An airlock for
AI‑generated code
AI agents write code fast. Reviewing it safely is slow. NeuraBox is a local governance layer — it sandboxes the agent, enforces your policy, and only exports code that passes.
neurabox exec -- aiderNative Sandbox
No Docker. Uses OS primitives: Windows Job Objects, Linux setpgid, macOS process groups.
Policy Gate
Define checks in nb-policy.yaml. Code only exports if all pass.
Token Optimization
Intercepts git/npm/npx to filter command output — saves 60–90% tokens.
Session Output
nb-policy.yaml
— your rules, your approvalblocks:
- ".env"
- "node_modules"
- ".git"
checks:
- cname: "no-internet-leak"
command: "curl -m 2 google.com || echo 'Safe: No internet'"
- cname: "structure"
command: "[ -d 'src/controllers' ] && [ -d 'src/routes' ]"
- cname: "test-suite"
command: "npm test"If any check fails, code is blocked. You see the diff, you approve.
Audit Log
{
"ID": "proxy-nb-proxy-abc123",
"Agent": "codex",
"Purpose": "implement login function",
"Files": ["auth.go (added)", "main.go (modified)"],
"Approved": true,
"TestPass": true,
"Timestamp": "2026-06-29T10:30:00Z"
}Install
npm install -g neuraboxThen: neurabox --init
Privacy
• No code, prompts, or files sent to any server except your AI provider.
• One anonymous ping per session to count unique users (opt‑out: NEURABOX_TELEMETRY_DISABLED=1).
• Everything runs locally — sandbox, graph, policy checks.
Supported Agents
Ready to audit?
Early beta — it works, but it's scrappy. Feedback welcome.