wassette
Verified Safeby microsoft
Overview
A security-oriented runtime that runs WebAssembly Components via the Model Context Protocol (MCP), enabling AI agents to securely extend their capabilities with sandboxed tools.
Installation
wassette runEnvironment Variables
- WASSETTE_CONFIG_FILE
- WASSETTE_COMPONENT_DIR
- PORT
- BIND_HOST
- RUST_LOG
- OPENWEATHER_API_KEY
Security Notes
Wassette is designed with a strong security model, leveraging WebAssembly sandboxing, deny-by-default fine-grained permissions (filesystem, network, environment variables), and runtime policy enforcement. It supports OCI digest verification for component integrity. Built-in tools for permission management promote least privilege. Structured logging with sensitive data redaction further enhances auditability. The core runtime itself is very secure. The main security caveat noted in the documentation is that certain example components, like 'eval-py', use inherently dangerous functions (e.g., `eval()`) which, if used with overly permissive policies or untrusted inputs, could lead to arbitrary code execution *within the component's sandbox*. Users are explicitly warned about this, emphasizing the importance of carefully vetting components and their granted permissions.
Similar Servers
trigger.dev
A platform for building and executing reliable, scalable background tasks and complex workflows, supporting various runtimes (Node.js, Python, Bun), including advanced AI agent orchestration, event-driven processing, and real-time data handling.
agentgateway
An API Gateway specialized for agent-to-agent and agent-to-tool communication, providing routing, security, and AI/LLM integration capabilities.
hyper-mcp
A fast, secure Model Context Protocol (MCP) server that extends its capabilities through WebAssembly plugins, enabling AI agents to access tools, resources, and prompts.
Lynkr
Lynkr is an AI orchestration layer that acts as an LLM gateway, routing language model requests to various providers (Ollama, Databricks, OpenAI, etc.). It provides an OpenAI-compatible API and enables AI-driven coding tasks via a rich set of tools and a multi-agent framework, with a strong focus on security, performance, and token efficiency. It allows AI agents to interact with a defined workspace (reading/writing files, executing shell commands, performing Git operations) and leverages long-term memory and agent learning to enhance task execution.