Containers. VMs. Sandboxes.
Without the chaos.
The blazing-fast Docker Desktop alternative. Run containers at lightning speed, spin up Firecracker VMs, and sandbox AI agents—all in complete isolation.
Requires macOS 14+ on Apple Silicon
What can ArcBox do?
The superpowers are endless.
Run containers
at lightning speed.
Docker-compatible containers that start in milliseconds, not minutes. No bloated VMs, just pure native performance.
Firecracker microVMs.
Spin up lightweight VMs in under 125ms. Perfect for isolated workloads with minimal overhead.
Sandboxed execution.
Run untrusted code safely in complete isolation.
Apple Silicon native.
Built from scratch for M1, M2, M3, and M4 chips.
Dev Containers support.
Full devcontainer.json support for reproducible dev environments.
Security first.
Hardened by default. No network access unless you explicitly allow it.
Run AI agents locally.
Fully isolated from your system.
AI agents are powerful—and unpredictable. ArcBox Desktop runs your local agents in fully isolated Firecracker microVMs, so they can do their work without ever touching your host machine.
No host access
Agents run inside their own microVM with a strict boundary between the sandbox and your system.
Full observability
Watch every syscall, network request, and file write as it happens in real-time.
Instant spin-up
Spin up a fully isolated agent environment in under 125ms with a single command.
$ arcbox sandbox create openclaw
Creating isolated Firecracker VM...
├─ Memory: 2GB allocated
├─ Network: Isolated bridge
├─ Filesystem: Read-only rootfs
└─ Security: Full syscall filtering
✓ Sandbox ready in 127ms
$ arcbox sandbox exec openclaw --prompt "analyze codebase"
Running in isolated environment...
▊
OpenClaw isolation
Even if OpenClaw goes rogue, your machine is untouched.
When you run OpenClaw inside ArcBox, the model operates inside a hardened Firecracker microVM. Network, disk, and I/O are completely severed from your host—so no matter what the model tries to do, it can't reach your system.
Network
Zero outbound access. OpenClaw can't exfiltrate data or phone home.
Disk
A scoped, ephemeral filesystem. Your files are never exposed.
I/O
Strictly audited device I/O. No keyboard sniffing, no clipboard access.
Process
Full syscall filtering via seccomp. No escape paths.
Network
Blocked
Disk
Ephemeral
I/O
Audited
Ridiculously fast.
By design.
ArcBox Desktop is built from scratch for Apple Silicon. No emulation layers, no Rosetta, no compromises.
Fully open-source.
Not just a README.
Some projects call themselves "open source" while only hosting a README, a few screenshots, and an issue template on GitHub. That's not open source—that's a landing page.
ArcBox Desktop is truly open source. Every line of code, every build script, every test—it's all on GitHub. Fork it, audit it, contribute to it.
Full source code
Not just binaries or a README
Actively maintained
Weekly commits, fast issue response
Open contributions
PRs welcome, community-driven
Battery included
Tests, docs, and build scripts
arcbox-dev/arcbox-desktop
Public repository
Recent activity
That's all. Except not.
Ready to ditch
Docker Desktop?
Join thousands of developers who switched to something faster, lighter, and built for the way they actually work.
Free for personal use. Pro plans available for teams.
$ arcbox run nginx
Starting container...
Ready in 47ms