nono: a zero-latency sandbox for running AI agents with least-privilege security and zero setup

What it solves

It provides a secure, zero-latency sandbox for running AI agents (such as Claude Code, Codex, and CoPilot) without the overhead of traditional virtual machines, containers, or daemons. It prevents agents from accessing sensitive data like SSH keys or cloud credentials by enforcing a least-privilege environment.

How it works

nono creates a restricted execution environment that limits an agent's access to specific filesystem scopes and network allowlists. Users can pull pre-configured "profiles" from a central registry that bundle the necessary permissions, hooks, and skills for specific agents, or create their own custom profiles by extending existing ones.

Who it’s for

• AI Agent Developers who want to package and publish their agents with secure default configurations.
• Engineers and Teams who need to run AI agents in production or as part of their local development workflows without compromising system security.

Highlights

• Zero Setup: Runs in seconds with no VM, container, or disk space usage.
• Cross-Platform: Supports macOS, Linux, and Windows (WSL2).
• Profile Registry: Access to a community-driven registry of secured agent configurations.
• Extensible: Includes a composable policy system, L7 filtering, and credential injection.
• Multi-language Support: Provides FFI bindings for Rust, Python, TypeScript, and Go.