This is something solved by a bunch of new sandboxes including ours - SmolVM
replyHey, this is exactly what we do at https://instavm.io Agents get persistent storage that outlive the sandbox and when the agent spins up again you get access to the computer with same files.
replySnapshotting a filesystem is trivial with e.g. btrfs. You can hook snapshot creation in your agent.
replyThat is a single one liner of btrfs subvolume snapshot, in a single hook configuration file, ready to be valued at $10B as quantum agentic versioned sandbox startup.
Part of the appeal (subjective, I know) of versioning is stuff like human-in-the-loop approvals. Think of a pull request: a change is requested by an agent, a human approves, changes get merged atomically. Even if other changes were applied since creation.
replyIsn't that like working on a codebase with an agent?
replyNanoclaw mounts each agent's folder to the ephemeral container.
replyjust get a $5 VPS or hetzner and you are good.
replyJust run it on your GitHub actions minutes
replyinfosec would like a word...
replywhich is the bare minimum that I hope people are doing , nothing about trusting a third party is any less or more secure.
replyExactly that!
reply