Yoru

Yoru creates secure AI agents for sensitive data. Every code snippet runs in isolated sandboxes and passes Semgrep security checks first—stopping vulnerabilities before execution.

Comment

Inspiration

In an era where AI agents are being deployed across enterprise environments, we noticed a critical gap: security shouldn't be an afterthought. Existing AI agent platforms focus on capabilities but often compromise on security, leaving sensitive data vulnerable. We envisioned Yoru—an AI agent platform where every autonomous action happens within isolated sandboxes and every line of generated code is validated by Semgrep before execution. Our inspiration came from the hackathon's challenge to build agents that enterprises can actually trust with their most sensitive workloads.

What we learned

Building Yoru taught us that security and autonomy don't have to be mutually exclusive. We learned:

  1. Sandbox isolation is non-negotiable: By running agents in Daytona-powered Docker containers, we prevent unauthorized file system access, network breaches, and resource exhaustion while maintaining full autonomous capabilities.
  2. Static analysis catches what humans miss: Integrating Semgrep MCP for automatic code validation revealed vulnerabilities we didn't anticipate—SQL injections, hardcoded secrets, and command injection patterns that would have slipped through manual review.
  3. Real-time security feedback loops matter: Scanning code immediately after generation (not just before deployment) creates a proactive security posture that prevents issues from propagating through multi-step agent workflows.
  4. Enterprise trust requires defense in depth: Our dual-layer approach (runtime isolation + static analysis) proved that combining multiple security mechanisms is essential for production AI deployments.

How we built Yoru

Architecture: We built Yoru from the ground up as a security-first AI agent platform, designing every component with isolation and validation at its core.

Backend (Python/FastAPI): • Architected a custom agent orchestration system with built-in security checkpoints • Integrated Daytona SDK for secure sandbox lifecycle management • Developed a comprehensive Semgrep security tool (sb_semgrep_tool.py) from scratch with: ◦ Automatic file scanning after every code generation event ◦ Configurable rulesets (security-audit, secrets detection, language-specific patterns) ◦ Smart caching to minimize performance overhead • Built thread management system with security validation at every execution step • Implemented LiteLLM integration for multi-provider AI model support

Sandbox Environment (Docker): • Designed and configured isolated execution environments from scratch with: ◦ Chrome browser for autonomous web interactions ◦ VNC server for real-time visual debugging ◦ Supervisor for robust process management ◦ Secure workspace isolation with full sudo access inside containers (zero host access) • Engineered auto-stop (15 min) and auto-archive (30 min) policies to prevent resource exhaustion • Created custom Docker images with pre-installed security tooling

Frontend (Next.js/React): • Built a comprehensive agent management dashboard featuring: ◦ Real-time security scan results visualization ◦ Interactive tool execution panels showing Semgrep findings inline ◦ Live sandbox monitoring with VNC integration ◦ Complete audit logs for all operations • Designed custom UI components for threat visualization and remediation workflows

Security Integration Flow (Our Innovation):

  1. Agent generates/modifies code
  2. Code written to isolated /workspace in sandbox
  3. Semgrep tool automatically invoked before execution
  4. Scan results analyzed and returned to agent
  5. Agent either auto-remediates security issues or proceeds with validated code
  6. All actions logged for compliance auditing

Database & Storage (Supabase): • Designed schema for secure agent configurations, sandbox state, and security audit trails • Implemented row-level security policies for multi-tenant isolation • Built real-time subscriptions for live agent monitoring

Key Technical Decisions: • Chose Daytona for enterprise-grade sandbox orchestration • Selected Semgrep for its comprehensive, open-source security ruleset • Implemented asynchronous scanning to maintain agent performance • Built custom MCP server architecture for extensible tool integration

Built With

  • anthropic-claude
  • asyncio
  • chrome-devtools-protocol-database-&-storage:-supabase-(postgresql)
  • codemirror
  • daytona-sdk-(sandbox-orchestration)
  • docker-(containerization)-frontend-libraries:-radix-ui
  • eslint
  • firecrawl-(web-scraping)
  • framer-motion
  • git-development-tools:-prettier
  • github-actions
  • indexeddb-(client-side)-cloud-services:-daytona-(sandbox-hosting)
  • javascript
  • languages:-python
  • next.js-15
  • novnc
  • openai
  • openrouter-security:-semgrep-(static-analysis)
  • posthog-(analytics)
  • qstash-(job-queue)-devops:-docker-compose
  • query
  • railway-(backend-deployment)-apis-&-integrations:-mcp-(model-context-protocol)
  • react
  • react-18
  • recharts-backend-tools:-pydantic
  • redis-(caching)
  • sql-frameworks:-fastapi
  • supervisor
  • tailwindcss-ai/llm:-litellm-(multi-provider-support)
  • tanstack-query
  • tavily-(search)
  • tiptap
  • typescript
  • vercel-(frontend-deployment)
  • zustand
Share this project:

Updates