What a microVM is
A microVM is a tiny, fast virtual machine — the same hard boundary as a full VM (its own kernel, memory, filesystem) with startup measured in moments, not minutes. It's the technology AWS built to keep serverless customers apart (Firecracker). The key property: two microVMs on the same server can't see each other, by hardware-enforced design — not by a permissions check someone could get wrong.
Sandbox vs container vs microVM
| Shared sandbox | Container | MicroVM (Yasmine) | |
|---|---|---|---|
| Boundary | Application logic | Shared OS kernel | Own kernel per customer |
| Other customers nearby | Same process space | Same kernel | Never |
| Escape blast radius | Everyone | Host + neighbors | One customer's box |
| Typical use | Most AI-in-Slack tools | Most SaaS | AWS Lambda internals — and Yasmine |
What lives inside your microVM
Why this matters more for agents than chatbots
A chatbot leaking is bad; an agent leaking is catastrophic, because agents hold live credentials to real systems. Isolation is what makes it rational to let an AI run code or open PRs at all — which is exactly why the Dev plan exists on this architecture. Combined with your own model keys (your data flows to your provider, under its terms — we never access it) and per-tool approval, the trust story is structural, not promissory. Full detail: yasmine.works/security.

