Nightshift

About Nightshift

Configure once. Sandbox everything.

~/.agent/bin/tools/python/uv/ripgrep/config/cache/state/workspace/WRITABLEAGENTS.mdgeneratedpyproject.tomlsrc/tests/.venv/

Agent Environment

A self-contained world

Every Nightshift agent gets its own isolated directory at your chosen prefix. Tools, runtimes, config, and workspace — all provisioned at boot, all confined by the sandbox.

  • Pinned toolchain — Python, uv, ripgrep, and opencode at exact versions
  • Isolated XDG directories for config, cache, data, and state
  • Scaffolded workspace with src, tests, .venv, and pyproject.toml
  • AGENTS.md and SKILLS.md generated from BOOT.md at first run
  • Sandboxed with bubblewrap — read-only host, writable workspace

Boot Loader

One file to rule the agent

Define your agent's entire environment in a single BOOT.md file. Skills, data schemas, tools, and behavior — all declared upfront and built by your agent at startup.

~/BOOT.md
1I need an agent for purchasing analytics. It should analyze procurement data,2track supplier performance, and generate inventory forecasts from our ERP data.34{5 "skills": [6 {7 "name": "data-schema",8 "description": "Schema reference for ERP tables"9 },10 {11 "name": "purchasing",12 "description": "Procurement optimization guidance"13 },14 {15 "name": "analytics",16 "description": "DuckDB patterns for parquet queries"17 }18 ]19}
workspace/AGENTS.md
1# Purchasing Analytics Agent2Analyze ERP procurement data for spend insights, supplier performance, and inventory optimization.34## Skills5| Name | When to Use |6|------|-------------|7| data-schema | Before writing any query — check column names, types, relationships |8| purchasing | Supplier analysis, spend breakdowns, lead-time calculations |9| analytics | DuckDB syntax, parquet glob patterns, window functions |1011## Commands12```bash13uv run pytest # Run tests14uv run python -m procurement # Run analysis15uv run black . && uv run ruff check16```1718## Project Structure19src/procurement/20 loader.py — parquet ingestion with glob patterns21 suppliers.py — lead-time scoring, reliability metrics22 inventory.py — reorder points, safety stock23 metrics.py — velocity, EOQ, days-of-supply2425## Safety Boundaries26ALWAYS: Read files, run tests, generate reports to ./output/27ASK FIRST: Install packages, modify pyproject.toml, create exports28NEVER: Delete ./data/*, run rm -rf, call external APIs
HOST FILESYSTEMread-only/usr/bin/etc/home/var/lib/rootAGENT ENVIRONMENTwritablebwrap~/.nightshift/workspace~/.nightshift/prefix/tmp

Agent Sandboxing

Read-only host. Writable workspace.

Nightshift uses bubblewrap to mount the entire host filesystem as read-only. The agent can only write to its own isolated environment. No accidental overwrites. No system damage.

Try it now

Install Nightshift and start sandboxing your agents in minutes.

Get startedTalk to us