[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-11223":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":9,"totalLinesOfCode":9,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":9,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":9,"rankLanguage":9,"license":9,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":22,"hasPages":22,"topics":24,"createdAt":9,"pushedAt":9,"updatedAt":43,"readmeContent":44,"aiSummary":45,"trendingCount":16,"starSnapshotCount":16,"syncStatus":46,"lastSyncTime":47,"discoverSource":48},11223,"nono","always-further\u002Fnono","always-further","Capability-based agent runtime with fine-grained policies . Brokering access directly within the agent's operating context, with zero setup and zero latency",null,"https:\u002F\u002Fgithub.com\u002Falways-further\u002Fnono","Rust",2627,183,10,134,0,41,82,263,123,105.79,false,"main",[25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42],"ai-agents","security","ai-agent-security","ai-security","code-execution","mcp","prompt-injection","runtime-security","sigstore","supply-chain-security","zero-trust","agent-sandbox","agent-security","ai-security-tool","llm-sandbox","llm-security","mcp-security","ai-agent-sandbox","2026-06-12 04:00:54","\u003Cdiv align=\"center\">\n\n\u003Cimg src=\"assets\u002Flogo.gif\" alt=\"nono logo\" width=\"600\"\u002F>\n\n\u003Cp>\n  From the creator of\n  \u003Ca href=\"https:\u002F\u002Fsigstore.dev\">\u003Cstrong>Sigstore\u003C\u002Fstrong>\u003C\u002Fa>\n  \u003Cbr\u002F>\n  \u003Csub>The standard for secure software attestation, used by PyPI, npm, brew, and Maven Central\u003C\u002Fsub>\n\u003C\u002Fp>\n\u003Cp>\n  \u003Ca href=\"https:\u002F\u002Fopensource.org\u002Flicenses\u002FApache-2.0\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-Apache%202.0-blue.svg\" alt=\"License\"\u002F>\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Falways-further\u002Fnono\u002Factions\u002Fworkflows\u002Fci.yml\">\u003Cimg src=\"https:\u002F\u002Fgithub.com\u002Falways-further\u002Fnono\u002Factions\u002Fworkflows\u002Fci.yml\u002Fbadge.svg\" alt=\"CI Status\"\u002F>\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fdocs.nono.sh\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDocs-docs.nono.sh-green.svg\" alt=\"Documentation\"\u002F>\u003C\u002Fa>\n\u003C\u002Fp>\n\u003Cp>\n  \u003Ca href=\"https:\u002F\u002Fdiscord.gg\u002FpPcjYzGvbS\">\n    \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FChat-Join%20Discord-7289da?style=for-the-badge&logo=discord&logoColor=white\" alt=\"Join Discord\"\u002F>\n  \u003C\u002Fa>\n   \u003Ca href=\"https:\u002F\u002Falwaysfurther.ai\u002Fcareers\">\n      \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FWe're_Hiring-Join_the_team-ff4f00?style=for-the-badge&logo=githubsponsors&logoColor=white\" alt=\"We're hiring\"\u002F>\n  \u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmarketplace\u002Factions\u002Fagent-sign\">\n    \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FSecure_Action-agent--sign-2088FF?style=for-the-badge&logo=github-actions&logoColor=white\" alt=\"agent-sign GitHub Action\"\u002F>\n  \u003C\u002Fa>\n\u003C\u002Fp>\n\n---\n\u003C\u002Fdiv>\n\n\n\u003Cdiv align=\"center\">\n\n\u003Cimg src=\"assets\u002Fterm.gif\" alt=\"nono terminal demo\" width=\"800\"\u002F>\n\n\u003C\u002Fdiv>\n\n> [!WARNING]\n> Early alpha -- not yet security audited for production use. Active development may cause breakage.\n\n\nMost sandboxes feel like sandboxes. Rigid, sluggish, and designed for a different problem entirely. nono was built from the ground up for AI agents - and the developer workflows they need to thrive - agent multiplexing, snapshots, credential injection, supply chain security out of the box. Develop alongside nono, then deploy anywhere: CI pipelines, Kubernetes, cloud VMs, microVMs. The one stop shop for all your clankers.