Impact-Site-Verification: 41b53a0c-6d04-458b-a457-fe9e29acde1a

Developer Tools/UnknownAI InfrastructureSecurityOpen SourceDeveloper Tools·

VELA

Securely execute AI-generated & untrusted code with micro-VM isolation

What it does

VELA is a policy-driven execution guard that uses Firecracker micro-VMs and HMAC capability tokens to safely run untrusted code. It provides structured results, fine-grained filesystem/network restrictions, and a full JSONL audit trail. The runtime is open-source (MIT licensed) and includes adapters for LangChain, LlamaIndex, CrewAI, and OpenAI. VELA stacks hardware isolation, cryptographic authorization, and structured observability into one cohesive runtime.

Who it is for

VELA is designed for developers building AI agents, SaaS platforms, or any application that needs to execute untrusted code—such as AI-generated code, user-submitted scripts, or third-party plugins. It targets teams using frameworks like LangChain, LlamaIndex, CrewAI, or OpenAI function tools who want to avoid the security risks of raw subprocess execution or the overhead of Docker containers. The product is also suitable for security-conscious teams that require audit trails, rate limiting, and policy enforcement.

Why it matters

Every AI agent that runs code is one exec() away from disaster. Raw subprocess runs as you—if the model is jailbroken, so is your server. Docker containers have 1–3 second cold starts and share the host kernel. Hosted sandboxes have opaque pricing and vendor lock-in. VELA addresses these issues with Firecracker micro-VMs that boot in ~150ms (p50) from a pre-warmed pool, HMAC capability tokens that grant scoped permissions, and a policy engine that can block dangerous patterns like rm -rf or curl. It also provides Prometheus metrics, webhook notifications, and an append-only JSONL audit trail.

Launch signal

VELA launched on Product Hunt on [launch date not specified in source]. The Product Hunt listing describes it as "Securely execute AI-generated & untrusted code" and notes it has 48 followers. The website mentions version v0.1.0 and includes testimonials from engineers at NovaMind AI, DataWeave, and FinGuard. The project is open-source on GitHub with an MIT license.

Brand and naming

The name "VELA" is short, memorable, and suggests speed (vela is Latin for "sail"). The product is also referred to as "Aegis runtime" in some contexts, which evokes protection (aegis meaning shield). The branding emphasizes control and security with phrases like "Stay in control" and "Run untrusted code. Stay in control." The visual identity uses a clean, modern design with a dark theme and code snippets.

Founder

Praveen

Get more like this in our weekly newsletter.