Tilde.run launched on May 6, 2026 as a production-safe sandbox for deploying autonomous AI agents on real data without risking corruption or unintended side effects. Built by the lakeFS team, the platform treats every agent execution as a reversible transaction, solving a critical barrier to enterprise AI agent adoption.
Addressing the Production AI Agent Problem
The platform tackles the fundamental challenge preventing organizations from deploying autonomous agents: how to safely grant AI systems access to production data without risking data corruption, unauthorized access, or cascading failures. Traditional approaches require manual backups, complex permission systems, or accepting unacceptable risk.
Tilde.run's solution draws on lessons from lakeFS, the open-source data versioning layer trusted by major organizations managing billions of objects. The team behind the project brings battle-tested expertise in production data management to AI agent infrastructure.
Four-Layer Safety Architecture
The platform implements comprehensive safeguards across multiple dimensions:
Versioned Composable Filesystem: Tilde presents a unified POSIX filesystem (~sandbox) that mounts multiple data sources—GitHub repositories, S3 buckets, Google Drive documents, and local outputs. Every file is version-controlled from creation, enabling instant rollback of any agent operation without manual intervention.
Transactional Sandboxing: Each agent run executes in an isolated container where changes are staged during execution. On success, changes commit atomically; on failure, they're discarded entirely. This eliminates the need for manual cleanup or backup restoration.
Network Isolation & Audit: Outbound requests operate under default-deny policies. The system logs and controls every network call, automatically blocking unauthorized destinations, cloud metadata access attempts, and credential abuse.
Agent-Specific RBAC: Agents receive scoped permissions separate from user credentials, with granular policies supporting allow/deny/approval-required actions per agent and repository.
Multiple Access Methods for Different Workflows
Developers can interact with Tilde through:
- CLI for sandbox execution and interactive shells
- Python SDK for programmatic integration
- Claude integration for agentic automation
- REST API for custom tooling
The Hacker News launch post received 124 points and 90 comments, indicating strong developer interest in production-safe agent infrastructure.
Key Takeaways
- Tilde.run provides a versioned, transactional filesystem that treats every AI agent execution as a reversible operation
- The platform mounts multiple data sources (GitHub, S3, Google Drive) into a unified POSIX filesystem with automatic versioning
- Network isolation uses default-deny policies with logging and control of every outbound request to prevent credential abuse
- Built by the lakeFS team with proven expertise managing billions of versioned objects in production environments
- Access available through CLI, Python SDK, Claude integration, and REST API for flexible deployment scenarios