\n\n---\n\n## Latest News\n\n- **nono registry** — The nono registry is now in alpha and available to try out. Host your skills, hooks, policies, and more in your own repository, then securely distribute them through the registry. This gives you the ability to run `nono pull org\u002Frepo` to pull agent skills and sandbox policies directly into the nono runtime. We are now in the process of migrating profiles out of tree and into their own packages. Check out the registry at: registry.nono.sh\n\n[All updates](https:\u002F\u002Fgithub.com\u002Falways-further\u002Fnono\u002Fdiscussions\u002Fcategories\u002Fannouncements)\n\n---\n\n**Platform support:** macOS, Linux, and [WSL2](https:\u002F\u002Fnono.sh\u002Fdocs\u002Fcli\u002Finternals\u002Fwsl2).\n\n**Install:**\n```bash\nbrew install nono\n```\n\nOther options in the [Installation Guide](https:\u002F\u002Fdocs.nono.sh\u002Fcli\u002Fgetting_started\u002Finstallation).\n\n---\n\n## Quick Start\n\nProfiles for [Claude Code](https:\u002F\u002Fdocs.nono.sh\u002Fcli\u002Fclients\u002Fclaude-code), [Codex](https:\u002F\u002Fdocs.nono.sh\u002Fcli\u002Fclients\u002Fcodex), [OpenCode](https:\u002F\u002Fdocs.nono.sh\u002Fcli\u002Fclients\u002Fopencode), [OpenClaw](https:\u002F\u002Fdocs.nono.sh\u002Fcli\u002Fclients\u002Fopenclaw), and Swival -- or [define your own](https:\u002F\u002Fdocs.nono.sh\u002Fcli\u002Ffeatures\u002Fprofiles-groups).\n\n## Libraries and Bindings\n\nThe core is a Rust library that can be embedded into any application. Policy-free - it applies only what clients explicitly request.\n\n```rust\nuse nono::{CapabilitySet, Sandbox};\n\nlet mut caps = CapabilitySet::new();\ncaps.allow_read(\"\u002Fdata\u002Fmodels\")?;\ncaps.allow_write(\"\u002Ftmp\u002Fworkspace\")?;\n\nSandbox::apply(&caps)?;  \u002F\u002F Irreversible -- kernel-enforced from here on\n```\n\nAlso available as [Python](https:\u002F\u002Fgithub.com\u002Falways-further\u002Fnono-py) , [TypeScript](https:\u002F\u002Fgithub.com\u002Falways-further\u002Fnono-ts), [Go](https:\u002F\u002Fgithub.com\u002Falways-further\u002Fnono-go)  bindings.\n\n## Key Features\n\n| Feature | Description |\n|---------|-------------|\n| **Kernel sandbox** | Landlock (Linux) + Seatbelt (macOS). Irreversible, inherited by child processes. |\n| **Credential injection** | Proxy mode keeps API keys outside the sandbox entirely. Supports keystore, 1Password, Apple Passwords. |\n| **Attestation** | Sigstore-based signing and verification of instruction files (SKILLS.md, CLAUDE.md, etc.). |\n| **Network filtering** | Allowlist-based host and endpoint filtering via local proxy. Cloud metadata endpoints hard-denied. |\n| **Snapshots** | Content-addressable rollback with SHA-256 dedup and Merkle tree integrity. |\n| **Policy profiles** | Pre-built profiles for popular agents and use cases. Custom profile builder for your own needs. |\n| **Audit logs** | Default event audit for supervised runs, optional append-only integrity hashing, and optional rollback-backed filesystem evidence. |\n| **Cross-platform** | Support for macOS, Linux, and WSL2. Native Windows support in planning. |\n| **Multiplexing** | Run multiple agents in parallel with separate sandboxes. Attach\u002Fdetach to long-running agents. |\n| **Runs anywhere** | Local CLI, CI pipelines, Containers \u002F Kubernetes, cloud VMs, microVMs. |\n\nSee the [full documentation](https:\u002F\u002Fdocs.nono.sh) for details and configuration.\n\n## Contributing\n\nWe encourage using AI tools to contribute. However, you must understand and carefully review any AI-generated code before submitting. Security is paramount. If you don't understand how a change works, ask in [Discord](https:\u002F\u002Fdiscord.gg\u002FpPcjYzGvbS) first.\n\n## Security\n\nIf you discover a security vulnerability, please **do not open a public issue**. Follow the process in our [Security Policy](https:\u002F\u002Fgithub.com\u002Falways-further\u002Fnono\u002Fsecurity).\n\n## License\n\nApache-2.0\n","nono 是一个基于能力的安全沙箱项目，专为AI代理设计，能够在零设置和零延迟的情况下直接在代理的操作环境中进行访问控制。它使用Rust语言开发，具备细粒度的策略管理和执行代码的能力，支持AI代理的多路复用、快照创建以及凭据注入等功能，并且内置了供应链安全特性。适用于需要在CI\u002FCD管道、Kubernetes集群、云虚拟机或微虚拟机等环境下运行AI代理的安全隔离场景。此外，nono还提供了一个注册表功能，允许用户托管和分发技能、钩子及策略，进一步增强了其灵活性与实用性。",2,"2026-06-11 03:31:27","trending"]