Agentic Systems

Tilde: Transactional Sandboxes for Safe AI Agents

AI AgentsSandboxingAI SafetyCloud InfrastructureHuman-AI Collaboration
Added
Link133
Article: Very PositiveCommunity: NegativeDivisive
Tilde: Transactional Sandboxes for Safe AI Agents

Tilde provides a secure platform for running autonomous AI agents by treating every execution as a reversible transaction. It features isolated sandboxes with unified versioning for data from S3, GitHub, and Drive, ensuring that any action can be audited or undone. With granular permissions and network controls, it allows developers to safely deploy agents against real production data.

Key Points

  • Transactional Reversibility: Every agent run is a transaction that can be rolled back instantly, ensuring no permanent damage from rogue code or errors.
  • Unified Versioned Filesystem: Mounts diverse sources like GitHub, S3, and Google Drive into a single versioned sandbox where every change is tracked.
  • Security and Network Isolation: Isolated serverless containers prevent data exfiltration and unauthorized network calls through strict egress policies.
  • Granular RBAC and Human Approval: Agents are treated as first-class citizens with specific permissions, requiring human sign-off for sensitive actions.
  • Battle-Tested Infrastructure: Built on the same versioning foundation as lakeFS, providing a reliable platform for production-grade AI automation.

Sentiment

The community is largely skeptical, driven by sandbox fatigue and questions about differentiation. While the lakeFS foundation earns some technical respect and a few commenters express genuine interest, the dominant sentiment is that Tilde enters a crowded market without clearly articulating why it deserves attention over open-source alternatives or existing infrastructure tools. The creator's active engagement is appreciated but doesn't fully overcome the skepticism.

In Agreement

  • The versioned, composable filesystem built on lakeFS is a genuinely differentiated approach compared to git-based solutions that don't scale well for large data files
  • Human-in-the-loop approval gates via versioned changes (similar to pull requests) add meaningful safety for autonomous agent workflows
  • Persistent, versioned storage that outlives individual sandbox sessions solves a real pain point for agent developers who need stateful execution environments
  • The transactional approach to agent execution — where changes only commit atomically on success — is an excellent idea whose time has come
  • For data-heavy agentic workloads involving large files like parquet, images, and videos, a purpose-built versioned filesystem offers clear advantages over git

Opposed

  • Filesystem versioning cannot roll back external state mutations like API calls, database changes, or financial transactions, making the 'run without risk' claim misleading
  • Sandboxes are fundamental infrastructure that must be open source — closed-source SaaS sandboxes are unacceptable for building blocks this critical
  • Existing tools already solve this problem: S3 versioning, btrfs snapshots, Linux VMs with read-only mounts, and OCI containers can accomplish most of what Tilde offers
  • The market is oversaturated with sandbox products, and this category resembles vector databases during the RAG hype — a solution looking for a problem
  • The landing page and demo fail to effectively communicate what sets Tilde apart, spending too much time on baseline setup rather than showcasing unique value
  • Major cloud providers and AI companies like Anthropic will likely build comparable solutions, threatening the viability of startups in this space
Tilde: Transactional Sandboxes for Safe AI Agents | TD Stuff