Scripts2026年5月25日·1 分钟阅读

IronClaw — Privacy-First Agent Operating System

An agent operating system built by NEAR AI that emphasizes privacy, security, and extensibility. IronClaw provides a sandboxed runtime for autonomous AI agents with WebAssembly-based isolation.

Agent 就绪

Agent 可直接安装

这个资产可安装;Agent 先选择当前运行时、检查安装计划,再运行匹配命令。

Native · 98/100策略:允许
Agent 入口
任意 MCP/CLI Agent
类型
Skill
安装
Single
信任
信任等级:Established
入口
IronClaw Overview
直接安装命令
npx -y tokrepo@latest install af5ce8d5-57f1-11f1-9bc6-00163e2b0d79 --target codex

先 dry-run 确认安装计划,再运行此命令。

Introduction

IronClaw is an agent operating system from NEAR AI that provides a secure, extensible runtime for autonomous AI agents. Built in Rust with WebAssembly sandboxing, it ensures that agents execute within strict security boundaries while maintaining the flexibility to interact with external tools and data sources.

What IronClaw Does

  • Provides a sandboxed execution environment for AI agents using WebAssembly
  • Enforces capability-based security so agents can only access explicitly granted resources
  • Supports CodeAct-style agent interactions with file systems and tools
  • Manages agent lifecycle including startup, execution, and graceful termination
  • Offers an extensible plugin system for adding custom capabilities

Architecture Overview

IronClaw uses a layered architecture with a Rust core that manages agent processes inside WebAssembly sandboxes. The WASM runtime provides memory isolation and deterministic execution. A capability system controls what each agent can access: file I/O, network calls, and subprocess execution are all gated by explicit permissions. The plugin layer allows extending agent capabilities without modifying the core.

Self-Hosting & Configuration

  • Build from source with the Rust toolchain (stable channel)
  • Configure agent permissions via a TOML manifest file per agent
  • Set resource limits (memory, CPU time, file system scope) in the runtime configuration
  • Plugins are loaded from a designated directory at startup
  • Logging output can be directed to files or standard output

Key Features

  • WebAssembly-based sandboxing for strong agent isolation
  • Capability-based permission model for fine-grained access control
  • Built in Rust for memory safety and performance
  • Extensible plugin architecture for custom tools
  • Compatible with CodeAct and ReAct agent patterns

Comparison with Similar Tools

  • E2B — cloud-hosted sandboxes; IronClaw runs locally with WASM isolation
  • OpenShell (NVIDIA) — similar local agent runtime; IronClaw uses WASM for stronger isolation
  • Docker-based sandboxes — heavier weight; IronClaw's WASM sandboxes start in milliseconds
  • Daytona — cloud-first dev environments; IronClaw is a local-first agent OS

FAQ

Q: What is the performance overhead of WASM sandboxing? A: Minimal for I/O-bound agent tasks. The WASM runtime adds single-digit millisecond overhead per tool call.

Q: Can agents access the internet? A: Only if the network capability is explicitly granted in the agent's permission manifest.

Q: Which AI models can agents use? A: IronClaw is model-agnostic. Agents call external model APIs or local inference servers through granted capabilities.

Q: Is it production-ready? A: IronClaw is under active development. It is usable for experimentation and development but the API surface may change.

Sources

讨论

登录后参与讨论。
还没有评论,来写第一条吧。

相关资产