Eclipse Enclave

AI coding agents are most useful when they can act autonomously: run commands, install packages, edit files, and iterate without asking for permission at every step. Granting that autonomy directly on a developer's host machine is risky: agents can damage system files, leak secrets, fall victim to prompt injection, or interfere with one another when running in parallel. Most organizations have no consistent way to constrain or audit what their agents actually do.

Eclipse Enclave addresses this gap by providing a sandboxed runtime in which agents operate inside isolated containers (and, in the future, microVMs or other isolation backends) with their own filesystem, process tree, and network stack. A sidecar gateway restricts outbound network traffic to allowlisted domains and records what each agent reached out to. Multiple agents work in parallel without interfering with each other by operating on separate Git worktrees of the same project. Auth, configuration, and history persist across restarts under user control. A control center surfaces the state of all running agents and provides a single place to start, stop, inspect, and review their work.

The same isolation, logging, and policy infrastructure that makes agentic development safer for individual developers also produces the evidence and controls needed by organizations to operate agents responsibly: per-session audit trails, network access logs, dependency provenance records, and policy enforcement points that map to requirements emerging from the EU AI Act and the EU Cyber Resilience Act.

Eclipse Enclave deliberately separates agent execution from agent identity. It treats agents as pluggable workloads behind a common runtime, configuration, and policy surface. This lets the community focus on isolation, observability, governance, and integration — and lets adopters mix and match agents and editors without rebuilding the surrounding infrastructure each time.