技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 30 · 1 current installs · 1 all-time installs
⭐ 0
安装量(当前) 1
🛡 VirusTotal :良性 · OpenClaw :可疑
Package:adisinghstudent/zeroboot-vm-sandbox
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :可疑
OpenClaw 评估
The SKILL.md describes a plausible Zeroboot VM sandbox service and the instructions match that purpose, but metadata omissions (no declared API key, no source/homepage), missing referenced docs, and reliance on third‑party packages / remote API calls create notable inconsistencies and privacy/verification risks.
目的
The skill's name and description (sub-millisecond Zeroboot KVM sandboxes) align with the runtime instructions (examples call api.zeroboot.dev and SDKs). However the registry metadata lists no required environment variables or primary credential while the SKILL.md clearly requires ZEROBOOT_API_KEY and installs third-party SDKs; the published source/homepage is unknown, which reduces provenance.
说明范围
The SKILL.md stays on-topic: it instructs installing SDKs and calling a remote exec API to run arbitrary code in a VM. This is expected for a remote sandboxing service, but it explicitly sends arbitrary user/agent-generated code to an external endpoint (api.zeroboot.dev) — a legitimate privacy/exfiltration risk that users must be aware of. The doc also references local files (docs/DEPLOYMENT.md) that are not present in the skill bundle.
安装机制
No install spec is embedded in the registry (instruction-only). SKILL.md tells users to pip/npm install zeroboot/@zeroboot/sdk — using public package registries is common but not vetted here. Because there is no linked homepage/repository or included code to verify, installing those packages carries the usual moderate risk of running third-party code.
证书
The skill requires an API key (ZEROBOOT_API_KEY) in its examples and runtime code but the registry metadata declares no required env vars or primary credential. This mismatch is a coherence problem: the credential is appropriate for the claimed purpose, but it should be declared up-front so users know what secrets the skill needs and can evaluate their scope.
持久
The skill does not request always:true, does not require config paths, and is instruction-only (no code written by the registry). It does not request persistent system privileges in the manifest.
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「zeroboot-vm-sandbox」。简介:Sub-millisecond VM sandboxes for AI agents using copy-on-write KVM forking via …。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/adisinghstudent/zeroboot-vm-sandbox/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: zeroboot-vm-sandbox
description: Sub-millisecond VM sandboxes for AI agents using copy-on-write KVM forking via Zeroboot
triggers:
- run code in a sandbox
- execute code safely in a VM
- create an isolated sandbox for AI agents
- spin up a VM sandbox fast
- use zeroboot to run untrusted code
- fork a VM with copy-on-write
- sub-millisecond sandbox execution
- secure code execution for AI
---
# Zeroboot VM Sandbox
> Skill by [ara.so](https://ara.so) — Daily 2026 Skills collection.
Zeroboot provides sub-millisecond KVM virtual machine sandboxes for AI agents using copy-on-write forking. Each sandbox is a real hardware-isolated VM (via Firecracker + KVM), not a container. A template VM is snapshotted once, then forked in ~0.8ms per execution using `mmap(MAP_PRIVATE)` CoW semantics.
## How It Works
```
Firecracker snapshot ──► mmap(MAP_PRIVATE) ──► KVM VM + restored CPU state
(copy-on-write) (~0.8ms)
```
1. **Template**: Firecracker boots once, pre-loads your runtime, snapshots memory + CPU state
2. **Fork (~0.8ms)**: New KVM VM maps snapshot memory as CoW, restores CPU state
3. **Isolation**: Each fork is a separate KVM VM with hardware-enforced memory isolation
## Installation
### Python SDK
```bash
pip install zeroboot
```
### Node/TypeScript SDK
```bash
npm install @zeroboot/sdk
# or
pnpm add @zeroboot/sdk
```
## Authentication
Set your API key as an environment variable:
```bash
export ZEROBOOT_API_KEY="zb_live_your_key_here"
```
Never hardcode keys in source files.
## Quick Start
### REST API (cURL)
```bash
curl -X POST https://api.zeroboot.dev/v1/exec
-H 'Content-Type: application/json'
-H "Authorization: Bearer $ZEROBOOT_API_KEY"
-d '{"code":"import numpy as np; print(np.random.rand(3))"}'
```
### Python
```python
import os
from zeroboot import Sandbox
# Initialize with API key from environment
sb = Sandbox(os.environ["ZEROBOOT_API_KEY"])
# Run Python code
result = sb.run("print(1 + 1)")
print(result) # "2"
# Run multi-line code
result = sb.run("""
import numpy as np
arr = np.arange(10)
print(arr.mean())
""")
print(result)
```
### TypeScript / Node.js
```typescript
import { Sandbox } from "@zeroboot/sdk";
const apiKey = process.env.ZEROBOOT_API_KEY!;
const sb = new Sandbox(apiKey);
// Run JavaScript/Node code
const result = await sb.run("console.log(1 + 1)");
console.log(result); // "2"
// Run async code
const output = await sb.run(`
const data = [1, 2, 3, 4, 5];
const sum = data.reduce((a, b) => a + b, 0);
console.log(sum / data.length);
`);
console.log(output);
```
## Common Patterns
### AI Agent Code Execution Loop (Python)
```python
import os
from zeroboot import Sandbox
def execute_agent_code(code: str) -> dict:
"""Execute LLM-generated code in an isolated VM sandbox."""
