Skip to content

Vmette

Forensics & Incident Response

A hardware‑isolated Linux VM sandbox for running untrusted code on macOS, keeping secrets and network off the host until explicitly allowed.

Track releases GitHub
Rust Latest v0.11.0 · 3d ago Security brief →

Features

  • Creates a real hardware‑virtualized Linux guest that boots in ~1 second
  • Default‑deny networking and filesystem – nothing reaches the host unless granted
  • Ephemeral VMs: each run is fresh, leaving no persistence after shutdown
  • Provides Model Context Protocol (MCP) tools so any MCP‑aware agent can execute code inside the sandbox with one line of config

Recent releases

View all 12 releases →
Config change
v0.10.0 New feature
Auth Crypto / TLS

Host CA‑cert trust for guests

Open
No immediate action
v0.9.0 New feature

Desktop navigation + CA‑cert injection

Open
No immediate action
v0.8.0 New feature

Ephemeral ext4 scratch disk

Open
No immediate action
v0.7.0 New feature

quickstart & auto‑launch

Open
No immediate action
v0.6.0 Bug fix

Cursor rendering fixed

Open

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
4
Forks
1
Languages
Rust Shell C
View on GitHub

Install & Platforms

Install via
shell-script
Platforms
macos

Similar tools

microsandbox
sandbox
ArmorerLabs/Armorer-Guard
Ju571nK/sigil](https:
yuna0x0/hackmd-mcp

Alternative to

E2B Vercel Modal Docker

Beta — feedback welcome: [email protected]