reoring/botbox
Kubernetes sidecar that sandboxes container egress. Deny-by-default allowlist + automatic credential injection via iptables — no proxy config needed. Built for confining AI agents.
This tool helps platform engineers and security teams control what external services their AI agents and other containerized applications can connect to. It acts as a gatekeeper, ensuring that containerized code can only access pre-approved external services and never directly handles sensitive API keys. This means you can safely run experimental or untrusted code, knowing its network access is tightly restricted and auditable.
Use this if you are deploying AI agents or other potentially untrusted code in Kubernetes and need to strictly control their outbound network access and prevent credential leakage.
Not ideal if your application requires direct, unrestricted access to the internet without any egress filtering or credential management, or if you are not operating in a Kubernetes environment.
Stars
12
Forks
1
Language
Rust
License
MIT
Category
Last pushed
Feb 12, 2026
Commits (30d)
0
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/agents/reoring/botbox"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Featured in
Higher-rated alternatives
e2b-dev/E2B
Open-source, secure environment with real-world tools for enterprise-grade agents.
alibaba/OpenSandbox
OpenSandbox is a general-purpose sandbox platform for AI applications, offering multi-language...
e2b-dev/infra
Infrastructure that's powering E2B Cloud.
always-further/nono
Secure, kernel-enforced sandbox CLI and SDKs for AI agents. Capability-based isolation with...
boxlite-ai/boxlite
Sandboxes for every agent. Embeddable, stateful, snapshots, and hardware isolation.