v0.0.1

Waggle v0.0.1 — Initial Release

MCP server for isolated code execution via propolis microVMs. Provides sandboxed Python, Node.js, and shell environments over Streamable HTTP transport.

Highlights

• Embedded propolis runtime (v0.0.16) — self-contained binary with embedded hypervisor, no external dependencies required
• Seccomp BPF filtering — syscall-level sandboxing inside the guest VM
• User namespace isolation — preflight-checked userns support for virtiofs file sharing
• Shared OCI image cache — layer-level caching with COW rootfs cloning (WAGGLE_IMAGE_CACHE_DIR)
• Layered runtime images — Python, Node.js, and shell images built on a shared Alpine base
• 8 MCP tools — environment lifecycle, code execution, package installation, filesystem operations
• Health & readiness endpoints — for orchestrated deployments
• Input validation & command injection prevention — shell escaping, code size limits, timeout enforcement

Container Images

Published to GHCR (multi-arch linux/amd64 + linux/arm64, signed with cosign):

• ghcr.io/stacklok/waggle:0.0.1 — main server
• ghcr.io/stacklok/waggle/base:0.0.1 — base runtime image
• ghcr.io/stacklok/waggle/python:0.0.1 — Python runtime
• ghcr.io/stacklok/waggle/node:0.0.1 — Node.js runtime
• ghcr.io/stacklok/waggle/shell:0.0.1 — Shell runtime