The naive approach of running it locally creates massive risk, both adversarial ("lethal trifecta") and accidental (rm -fr ~/). Since the agent needs to run dependencies and Docker-in-Docker remains a nightmare, it's natural to consider the decade-old `vagrant up` workflow based on local VMs for isolation and disk snapshots. See for example Emil Burzo's "Running Claude Code dangerously (safely)", on HN not even a month ago. However in 2026 paying the overhead of local VMs, especially on ARM CPUs, feels terrible.
Enter fly.io's sprite backend: https://docs.sprites.dev/. In my (admittedly short) experience, sprites give me the best of all worlds — hardware‑isolated microVMs with fast startup, persistent disks, and checkpoint/restore — so I can keep a Vagrant‑style workflow without the VM overhead. As an added benefit, reduced latency to inference APIs makes the whole experience feel snappier.
This CLI tool provides me with a familiar command: `seven up` mirrors the old‑school `vagrant up` workflow, but is "made of sprite". Get it?
GitHub: https://github.com/1to10partners/seven
References:
* Fly.io Sprite docs: https://docs.sprites.dev/
* Fly.io Sprite announcement: https://fly.io/blog/code-and-let-live/
* Fly.io Sprite technical explainer: https://fly.io/blog/design-and-implementation/
* The “lethal trifecta” (Simon Willison): https://simonwillison.net/2025/Aug/9/bay-area-ai/
* My AI adoption journey (Mitchell Hashimoto): https://mitchellh.com/writing/my-ai-adoption-journey
* Running Claude Code dangerously safely (Emil Burzo): https://blog.emilburzo.com/2026/01/running-claude-code-dange...
* HN: Running Claude Code dangerously safely: https://news.ycombinator.com/item?id=46690907
* Ask HN: How are you sandboxing coding agents? https://news.ycombinator.com/item?id=46400129
* Run Your Agent in Firejail and Stay Safe: https://softwareengineeringstandard.com/2025/12/15/ai-agents...