Ask HN: VMs or containers for secure AI/Agent code execution?

4 points by ATechGuy 2 months ago | 3 comments
Do you use Docker containers or VMs to securely execute code generated by AI agent? What are pros/cons of your setup? Appreciate your insights.
  • pancsta 2 months ago
    Why not WASM?
    • ATechGuy 2 months ago
      Can you execute Python code under WASM? If so, how stable is that?
      • pancsta 1 month ago
        You can compile python to WASM, yes. Once you have a *.wasm you can run it anywhere, although the interop with the environment depends on source/destination.

        You probably want to run a sandbox for that generated code, eg mocked data, which is bound to your external python calls. WASI is the unified env for real-world APIs.