Greywall AI Agent Sandboxing & Aligning Capability with Security

​Greywall is a software-defined agent sandbox & proxy that was born out of a frustration with constantly having to choose between convenience and safety.

​A presentation by Max, founder of Greyhaven, a Montréal-based startup dedicated to building sovereign AI systems.

​In late 2024, I discovered my first AI coding agent (Aider), and I was immediately faced with an increasingly common decision: how much effort do I want to put into using this thing safely?

​At the time, the FOMO fuel wasn't as potent as it is today, and I took the time to set up a docker container to test the thing out. I couldn't think of a plausible way that one of these language models could do much harm in a basic sandbox.

​But it was immediately clear how powerful this paradigm was, and I found myself spending more and more effort to build automations around containers. My team built a CLI tool which automated docker commands, agent builds, MCP tools.

​But our container CLI tool was clunky and difficult to introspect. Every day I felt like I was fighting a tradeoff between security and capabilty.

​So we went back to the drawing board and thought, "what do we really need to feel comfortable using local AI agents?" And so we designed something fundamentally different: Greywall. A software-defined sandbox that acts as an intermediary layer between an application (e.g. an Agent) and the operating system resources.

​This pattern allows for users of agent CLI tools to have fine-grained, runtime visibilty & controls while also using their normal development environments, and I believe this pattern unlocks a kind of "AI Middleware". Suddenly, using the sandbox feels exciting, instead of a slog, because it unlocks new avenues of exploration.

​Then I discovered the field of AI Control and realized we might just be working on the same problem.

​​—

​Où / Where
UQAM - Pavillon President-Kennedy
PK-1140 (first floor)

​Contact host if you need assistance or for questions