Tilde.run Launches Agent Sandbox Built on lakeFS to Mitigate AI Code Risks

Tilde.run has launched a new platform designed to allow AI agents to operate on real data within a transactional, versioned filesystem. The service addresses growing industry scrutiny regarding the deployment of autonomous code against production environments, specifically targeting risks such as rogue-agent outcomes, data exfiltration, and credential abuse. By treating every agent run as an atomic transaction, the tool ensures that any modifications to real data can be instantly rolled back upon failure without the need for manual cleanup or complex infrastructure management.

The platform enables users to compose resources from GitHub, Amazon S3, and Google Drive into a unified sandbox environment where every file is versioned from the first commit. This approach creates a single POSIX filesystem that allows any tool or language to interact with the data without requiring specific software development kits. The system guarantees reversibility, isolation, and auditability, ensuring that changes are staged and committed atomically only upon successful completion or explicit approval, effectively eliminating the fear of irreversible data loss during testing.

Security is enforced through strict default settings that block access to cloud metadata, private networks, and unauthorized hosts. Every outbound network call is audited and logged against the specific agent that initiated it, providing a clear trail of who did what and why down to the file level. This granular permission policy allows administrators to allow, deny, or require human approval for specific agents, repositories, or actions using a simple, readable DSL, thereby addressing historical concerns over prompt-injected callouts and unauthorized access.

Built on the lakeFS versioning foundation, the service reimagines the open-source data versioning layer previously trusted by major organisations to manage billions of objects for the autonomous AI agent era. The underlying technology provides granular permission policies and compliance reporting for autonomous code execution, leveraging a battle-tested versioning system to ensure stability and reliability. This integration allows users to generate compliance reports from uploaded contracts and browse the full timeline of changes to inspect diffs and revert any commit instantly.

The company claims a deployment time of 60 seconds for a first transactional, reversible agent run, allowing developers to spin up an isolated sandbox with everything their agent needs in minutes. Users can run commands and interactive shells in sandboxes from their terminal, stream output, and decide whether to commit the results or discard them entirely with one command. This capability is particularly relevant for CI/CD and agentic automation workflows where speed and safety are paramount.

As the sector grapples with past data breaches and amplified trust concerns surrounding AI-generated code, Tilde.run positions itself as a solution that removes the need for backups and manual intervention. By ensuring that every change is tied to the human, process, or agent that produced it, the platform aims to make autonomous code safe to use against real data while maintaining strict oversight over network interactions and data integrity.