sb = Sandbox(os.environ["ZEROBOOT_API_KEY"])
try:
result = sb.run(code)
return {"success": True, "output": result}
except Exception as e:
return {"success": False, "error": str(e)}
# Example: running agent-generated code safely
agent_code = """
import json
data = {"agent": "result", "value": 42}
print(json.dumps(data))
"""
response = execute_agent_code(agent_code)
print(response)
```
### Concurrent Sandbox Execution (Python)
```python
import os
import asyncio
from zeroboot import Sandbox
async def run_sandbox(code: str, index: int) -> str:
sb = Sandbox(os.environ["ZEROBOOT_API_KEY"])
result = await asyncio.to_thread(sb.run, code)
return f"[{index}] {result}"
async def run_concurrent(snippets: list[str]):
tasks = [run_sandbox(code, i) for i, code in enumerate(snippets)]
results = await asyncio.gather(*tasks)
return results
# Run 10 sandboxes concurrently
codes = [f"print({i} ** 2)" for i in range(10)]
outputs = asyncio.run(run_concurrent(codes))
for out in outputs:
print(out)
```
### TypeScript: Agent Tool Integration
```typescript
import { Sandbox } from "@zeroboot/sdk";
interface ExecutionResult {
success: boolean;
output?: string;
error?: string;
}
async function runInSandbox(code: string): Promise<ExecutionResult> {
const sb = new Sandbox(process.env.ZEROBOOT_API_KEY!);
try {
const output = await sb.run(code);
return { success: true, output };
} catch (err) {
return { success: false, error: String(err) };
}
}
// Integrate as a tool for an LLM agent
const tool = {
name: "execute_code",
description: "Run code in an isolated VM sandbox",
execute: async ({ code }: { code: string }) => runInSandbox(code),
};
```
### REST API with fetch (TypeScript)
```typescript
const API_BASE = "https://api.zeroboot.dev/v1";
async function execCode(code: string): Promise<string> {
const res = await fetch(`${API_BASE}/exec`, {
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${process.env.ZEROBOOT_API_KEY}`,
},
body: JSON.stringify({ code }),
});
if (!res.ok) {
const err = await res.text();
throw new Error(`Zeroboot error ${res.status}: ${err}`);
}
const data = await res.json();
return data.output;
}
```
### Health Check
```bash
curl https://api.zeroboot.dev/v1/health
```
## API Reference
### `POST /v1/exec`
Execute code in a fresh sandbox fork.
**Request:**
```json
{
"code": "print('hello')"
}
```
**Headers:**
```
Authorization: Bearer <ZEROBOOT_API_KEY>
Content-Type: application/json
```
**Response:**
```json
{
"output": "hellon",
"duration_ms": 0.79
}
```
## Performance Characteristics
| Metric | Value |
|---|---|
| Spawn latency p50 | ~0.79ms |
| Spawn latency p99 | ~1.74ms |
| Memory per sandbox | ~265KB |
| Fork + exec Python | ~8ms |
| 1000 concurrent forks | ~815ms |
- Each sandbox is a real KVM VM — not a container or process jail
- Memory isolation is hardware-enforced (not software)
- CoW means only pages written by your code consume extra RAM
## Self-Hosting / Deployment
See [docs/DEPLOYMENT.md](docs/DEPLOYMENT.md) in the repo. Requirements:
- Linux host with KVM support (`/dev/kvm` accessible)
- Firecracker binary
- Rust 2021 edition toolchain
```bash
# Check KVM availability
ls /dev/kvm
# Clone and build
git clone https://github.com/adammiribyan/zeroboot
cd zeroboot
cargo build --release
```
## Architecture Notes
- **Snapshot layer**: Firecracker VM boots once per runtime template, memory + vCPU state saved to disk
- **Fork layer** (Rust): `mmap(MAP_PRIVATE)` on snapshot file → kernel handles CoW page faults per VM
- **Isolation**: Each fork has its own KVM VM file descriptors, vCPU, and page table — fully hardware-separated
- **No shared kernel**: Unlike containers, each sandbox runs its own kernel instance
## Troubleshooting
**`/dev/kvm not found` (self-hosted)**
```bash
# Enable KVM kernel module
sudo modprobe kvm
sudo modprobe kvm_intel # or kvm_amd
```
**API returns 401 Unauthorized**
- Verify `ZEROBOOT_API_KEY` is set and starts with `zb_live_`
- Check the key is not expired in your dashboard
**Timeout on execution**
- Default execution timeout is enforced server-side
- Break large computations into smaller chunks
- Avoid infinite loops or blocking I/O in sandbox code
**High memory usage (self-hosted)**
- Each VM fork starts at ~265KB CoW overhead
- Pages are allocated on write — memory grows with sandbox activity
- Tune concurrent fork limits based on available RAM
## Resources
- [API Reference](https://github.com/adammiribyan/zeroboot/blob/main/docs/API.md)
- [Architecture Docs](https://github.com/adammiribyan/zeroboot/blob/main/docs/ARCHITECTURE.md)
- [Deployment Guide](https://github.com/adammiribyan/zeroboot/blob/main/docs/DEPLOYMENT.md)
- [Homepage](https://zeroboot.dev)
- [GitHub](https://github.com/adammiribyan/zeroboot)