Members-Only
Recent Talks & Demos are for members only
You must be an AI Tinkerers active member to view these talks and demos.
OpenClaw: Micro-VM Agent Sandboxing
Learn how OpenClaw agents run in isolated micro-VMs on Mac, with network and secret mediation, creating a robust trust boundary for secure tool execution.
I built agent-vm’s OpenClaw gateway: a local runtime layer that runs OpenClaw agents inside isolated QEMU micro-VMs on your Mac, where the controller boots an ephemeral VM, mounts a validated work directory, and proxies network traffic so tool execution stays inside the sandbox while host credentials and sensitive state stay outside it.
In the live demo, I’ll show the setup, the controller booting a Tool VM, and an actual OpenClaw agent running through agent-vm — including exec’ing into the VM to show the GitHub token is just a placeholder, then watching the agent push a doc my private repo in github.com succeed while the same outbound call to an attacker-controlled host is rejected by the mediation proxy.
I’ll walk through the main internals as they happen — sandboxing, VFS mounts, network isolation, and secret mediation — so builders can see how the trust boundary lives in the proxy and controller, not inside the VM.