Local-First Sandboxes
for AI Agents on macOS.
Lightweight Linux VMs powered by Apple Virtualization.framework. Ephemeral by default. No Docker required.
Fast, Ephemeral, Stateful.
Infrastructure for AI Agents.
Ephemeral by Default
Every run starts from a clean rootfs. Install anything, break anything. Nothing persists unless you save it.
Checkpoints
Save disk state as named snapshots. Restore, branch, and iterate. Like git commits for your environment.
Apple Silicon Native
Built on Virtualization.framework. No emulation layer, no Docker dependency. Near-native speed on ARM64.
Simple CLI.
Run, checkpoint, restore.
Ephemeral runs
Boot a fresh VM with a single command. Changes vanish on exit.
Opt-in networking
Sandboxes are offline by default. Enable NAT with one flag.
Configurable resources
Set CPUs, memory, and disk size per run or in a config file.
Directory mounts
Share host directories into the VM. Writes stay in a tmpfs overlay.
Checkpoint & restore
Save environments as snapshots. Branch and reuse across runs.
Port forwarding
Expose guest ports to the host. Works without network access.
$ shuru run -- echo "hello from the sandbox"
hello from the sandbox
$ shuru run -- cat /etc/os-release | head -1
NAME="Alpine Linux"
# VM boots, runs, and tears down — nothing persists.
$ shuru run -- ping -c1 8.8.8.8
ping: sendto: Operation not permitted
$ shuru run --allow-net -- apk add python3
fetch https://dl-cdn.alpinelinux.org/...
OK: 45 MiB in 28 packages
$ shuru run --cpus 4 --memory 4096 -- free -m | head -2
total used free
Mem: 4096 38 4002
$ shuru run --disk-size 2048 -- df -h /
Filesystem Size Used Avail Use% Mounted on
/dev/vda 2.0G 18M 1.9G 1% /
$ shuru run --mount ./src:/workspace -- ls /workspace
main.py utils.py tests/
$ shuru run --mount ./src:/workspace -- sh -c 'echo "new" > /workspace/tmp && cat /workspace/tmp'
new
# Host directory is untouched. Guest writes live in a tmpfs overlay.
$ shuru checkpoint create myenv --allow-net -- sh -c 'apk add nodejs npm'
shuru: checkpoint 'myenv' saved
$ shuru run --from myenv -- node -e 'console.log("ready")'
ready
# Restore any checkpoint instantly. Branch and reuse.
$ shuru checkpoint create py --allow-net -- apk add python3
shuru: checkpoint 'py' saved
$ shuru run --from py -p 8080:8000 -- python3 -m http.server 8000
shuru: forwarding 127.0.0.1:8080 -> guest:8000
$ curl http://127.0.0.1:8080/
<!DOCTYPE HTML>...
# No --allow-net needed. Tunneled over vsock.
Built for Agents.
Safe execution for any workload.
Code Execution
Run AI-generated code in isolated VMs with real-time output.
Tool Use
Let agents install packages, compile code, and use system tools safely.
Evaluations
Spin up parallel sandboxes for reproducible evals across environments.
Development
Disposable Linux environments for testing, debugging, and prototyping.
Works with your agent.
Install once, sandbox everything.
Shuru ships as an agent skill. Once installed, AI agents automatically use shuru run whenever they need sandboxed execution — no prompting required.
Skills CLI
Install with one command. Works across Claude Code, Cursor, Copilot, and more.
$ npx skills add superhq-ai/shuru
Manual
Copy the skill into your project or home directory for Claude Code.
$ cp -r skills/shuru .claude/skills/shuru
Get started in seconds.
One command to install. One command to run.
# Install
$ curl -fsSL https://shuru.run/install.sh | sh
# Run your first sandbox
$ shuru run