AI agents run with full system access and zero accountability.
Docker isolates but doesn't govern. envpod wraps every agent in
a copy-on-write overlay - your host is never touched until you
review and commit. Encrypted credential vault, per-pod DNS
filtering, action queue for dangerous ops, append-only audit
trail. Single 13MB static binary. No daemon, no dependencies.
32ms warm start. Tested on 9 Linux distros. 41 agent configs
included. Open source.
