
Give AI Local Access. Safely.
DAIMON provides an OS-kernel-enforced sandbox so AI agents can run safely on your local machine with strong execution boundaries. No Docker overhead. No risk of permanent damage to your data.
The Dilemma
AI Agents Need Local Access.
But at What Cost?
Today's AI coding agents are powerful — but giving them unrestricted access to your filesystem is a gamble you can't afford.
Raw Terminal Access
Giving an AI agent a bare shell is like handing your house keys to a stranger. One hallucinated rm -rf / and your data is gone forever.
Docker Containers
Safe, but the AI is trapped in an isolated world. It can't use your local tools, dotfiles, SSH keys, or seamlessly edit your real project files.
DAIMON
Runs natively on your host with OS-kernel sandbox. AI uses your real tools and edits your real files — but can only touch what you allow.
Under the Hood
OS-Kernel Sandbox. Not Another Container.
DAIMON leverages your operating system's built-in security mechanisms — the same primitives used by browsers and the OS itself — to enforce bulletproof boundaries.
Define Your Policy
Use the DAIMON GUI or write a simple YAML to declare exactly which directories the AI can read, which it can write to, and whether network access is allowed.
Kernel Enforces the Rules
On macOS, sandbox-exec enforces it. On Linux, Landlock + seccomplock it down. No userspace escape — it's enforced at the kernel level.
AI Works Natively
The agent accesses your real file system, your real toolchain, and your real project — with zero Docker overhead. It just can't cross the boundary you set.
version: 2
filesystem_policy:
include_workdir: true
read_only:
- /usr
- /bin
- /var/log # AI can read logs
read_write:
- /workspace # AI can ONLY write here
network:
mode: disabled # No network. No data exfil.
linux:
landlock:
compatibility: hard_requirementThe Interface
Command Your Agent.
Visually.
Stop guessing with YAML configurations. DAIMON provides a polished desktop interface on macOS and Linux to manage every aspect of your agent's sandbox.



Features
Everything You Need. Nothing You Don't.
Granular Filesystem Control
Declare read-only and read-write paths with surgical precision. AI agents can browse your codebase but only modify the project you're working on.
Network Isolation
Cut off network access entirely, allow localhost-only for local tools, or keep it open. Your call. Prevent any chance of data exfiltration.
Kernel-Level Enforcement
Not a polite request — a hard kernel boundary. macOS sandbox-exec on Mac, Landlock + seccomp on Linux. No userspace escape possible.
Visual Policy Editor
DAIMON's desktop GUI lets you visually configure, validate, and inspect sandbox policies. No more hand-editing YAML unless you want to.
Runtime Monitoring
Launch, stop, and monitor your MCP service from the desktop app. View logs, check health via the built-in doctor diagnostics.
MCP Native
First-class Model Context Protocol support. Works seamlessly with Claude Desktop, Cursor, and any MCP-compatible AI agent.
Quick Start
Start with the Python SDK.
DAIMON Desktop gives you the local runtime. daimon-sdk gives your app a typed way to use it.
Assumes DAIMON Desktop is already running locally.
Launch DAIMON Desktop
Open the desktop app and confirm the local MCP service is running. This quick start assumes DAIMON Desktop is already managing the process for you.
Install the Python SDK
Use your existing Python environment and install the published SDK package. No manual MCP client wiring is needed for the happy path.
Connect and make one call
Point DaimonClient at the local endpoint, read the runtime context, and run a simple glob against the base workdir to confirm everything is live.
pip install daimon-sdkimport asyncio
from daimon_sdk import DaimonClient
async def main() -> None:
async with DaimonClient("http://127.0.0.1:8080/mcp") as client:
runtime = await client.runtime.get_context()
print(runtime.base_workdir)
files = await client.files.glob(
"**/*.py",
path=runtime.base_workdir,
)
print(files.filenames[:5])
asyncio.run(main())
Ready to Run AI Agents Fearlessly?
Download DAIMON, define your sandbox policy, and let AI work on your local files — with peace of mind.
You'll land on the release page and can choose Desktop bundles (macOS DMG, Ubuntu .deb) or the standalone Linux kernel assets.
macOS 13+ (Ventura or later) · Ubuntu/Debian-style Linux · Apple Silicon & Intel/amd64