← Back to context

Comment by dbmikus

3 hours ago

Understand that it is annoying to spin up a heavyweight VM whenever running Claude Desktop, but I actually think per-app + agent virtualization is the future. Next version of an app is:

    1. micro VM
    2. agent on the VM
    3. software bundled into the VM

Then the agent is totally sandboxed at the hardware virtualization level. It can use the software tools on the VM or write its own. VM can control which software is "frozen" and which is open to agent modification. And VM can also control which services are exposed outside the VM through sockets, HTTP server, X window system, whatever

It's self-modifying apps that are sealed off from touching parts of the computer they shouldn't.

4 comments

dbmikus

Reply
danudey  2 hours ago

Not sure if this is deliberate or not but you're describing Docker Sandbox extremely closely. https://www.docker.com/products/docker-sandboxes/

  • dbmikus  2 hours ago

    Yeah, Docker Sandbox is in the right direction. But there's a lot of parts that are still not ironed out yet.

    How do you package a Docker Sandbox up into an app that can expose UI widgets, with an agent hiding behind them? What widgets is the agent allowed to modify? How do you run a workflow like "give agent all these files, modify the files, and do changeset management on the modifications?"

    I'm not 100% sure which part of these will be baked into the application standard format, and which are orthogonal. But current way of packaging up and running these agents doesn't feel right.

    I think about this a lot because my startup is building cloud VMs for agents to do code-gen and auto-validate changes, so we have a workflow like:

        1. git repo, skills, CLI tools, biz context goes in
    2. agent iterates against running dev environment
    3. changes go out into git PRs and CI

    I think this type of app/agent workflow will expand outside coding use-cases.

sudosteph  3 hours ago

Yep, I've been using a local vm-centric agent setup for about 3 months, and it works great. I think there is also value in the fact that with a local VM, you can have the same public IP address, so you're not relying on an EC2 EIP that may be blacklisted somewhere.

  • dbmikus  2 hours ago

    Yes, running locally certainly helps if you want your sandboxed AI to be able to use the internet without getting blackholed by Cloudflare