Alternatives and similar repositories for leash

Users that are interested in leash are comparing it to the libraries listed below

• lukehinds / nono
  A secure, kernel-enforced capability sandbox for AI agents
  ☆189Updated this week
• eqtylab / cupcake
  A native policy enforcement layer for AI coding agents. Built on OPA/Rego.
  ☆175Updated 3 weeks ago
• eqtylab / mcp-guardian
  Manage / Proxy / Secure your MCP Servers
  ☆192Updated 6 months ago
• portofcontext / pctx
  pctx is the execution layer for agentic tool calls. It exposes custom tools and MCP servers as code that runs in secure sandboxes for tok…
  ☆198Updated this week
• trailofbits / mcp-context-protector
  MCP security wrapper
  ☆208Updated 2 months ago
• dlorenc / multiclaude
  ☆461Updated last week
• wedow / ticket
  Fast, powerful, git-native ticket tracking in a single bash script. Dependency graphs, priority levels, zero setup.
  ☆523Updated this week
• Katakate / k7
  Your own self-hosted infra for lightweight VM sandboxes to safely execute untrusted code. CLI, API, Python SDK. ⭐ Star it if you like it!…
  ☆721Updated last month
• TryMightyAI / mighty-security
  Don't Simply Trust MCP Server Code, Validate and Scan
  ☆100Updated 5 months ago
• Use-Tusk / fence
  Lightweight, container-free sandbox for running commands with network and filesystem restrictions
  ☆496Updated this week
• simonw / llm-jq
  Write and execute jq programs with the help of LLM
  ☆192Updated last year
• PwnFunction / sandbox
  Run untrusted AI code safely, fast
  ☆189Updated last month
• mcp-shark / mcp-shark
  Wireshark-like forensic analysis for Model Context Protocol communications Capture, inspect, and investigate all HTTP requests and respo…
  ☆153Updated last week
• trailofbits / claude-code-devcontainer
  Sandboxed devcontainer for running Claude Code in bypass mode safely. Built for security audits and untrusted code review.
  ☆270Updated last week
• MCP-Defender / MCP-Defender
  Desktop app that automatically scans and blocks malicious MCP traffic in AI apps like Cursor, Claude, VS Code and Windsurf.
  ☆246Updated 5 months ago
• cased / sandboxes
  Universal API for cloud sandboxes + CLI
  ☆71Updated 3 weeks ago
• cosinusalpha / webctl
  Browser automation via CLI — for humans and agents
  ☆396Updated last week
• boldsoftware / sketch
  autonomous software apprentice
  ☆700Updated 3 weeks ago
• instavm / coderunner
  A secure local sandbox to run LLM-generated code using Apple containers
  ☆762Updated this week
• mcpgod / cli
  Fine-grained control over model context protocol (MCP) clients, servers, and tools. Context is God.
  ☆113Updated 7 months ago
• simonw / llm-plugin-tools
  A cookiecutter template for creating a new LLM plugin that adds tools to LLM
  ☆28Updated 8 months ago
• giantswarm / mcp-debug
  ☆36Updated last week
• aspectrr / fluid.sh
  Claude Code for Infrastructure
  ☆319Updated this week
• Adversis / mcp-snitch
  MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, an…
  ☆93Updated 3 months ago
• fulcrumresearch / quibbler
  ☆435Updated 2 months ago
• openshieldai / openshield
  OpenShield is a new generation security layer for AI models
  ☆84Updated last week
• amlalabs / amla-sandbox
  ☆289Updated last week
• apify / mcp-cli
  mcpc is a CLI client for MCP. It supports persistent sessions, stdio/HTTP, OAuth 2.1, JSON output for code mode, proxy for AI sandboxes, …
  ☆287Updated last week
• trvon / yams
  Persistent memory for LLMs and apps. Content-addressed storage with dedupe, compression, full-text and vector search.
  ☆364Updated this week
• geomys / sandboxed-step
  A GitHub Action that runs a command in a gVisor sandbox
  ☆179Updated 2 months ago