You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hi Smolagents team! 👋
I maintain Katakate (K7) — Secure sandbox VMs for executing untrusted code at scale.
🔐 Why Katakate could be a strong backend for Smolagents
Fully self-hosted
Python-first design — automation is pure Python + a lean Ansible playbook
→ easy for AI/Python engineers to customize, audit, and fork
Strong isolation using Kata Containers + Firecracker
→ lightweight VMs with real syscall + namespace isolation
Scales efficiently and Kubernetes orchestrated. You can even hit the K3s API directly of Katakate to manage your cluster
Proven ability to run 50+ micro-VMs on a 20-vCPU node (each ~0.3 vCPU)
Uses devmapper snapshotter + thin-pool + CoW for efficient storage at scale
Designed for LLM code-execution security: resource limits, restricted networking, fast teardown
Runs locally both on Linux AMD/ARM. It even runs on Mac if >=Sequoia + >=M3 Pro inside a Qemu VM, with near-zero virt. nesting overhead.
🧩 Proposal
I’d love to explore adding executor_type="k7" as a secure backend alongside the existing local / Docker / WASM options.
Repo for reference:
👉 https://github.com/katakate/k7
Happy to iterate quickly with your guidance — excited to explore whether this can help strengthen secure code execution in smolagents! 🙌
— Gary
Beta Was this translation helpful? Give feedback.
All reactions