Hardware Isolated
Stronger than shared-process agentsEach run executes behind a micro-VM boundary, reducing cross-run blast radius.
Capability-Bound Agent Runtime
Composable agent runtime with enforced isolation boundaries
Skills are declared capabilities.
Capabilities only exist when bound to an isolated execution boundary.
VoidBox = Agent(Skills) + Isolation
KVM micro-VM isolation
Agent-native skills
Claude Code runtime
Pipeline composition
rust
use void_box::agent_box::VoidBox;
use void_box::skill::Skill;
use void_box::llm::LlmProvider;
// Skills = declared capabilities
let hn_api = Skill::file("skills/hackernews-api.md")
.description("HN API via curl + jq");
let reasoning = Skill::agent("claude-code")
.description("Autonomous reasoning and code execution");
// VoidBox = Agent(Skills) + Isolation
let researcher = VoidBox::new("hn_researcher")
.skill(hn_api)
.skill(reasoning)
.llm(LlmProvider::ollama("qwen3-coder"))
.memory_mb(1024)
.network(true)
.prompt("Analyze top HN stories for AI engineering trends")
.build()?;
hn_researcher agent — live HN analysis with Ollama + Claude Code skills, running inside a KVM micro-VM
Why Choose VoidBox?
Agent runtime boundaries with the simplicity of declarative skills.
Composable Runtime
Multi-stage agents, explicitly boundedCompose single agents into pipelines with isolated stages.
Skill-Native
Capabilities declared, not improvisedMCP servers, SKILL files, and CLI tools are mounted as explicits skills.
Policy Enforced
Execution is constrained by designCommand allowlist, resource limits, seccomp, and controlled egress apply at runtime.
Claude Code Native Runtime
Canonical execution modelVoidBox runs claude-code by default. Ollama operates via Claude-compatible provider mode.
Observability Native
First-class Opentelemetry supportPer-stage traces, metrics, structured logs, and telemetry are emitted by design via OpenTelemetry.