AI News HubLIVE
站内改写4 min read

Show HN: Sandbox AI-app lifecycle, from build to run

CapaKit is a macOS tool (for now) that securely builds, runs, tests, and shares AI apps in a sandboxed environment. It addresses the security gap where most tools only sandbox the runtime, leaving the build phase exposed, by isolating every step from build to run.

SourceHacker News AIAuthor: leroman

Public Alpha - macOS only (for now) Free to use

Securely build and run AI apps with coding agents.

Build, run, test, and share AI apps — sandboxed from build to run.

Explore Demo AI app Kits

bash

Install CapaKit:

$curl -fsSL https://capakit.com/install.sh | sh

$brew install capakit/tap/capakit

[✓] macOS releases are Apple Developer ID-signed and notarized; shell installer verifies the CapaKit signature.

Run an AI app Kit straight from GitHub:

$capakit run https://github.com/capakit/hello-world-demo-kit

[✓]App [hello-world] is running

[i]runtime: [ephemeral seatbelt sandboxes on macOS]

[i]host network endpoints:

protocol=[mcp] endpoint=[/mcp] url=http://127.0.0.1:50958/mcp

press Ctrl-C to stop

When you tell an agent what to build, you inherit how it built it.

AI apps quietly become your responsibility. Most tooling only sandboxes the runtime, completely ignoring the risky, messy parts before it.

The Problem

Build Phase

Exposed

Your Host

Secrets

Files

Run Phase

Isolated

Most tools only sandbox the running code.

Leaked Secrets Baked directly into code and configuration files.

Broad Permissions Agents operate with full access to your host machine.

Unsandboxed Builds Arbitrary scripts executing during npm install or builds.

The Solution

CapaKit Sandbox

Build Phase

Isolated

Run Phase

Isolated

Sandbox the entire app lifecycle.

No inherited environment or broad filesystem access.

No network by default. Traffic must be explicitly allowed.

Ephemeral, single-use sandboxes for every build and run.

Secrets resolved on-demand, never hardcoded.

Interactive Walkthrough

Watch how CapaKit transforms exposed, unsafe host work into a secure, sandboxed lifecycle contract.

The Definition

What Is an "AI app"?

It's a user-facing or agent-facing product with AI functionality. With CapaKit, it becomes a self-contained, sharable AI app Kit.

Standalone Web Interfaces Applications that ship entirely with their own built-in web UI.

Agentic Integrations Tools that plug directly into your agents via MCP or skills.

Models

Assets

Code

AI app Kit

Web UI

MCP

Skill

Why CapaKit?

AI apps come with burdens that quietly land on you.

CapaKit makes them explicit by default.

Security

Managing secrets, permissions, and blocking unwanted network access.

Handled by default and tailored for each app minimal needs.

Testing

Making sure code, logic, and agent flows work reliably end-to-end.

Structured testing from a service to full integration tests, run in isolation.

Deployment

Wiring up network endpoints, resolving dependencies, and manual installs.

Point CapaKit to a GitHub source, .capakit archive, or unpacked Kit folder.

Built for the Agentic Stack

MCP

A2A

OpenAI-compatible APIs

Skills

CapaKit natively speaks the protocols your agents already use. The same manifest runs locally today — and is designed to run anywhere tomorrow.

How It Works

One command flow. Sandboxed from build to run. No setup ceremony.

How It Works

Run an AI app Kit straight from GitHub:

$ capakit run https://github.com/capakit/hello-world-demo-kit

Output Hide

[✓] App [hello-world] is running

[i] runtime: [ephemeral seatbelt sandboxes on macOS]

[i] Kit origin: https://github.com/capakit/hello-world-demo-kit

[i] host network endpoints:

protocol=[mcp] endpoint=[/mcp] url=http://127.0.0.1:55020/mcp

press Ctrl-C to stop

Run it and install it locally as a Codex skill:

$ capakit run https://github.com/capakit/hello-world-demo-kit --global-skill codex

Output Hide

[✓] App [hello-world] is running

[i] runtime: [ephemeral seatbelt sandboxes on macOS]

[i] Kit origin: https://github.com/capakit/hello-world-demo-kit

[i] skill provider: [codex] root=/Users/user/.codex/skills

[i] Kit endpoint [/mcp] is installed as a local skill

[i] skill commands:

[hello-world]

[i] host skill files:

/Users/user/.codex/skills/hello-world/SKILL.md

/Users/user/.codex/skills/hello-world/hello-world

/Users/user/.codex/skills/hello-world/.hello-world.conf

installed skill files are temporary and will be deleted when this command exits

press Ctrl-C to stop

Clone and make it your own:

$ git clone https://github.com/capakit/hello-world-demo-kit

$ cd hello-world-demo-kit

Run tests in isolation:

$ capakit test

Output Hide

[i] test: loaded manifest file=[capability-test.yml] cases=[2]

