Hello Hacker News! I'm Mark. I'm building Moru, an open-source runtime for AI agents that runs each session in an isolated Firecracker microVM. It started as a fork of E2B, and most of the low-level Firecracker runtime is still from upstream.

It lets you run agent harnesses like Claude Code or Codex in the cloud, giving each session its own isolated microVM with filesystem and shell access.

The repo is: https://github.com/moru-ai/moru

Each VM is a snapshot of a Docker build. You define a Dockerfile, CPU, memory limits, and Moru runs the build inside a Firecracker VM, then pauses and saves the exact state: CPU, dirty memory pages, and changed filesystem blocks.

When you spawn a new VM, it resumes from that template snapshot. Memory snapshot is lazy-loaded via userfaultfd, which helps sandboxes start within a second.

Each VM runs on Firecracker with KVM isolation and a dedicated kernel. Network uses namespaces for isolation and iptables for access control.

From outside, you talk to the VM through the Moru CLI or TypeScript/Python SDK. Inside, it's just Linux. Run commands, read/write files, anything you'd do on a normal machine.

I've been building AI apps since the ChatGPT launch. These days, when an agent needs to solve complex problems, I just give it filesystem + shell access. This works well because it (1) handles large data without pushing everything into the model context window, and (2) reuses tools that already work (Python, Bash, etc.). This has become much more practical as frontier models have gotten good at tool use and multi-step workflows.

Now models run for hours on real tasks. As models get smarter, the harness should give models more autonomy, but with safe guardrails. I want Moru to help developers focus on building agents, not the underlying runtime and infra.

You can try the cloud version without setting up your own infra. It's fully self-hostable including the infra and the dashboard. I'm planning to keep this open like the upstream repo (Apache 2.0).

Give it a spin: https://github.com/moru-ai/moru Let me know what you think!

Next features I'm working toward:

- Richer streaming: today it's mostly stdin/stdout. That pushes me to overload print/console.log for control-plane communication, which gets messy fast. I want a separate streaming channel for structured events and coordination with the control plane (often an app server), while keeping stdout/stderr for debugging.

- Seamless deployment: a deploy experience closer to Vercel/Fly.io.

- A storage primitive: save and resume sessions without always having to manually sync workspace and session state.

Open to your feature requests or suggestions.

I'm focusing on making it easy to deploy and run local-first agent harnesses (e.g., Claude Agent SDK) inside isolated VMs. If you've built or are building those, I'd appreciate any notes on what's missing, or what you'd prioritize first.