Nathan Flurry 🔩

🤘 Securely execute AI-generated Node.js code without a sandbox - 17.9ms coldstarts p99 - 3.4 MB RAM - 56x cheaper than sandboxes - Built on the same tech as Cloudflare Workers - Just a library, no external vendor - Our most metal website yet

@hugorcd @nuxt_js @rivet_dev Added to docs secureexec.dev/docs/use-cases…

@hugorcd @nuxt_js @rivet_dev Fastest ship in the west This v cool, adding this to our Code Mode docs Have had a chance to try generating TS interfaces & type checking outputted code? Curious if that'd help or if the generated code is so simple it's better to let it fail at runtime. #type-check-a-source-string" target="_blank" rel="nofollow noopener">secureexec.dev/docs/features/…

Just shipped something I'm really excited about in @𝗇𝗎𝗑𝗍𝗃𝗌/𝗆𝖼𝗉-𝗍𝗈𝗈𝗅𝗄𝗂𝗍: Code Mode. The idea: instead of the LLM calling your MCP tools one at a time (and resending ALL tool descriptions every single round-trip), it writes JavaScript that orchestrates everything in one go. Loops, conditionals, Promise.all, real control flow, not 8 separate LLM turns. With 50 tools the token savings are insane: -81% on tool description overhead alone. And the best part? Your existing tools don't change at all. One line: `experimental_codeMode: true` Runs in a secure V8 sandbox thanks to @rivet_dev's secure-exec, perfect timing with their launch yesterday. mcp-toolkit.nuxt.dev/advanced/code-…

@peteredm1 👀 let me cook

@NathanFlurry really nice! would love an s3 example!

Secure Exec SDK gives agents an insanely customizable virtual OS File system → persist to S3, SQLite, Postgres, etc Network (outbound) → granular network control Network (inbound) → dev servers (Hono, Express, etc) Child process → custom tools

@NathanFlurry very nice

@pelaseyed @rivet_dev hell yeah this is awesome

InfiniteMonitor is not infinitely faster thanks to Secure Exec from the @rivet_dev team. Highly recommended if you are tired of paying $$$ for running sandboxes.

Rivet Secure Exec is for monitoring the situation

@HeyGarrison @rivet_dev making a pr 🫡

@rivet_dev would love to get this in the benchmarks!

Introducing the Secure Exec SDK Secure Node.js execution without a sandbox ⚡ 17.9 ms coldstart, 3.4 MB mem, 56x cheaper 📦 Just a library – supports Node.js, Bun, & browsers 🔐 Powered by the same tech as Cloudflare Workers $ 𝚗𝚙𝚖 𝚒𝚗𝚜𝚝𝚊𝚕𝚕 𝚜𝚎𝚌𝚞𝚛𝚎-𝚎𝚡𝚎𝚌

rivet was added to awesome byoc, v cool site! awesomebyoc.com

@Dylan_Steck Yes, you will be able to run CC & OpenCode in this (both headless and with TUI). Stay tuned.

@NathanFlurry Really cool stuff, I like the direction y’all are building in!! Quick q: do you see this codemode/V8 isolate model working for headlessly running Claude Code/OpenCode sessions — or that’s more of a task you want a full sandbox for?

@NathanFlurry It was so easy! Genuinely insane stuff

Hot damn that was fast Code Mode powered by Secure Exec SDK Let LLMs execute JavaScript to call MCP/tool calls - 81% reduction in tool usage - Drop in replacement - Real control flow Adding this to our Code Mode docs 🤘

@trillhause_ @rivet_dev

@rivet_dev You guys are cooking hard

@Nagistakee @rivet_dev me too, i'll make up for it open.spotify.com/track/3Y1OgYRm…

@rivet_dev I'm upset there is no heavy metal in this video clip.

@sebuzdugan @rivet_dev we can't. fortunately, atwood's law makes this a non-issue for most folks.

@rivet_dev secure exec looks great, curious how you’re handling untrusted native module dependencies

@fntlnz @rivet_dev we don't know what to call it, so terminology is all over the place haha. probably going to stick with "isolate" to prevent confusion.

@NathanFlurry @rivet_dev you are calling it sandbox no? github.com/rivet-dev/secu…

would be neat! i miss the days of lua game modding a lot of the work in Secure Exec had to do with building a system bridge (see below) since ai generated code usually needs network or fs access. i figure it's not too hard to do the same w lua, but it's been a hot minute since i last looked at the lua api. x.com/NathanFlurry/s…

i wonder how well agents write lua because lua sandboxes super well and has for a long time see luau

@fntlnz @rivet_dev There's no formal definition, but – pretty much every sandbox provider uses microVMs. Secure Exec with V8 isolates is: - Much more lightweight - Can be embedded in your backend without an external vendor

@rivet_dev folks, this looks like a sandbox though. how it is not? educate me

Get started: secureexec.dev

GitHub: github.com/rivet-dev/secu…