Every container runtime on macOS runs a Linux VM. Linux doesn't have Metal support, so you can't use MLX, MPS, or other Metal-accelerated frameworks inside a container. MetalBox solves this by running workloads as native macOS processes with Docker-like resource management: * Hard memory limits (RSS watchdog that kills and restarts processes when limits are exceeded) * Metal/MLX GPU memory caps (automatically injected via a wrapper) * Filesystem and network sandboxing using macOS sandbox-exec