Extending AI Agents with WebAssembly
Microsoft Developer introduces Wassette, a security-focused MCP server that uses WebAssembly Components to run untrusted agent tools in a sandboxed runtime, aiming to make extending AI agents safer and more reusable.
Overview
This episode covers Wassette, an open-source, security-oriented runtime for running WebAssembly Components as tools exposed through the Model Context Protocol (MCP).
Wassette is positioned as a way to extend AI agents with third-party tools while reducing risk by executing those tools inside a WebAssembly sandbox.
What Wassette is
- Wassette is an MCP server that runs tools as WebAssembly (Wasm) Components.
- It embeds a WebAssembly runtime to provide a trusted execution environment for untrusted tools.
- It applies fine-grained security policies to constrain what tools can do.
MCP context
- MCP (Model Context Protocol) is described as a standard for how LLMs access and share data with external tools.
- Wassette uses MCP as the interface layer, while Wasm Components provide the execution unit for tools.
Why Wassette (as described in the episode)
- Convenience: Extend AI agents with new tools without leaving the chat window.
- Reusability: Wasm Components are generic and reusable; they are not inherently MCP-specific.
- Security: Uses the Wasmtime security sandbox to provide browser-grade isolation for tool execution.
Resources
- GitHub repo: https://github.com/microsoft/wassette/
People mentioned
- Jorge Arteiro: https://www.linkedin.com/in/jorgearteiro
- Yosh Wuyts: https://www.linkedin.com/in/yoshuawuyts/
Series links
- Subscribe to Open at Microsoft: https://aka.ms/OpenAtMicrosoft
- Open at Microsoft playlist: https://aka.ms/OpenAtMicrosoftPlaylist
- Submit an OSS project: https://aka.ms/OpenAtMsCFP