IronClaw: a Rust-based clawd that runs tools in isolated WASM sandboxes

Posted by dawg91 8 hours ago

IronClaw: a Rust-based clawd that runs tools in isolated WASM sandboxes(github.com)

134 points | 65 commentspage 2

jgarzik 4 hours ago|

Does it isolate keys away from bots?

dawg91 3 hours ago|

Yes exactly, keys are only injected at host boundary

lenwood 6 hours ago||

Awesome to see a project deal with prompt injection. Using a WASM is clever. How does this ensure that tools adhere to capability-based permissions without breaking the sandbox?

frolvlad 5 hours ago||

Instead of expecting the tools to adhere, they are enforced. For example, to make an HTTP call with a secret key, the tool must use the proxy service that will enforce that the secret key is only used for the specific domain, if that is allowed, then the proxy service will make the call, thus the secret never leaks outside of the service.

However, this design is still under development as it creates quite a bit of challenges.

jonny_eh 5 hours ago||

> Using a WASM is clever

Every time a project is shared that uses WASM.

aussieguy1234 3 hours ago||

I built myself a docker container for openclaw which has an X server inside with VNC access. Openclaw only has access to a single folder on my machine that is shared with the container.

I'm currently using this for social media research via browser automation, running as a daily cron job.

Given I have VNC access and the browser is not in headless mode I can solve captchas myself as the agent runs into them.

Apart from a known issue with the openclaw browser which the agent itself was made aware of so it could work around it, this has been working well so far.

I'm thinking of open sourcing this container at some point...

928570490687298 3 hours ago||

These OpenAI frontends are the new JS frameworks. Not a week goes by without yet another tool to let some vectors install malware or write rants to open source maintainers.

Can't wait for the bubble to pop.

canadiantim 5 hours ago||

Reminds me of the LocalGPT that was posted recently too (but which hasnt been updated in 7 months), so nice to see a newer rust-based implementation!

llmslave 4 hours ago||

the power of openclaw is theres no sand boxing

dawg91 3 hours ago|

Or you design the sandbox so smartly that is seamless...

verdverm 5 hours ago||

I suspect OCI wins the sandbox space in the enterprise and everything else will be for hobbyists and companies like vercel that have a very narrow view of how software should be run

whalesalad 6 hours ago||

vibe coded eh https://github.com/nearai/ironclaw?tab=readme-ov-file#archit...

dawg91 5 hours ago|

I think the guys who are developing this (Illia Polosoukhin of "Attention is all you need") and others knows enough to leverage their skills with AI vs. producing slop

kittbuilds 5 hours ago|

[dead]

More comments...