WebAssembly, Python, and the Future of AI Sandboxing

Transcript

1. WebAssembly, Python, and the Future of AI Sandboxing Syrus Akbary

   Feb 2026 Rethinking safe code execution for the AI era

2. Who am I?

3. None
4. None
5. None

6. I want to make it universal! Circa 2018

7. None

8. Wait. What the f*** is WebAssembly? Well… maybe I should

   have started here
9. None

10. such cool WOW very Wasm

11. What is Wasmer? Wasmer is a WebAssembly Platform • Runtime

    (Analogy: Docker) • Registry (Analogy: Docker Hub or NPM) • Edge (Analogy: AWS Lambda) Wasmer runs applications as Wasm modules instead of containers or virtual machines

12. • Do not share kernel or OS • Poor performance

    • Very low density • Shares a kernel, but not the OS or binary • Still very heavy- weight • Low density • Shares a kernel, and the binary executables • Fully sandboxed • High density

13. Modern systems increasingly execute code we didn't write The question

    is no longer if — but how to execute safely and ef f iciently

14. Why this matters We need a new Execution Primitive More

    Ephemeral Short-lived workloads More Multi-tenant Shared infrastructure More Untrusted AI-generated code

15. Is this not a Python talk?

16. How Python is using Wasm?

17. Browser- f irst Pyodide is the most popular framework. Is

    Python compiled to Wasm via Emscripten. Used by: • JupyterLite • PyScript(.com) • Anaconda Cloud • Cloud f lare Optimized for JS execution

18. Server- f irst You can run pyodide in Node.js (very

    heavy). Or you can run it with Wasmer. Used by: • Wasmer Edge (hosting) • AI Companies Optimized for density and sandboxing

19. But Pyodide has constraints No Raw Sockets Limited by the

    browser's networking model, preventing direct socket access. Limited POSIX Compatibility constraints mean certain system-level operations are restricted. No Multithreading Python code executes on a single browser thread, limiting parallel computation. No Subprocesses/Greenlets Prevents parallel processing within the Python environment for tasks like I/O concurrency. Not designed for server workloads (even though Cloud f lare uses it)

20. Why the Python+Wasm on the server matters …specially for AI

    workloads Sandboxing is now a core infrastructure requirement • Untrusted Python code execution • Fast response/startup times • High Density

21. The emerging Sandboxing Pattern Resource Limits • CPU, memory, execution

    time constraints Capability-based access • Filesystem permissions • Networking permissions High performance • High density • Fast startup times

22. Wasmer’s approach to Python in Wasm

23. Browser- f irst Optimized for JS execution Optimized for density

    and sandboxing Server- f irst ❤ Enables • 👨💻 Zero modi f ications • 🚀 Run in any environment and OS • ⚡ Extremely lightweight Without limitations • ✅ Greenlets • ✅ Multithreaded • ✅ Subprocess

24. Wasmer Clouds vs Docker Clouds Containers • Heavy isolation overhead

    • Slow startup times • Low tenant density WebAssembly • Shared sandboxed execution • Extremely fast startup times • High tenant density

25. Demo time! Using Python with Wasmer + Clouds

26. One year free of Wasmer Pro account 1. Create an

    account https://wasmer.io/ 2.Reach [email protected] with your username

27. Thank you 🙏 @syrusakbary / @wasmerio