[i] preparing workload command=[bun install]

[i] test: invoking exec preflight=[hello workload typechecks] command=[bun x tsc --noEmit]

[✓] test passed: hello workload typechecks

[i] test: AI app ready mode=[managed]

[i] mcp access method=[tools/call] path=[/mcp] tool=[hello-world] status=[200] outcome=[ok]

[✓] test passed: hello world tool returns structured text

[i] test: AI app stopped

Share it as a single file:

$ capakit kit package --out hello-world-demo-kit.capakit

Output Hide

[✓] created package at hello-world-demo-kit.capakit

$ capakit run hello-world-demo-kit.capakit

Output Hide

[✓] App [hello-world] is running

[i] runtime: [ephemeral seatbelt sandboxes on macOS]

[i] Kit origin: hello-world-demo-kit.capakit

[i] host network endpoints:

protocol=[mcp] endpoint=[/mcp] url=http://127.0.0.1:55569/mcp

press Ctrl-C to stop

Create a Kit

Tell your coding agent to use capakit and describe the app you want in plain product terms.

Example agent prompt:

Use capakit to create a new Kit called invoice-helper.

I want a web UI where I can upload invoice text and see extracted fields: vendor, date, total, and line items.

Add a HubSpot CRM integration. First ask me to confirm the extracted invoice details are correct, then use the HubSpot API client to enter them.

Expose the same workflow as a Codex skill I can install and use.

Add tests and leave clear run instructions.

Explore Demo AI app Kits

Built with CapaKit. Runnable with a single command straight from GitHub.

Kids Storybook Creator

Source ↗

stable-diffusion llama-cpp web UI MCP

$ capakit run \

https://github.com/capakit/kids-storybook-creator-demo-kit \

--mount models=~/.capakit/models # cache dir

Local Image Tagger

Source ↗

vision llama-cpp web UI MCP

$ capakit run \

https://github.com/capakit/local-image-tagger-demo-kit \

--mount images=/path/to/images \

--mount models=~/.capakit/models

Real Time Voice Chat

Source ↗

voice llama-cpp web UI

$ capakit run \

https://github.com/capakit/realtime-voice-demo-kit \

--mount models=~/.capakit/models

Created a useful Kit?

Submit a PR to feature your AI app Kit in the official Registry and share it with the community.

View Kit Registry ↗

AI app Kit Anatomy

An AI app Kit is the unit teams can standardize on.

Structure

hello-world-demo-kit/

Agent guidance

Capability manifest

Capability checks

Workloads

workloads/

hello workload source

Project summary

capability.yml

version: '1' name: hello-world

workloads: hello: endpoints:

  • mcp

runtime: source: toolchain: bun prepare: command: bun install network: full start: command: bun run src/index.ts

AGENTS.md

AI app Kit

This directory is an AI app Kit. Use CapaKit commands for workload lifecycle work.

Common Commands

capakit test capakit run --mode source capakit exec hello -- bun test

Runtime Rules

Do not run dependency installs directly on the host. Use declared mounts for host files. Keep secrets in CapaKit secret stores.

capability-test.yml

tests:

  • id: hello

kind: mcp target: exposed_path: /mcp request: tool: hello-world inputs: {} validations:

  • $.text.contains("hello world")

workloads/hello/src/index.ts

import { createWorkloadSdk } from "@capakit/sdk"; import { mountMcp } from "@capakit/sdk/mcp"; import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";

const sdk = createWorkloadSdk(); sdk.hijackConsoleLogging();

const mcpServer = new McpServer({ name: process.env.CAPAKIT_WORKLOAD_MID ?? "capakit-app", version: "0.0.0", });

mcpServer.registerTool( "hello-world", { description: "Print hello world", inputSchema: {}, }, async () => ({ content: [{ type: "text", text: "hello world" }], structuredContent: { text: "hello world" }, }), );

mountMcp(sdk, { endpoint: "/mcp", server: mcpServer, });

await sdk.start();

README.md

hello-world-demo-kit

Minimal demo AI app Kit.

Run

capakit run https://github.com/capakit/hello-world-demo-kit

Use as a Codex skill

capakit run https://github.com/capakit/hello-world-demo-kit --global-skill codex

The Kit exposes one MCP tool that returns hello world.

Who Is CapaKit For?

Developers & teams Going through AI-native transformation and needing standardized practices.

Builders Spinning up quick POCs with local/remote models, web UIs, MCP, A2A, or skills.

Security-conscious engineers Who don't want to run unknown or 3rd party code unsandboxed on their machine.

CapaKit Philosophy

Local-first You build it, you own it. You can run it anywhere any time, even offline.

Agent-native Designed from the ground up to be driven, written, and understood by coding agents.

Isolation by default Isolation is treated as a first-class concern, not an afterthought.