Containarium

v0.16.10 Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 19d Virtualization

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

agent-native agentic-ai cloud-cost-efficiency dev-environment lxc lxc-container

+2 more

multi-tenant ssh

Summary

AI summary

Three binaries added: containarium, mcp-server, and agent-box.

Changes in this release

Type	Severity	Summary	CVE
Feature
Feature	Medium	MCP client can be wired into Claude Code via configuration. MCP client can be wired into Claude Code via configuration. Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Medium	agent-box provides in‑the‑box file and shell operations over SSH. agent-box provides in‑the‑box file and shell operations over SSH. Source: llm_adapter@2026-05-21 Confidence: high	—
Feature	Low	Three binaries are shipped: containarium, mcp-server, and agent-box. Three binaries are shipped: containarium, mcp-server, and agent-box. Source: granite4.1:30b@2026-05-22-audit Confidence: low	—
Feature	Low	containarium serves as the platform daemon and CLI on the host or laptop. containarium serves as the platform daemon and CLI on the host or laptop. Source: granite4.1:30b@2026-05-22-audit Confidence: low	—
Feature	Low	mcp-server runs on the user's laptop for out-of-the-box admin operations. mcp-server runs on the user's laptop for out-of-the-box admin operations. Source: granite4.1:30b@2026-05-22-audit Confidence: low	—
Feature	Low	agent-box operates inside each container to provide in‑the‑box MCP commands. agent-box operates inside each container to provide in‑the‑box MCP commands. Source: granite4.1:30b@2026-05-22-audit Confidence: low	—
Feature	Low	Quick install script is provided for Linux hosts via curl and sudo. Quick install script is provided for Linux hosts via curl and sudo. Source: granite4.1:30b@2026-05-22-audit Confidence: low	—
Feature	Low	Manual installation instructions are given for any binary on any platform. Manual installation instructions are given for any binary on any platform. Source: granite4.1:30b@2026-05-22-audit Confidence: low	—
Feature	Low	Checksum verification can be performed using the included SHA256SUMS.txt file. Checksum verification can be performed using the included SHA256SUMS.txt file. Source: granite4.1:30b@2026-05-22-audit Confidence: low	—
Dependency	Medium	Release includes binaries for Linux x86_64, macOS arm64, and container images. Release includes binaries for Linux x86_64, macOS arm64, and container images. Source: llm_adapter@2026-05-21 Confidence: low	—

Full changelog

Containarium v0.16.10

The open-source, self-hostable, agent-native sandbox.

Binaries

Three binaries ship in this release:

| Binary | Where it runs | What it does |
|---|---|---|
| containarium | The host (and your laptop, for the CLI) | The platform daemon + CLI. create, list, expose-port, ssh-config, etc. |
| mcp-server | Your laptop | The platform MCP — outside-the-box admin (create_container, list_containers, expose_port, list_backends). Wire it into Claude Code / Cursor. |
| agent-box | Inside each Containarium container | The in-the-box MCP — shell_exec, read_file, write_file, etc. Reached over stdio, typically via SSH. |

Quick install (Linux host)

curl -fsSL https://raw.githubusercontent.com/footprintai/containarium/main/hacks/install.sh | sudo bash

Manual install (any binary, any platform)

# containarium CLI / daemon (Linux x86_64 example)
curl -L -o /usr/local/bin/containarium \
  https://github.com/footprintai/containarium/releases/download/v0.16.10/containarium-linux-amd64
chmod +x /usr/local/bin/containarium

# platform MCP (your laptop, e.g. macOS arm64)
curl -L -o /usr/local/bin/mcp-server \
  https://github.com/footprintai/containarium/releases/download/v0.16.10/mcp-server-darwin-arm64
chmod +x /usr/local/bin/mcp-server

# agent-box (drop into your container image, Linux x86_64)
curl -L -o /usr/local/bin/agent-box \
  https://github.com/footprintai/containarium/releases/download/v0.16.10/agent-box-linux-amd64
chmod +x /usr/local/bin/agent-box

Verify checksums via SHA256SUMS.txt.

MCP client setup

Wire the platform MCP into Claude Code (~/.claude.json):

{
  "mcpServers": {
    "containarium": {
      "command": "/usr/local/bin/mcp-server",
      "env": {
        "CONTAINARIUM_SERVER_URL": "http://your-host:8080",
        "CONTAINARIUM_JWT_TOKEN": "<your-token>"
      }
    }
  }
}

Wire agent-box for in-the-box file/shell ops:

{
  "mcpServers": {
    "containarium-box": {
      "command": "ssh",
      "args": ["user@your-box", "agent-box"]
    }
  }
}

See README.md for the full agent-native walkthrough.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Containarium

Get notified when new releases ship.

About Containarium

All releases →