicit flags
- 🌍 **Environment Inheritance**: Automatically inherits `TERM`, timezone, and SSH agent socket
- 🔐 **Opt-in Git/GPG**: Enable git configuration and GPG signing with `--git-gpg` flag
- 🛡️ **Resource Limits**: Memory and CPU quota restrictions
- 🌐 **Network Isolation**: Configurable network access (disabled, private, or shared)
- 🔥 **eBPF-based Host Blocking**: Optional eBPF program to block container access to host IPs
- 📁 **Bind Mounts**: Support for read-only and read-write mounts

## 🚀 Installation

### Homebrew (macOS & Linux – recommended)

```bash
brew tap cyrinux/jail-ai https://github.com/cyrinux/jail-ai
brew install jail-ai
```

This installs the `jail-ai` binary, shell completions (bash/zsh/fish) and the man page.

**Container runtime (required):** pick one:

| Backend | Install | Platform |
|---------|---------|----------|
| **podman** | `br

Comments

More Agents

View all

research

NotebookLM

Google's AI-powered research notebook that ingests your documents and becomes an expert on your content. Generates audio overviews, study guides, FAQs, and interactive discussions from uploaded sources.

Google

browser

Project Mariner (Browser Agent)

Google DeepMind's experimental AI agent that can navigate websites, fill forms, and complete multi-step browser tasks autonomously. Uses Gemini's multimodal understanding to interact with web interfaces.

Google DeepMind

multimodal

Project Astra (Multimodal Agent)

Google DeepMind's universal AI assistant prototype that can see, hear, and respond in real-time through your device camera and microphone. Demonstrates the future of multimodal AI interaction.

Google DeepMind

enterprise

Gemini Enterprise Agent Platform

Google Cloud's enterprise platform for building, deploying, and managing AI agents powered by Gemini. Supports multi-agent orchestration, tool integration, and enterprise governance.

Google Cloud

research

Gemini Deep Research Agent

Gemini's agentic research capability that autonomously browses the web, synthesizes information from dozens of sources, and produces comprehensive research reports on any topic.

Google

canvas

Gemini Canvas Agent

Interactive coding and content creation agent that generates, previews, and iterates on code, documents, and interactive applications in a side panel. Supports HTML/CSS/JS, Python, and more.

Google

jail-ai

Tags

Comments

More Agents

NotebookLM

Project Mariner (Browser Agent)

Project Astra (Multimodal Agent)

Gemini Enterprise Agent Platform

Gemini Deep Research Agent

Gemini Canvas Agent