alt.hn

2/13/2026 at 1:44:44 PM

Safe YOLO Mode: Running LLM agents in vms with Libvirt and Virsh

 https://www.metachris.dev/2026/02/safe-yolo-mode-running-llm-agents-in-vms-with-libvirt-and-virsh/

by metachris

2/14/2026 at 8:49:08 PM

Whilst it is safer to run inside a Vm/container, it doesn't make it safe.

Yes, having your entire filesystem deleted is much less likely now (bonus points for zfs snapshots of the image for each operation) Your context is still vulnerable, as anything the VM has access too.

by KaiserPro

2/15/2026 at 12:10:29 PM

Good point! Running in isolation does reduce the amount of sensitive things an LLM has access to though, which typically can be quite a lot (SSH keys, Cloud credentials, communication tools, etc.)

by metachris

2/14/2026 at 9:01:20 PM

Interesting. Im looking for solution to run multiple OpenClaw bots in the cloud, with security and isolation in mind.

by dk8996

2/14/2026 at 9:24:12 PM

I ended up using guix shells (container mode) for my agents and sharing just the directories they need

by ews

2/15/2026 at 9:28:26 AM

Oh my GOD just STOP with the awful kitschy sepia toned slop images for blog posts like these. I can't take it any more!!!

by xyzsparetimexyz

2/15/2026 at 12:48:56 PM

Gave your comment a bit more thought and I kind of agree, and removed the image! Thanks for your feedback.

by metachris

2/15/2026 at 8:38:19 AM

For no special reason, beside I could, I’ve slop coded this AI agents ephemeral VM orchestrator which I use inside any agent to manipulate and maintain my coding VMs on Proxmox. Probably it could make sense to simplify it further and move from Proxmox to something like this. Link: https://github.com/nibzard/agentlab

by nkko

2/15/2026 at 11:48:22 AM

The comparison between these and lima makes me think that it's AI generated

by nsonha

2/15/2026 at 11:56:56 AM

I've had LLMs assist me in putting together the comparison. I did edit it, and found the comparison good and wanted to keep it. The rest of the post is all hand written and thoroughly manually tested.

by metachris