CapaKit sandboxes the full AI app lifecycle, from build to run
CapaKit is a free, macOS-only tool by leroman that sandboxes the entire AI app lifecycle — including build, test, and run phases — to keep agent-driven development safe without sacrificing speed.
Score breakdown
CapaKit is notable for extending sandbox security to the build phase — including dependency installation and script execution — which the author identifies as a gap left by most existing security tools that only protect the app runtime.
- 01CapaKit sandboxes the entire AI app lifecycle — build, test, and run — not just the runtime.
- 02Each build and run uses an ephemeral, single-use sandbox with per-app policies and workload-level isolation.
- 03No outbound network traffic is allowed by default; it must be explicitly permitted.
leroman, the author, describes CapaKit as a full-time, unfunded project started in early 2025 — originally under the name mcpgate.com — following Anthropic's announcement of MCP. The core motivation is that coding agents delegate trust to automated processes (pulling dependencies, running scripts, writing code) while the developer retains responsibility, yet most security tools only sandbox the app runtime and ignore the build phase entirely.
CapaKit addresses this by sandboxing the entire app lifecycle: building, testing, and running are all treated as first-class security and usability concerns.
CapaKit addresses this by sandboxing the entire app lifecycle: building, testing, and running are all treated as first-class security and usability concerns. Concretely, this means per-app policies with workload-level isolation, no inherited host environment, no broad filesystem access, no outbound network traffic by default (explicit allowlisting required), ephemeral single-use sandboxes for every build and run, and secrets resolved on demand rather than hardcoded.
On the usability side, apps are packaged as Kits that can be uploaded to GitHub and run by anyone with a single command: `capakit run https://github.com/capakit/hello-world-demo-kit`. CapaKit is currently macOS-only and free to use.
Key facts
- 01CapaKit sandboxes the entire AI app lifecycle — build, test, and run — not just the runtime.
- 02Each build and run uses an ephemeral, single-use sandbox with per-app policies and workload-level isolation.
- 03No outbound network traffic is allowed by default; it must be explicitly permitted.
- 04No inherited host environment and no broad filesystem access.
- 05Secrets are resolved on demand instead of being hardcoded into config.
- 06Apps packaged as Kits can be run by anyone with a single `capakit run <GitHub URL>` command.
- 07CapaKit is currently macOS-only and free to use; it was self-funded and started in early 2025.
Topics
Summary and scoring are generated automatically from the original article. We always link back to the publisher and never republish images or paywalled content. Last processed Jun 9, 2026 · 17:05 UTC. How this works →