Did somewhat exactly that for apple container based sandbox - Coderunner[1]. You can use it to safely execute ai generated code via an MCP at http://coderunner.local:8222
A fun fact about apple containers[2], it's more isolated than docker containers as in it doesn't share the VM across all containers.
A fun fact about apple containers[2], it's more isolated than docker containers as in it doesn't share the VM across all containers.
1. https://github.com/instavm/coderunner
2. https://github.com/apple/container