Hey everyone! I ve been working on something called Afterburner: a fast, embeddable JS/TS runtime written in Rust, with a capability sandbox baked right in.Scripts run locked down by default: no network, no filesystem, no environment variables. You explicitly grant whatever access a script actually needs, and every call gets hard caps on CPU, memory, and time.The goal isn t to replace your existing stack. It s to fit cleanly into it:Embed a JS/TS engine in your Rust app with a single crate. Run user scripts, plugins, business rules, or edge logic, each call fully sandboxed. Wrap the tools you already use. Commands like `burn node app.js`, `burn npm test`, `burn bun`, `burn deno run`, and `burn npx tsx` run your existing toolchain under the sandbox. Take an unmodified Express, Fastify, or Hono app and run it with zero ambient I/O and a memory ceiling. No code changes needed. Use the built-in registry at registry.afterburner.sh. Publish with `burn publish`, install with `burn install` or `burn add` dependencies are pinned by content digest. Every package ships with a capability manifest, so installed code is sandboxed by default. It also interops with npm, so you can still pull in npm libraries as needed. Since nothing gets ambient authority, it s also just a clean, practical way to run untrusted code without having to cross your fingers and hope.Repo: https://github.com/afterburner-sh/afterburner Site: https://afterburner.sh Registry: https://registry.afterburner.shThe full walkthrough like how it works, what it can do, and benchmarks hitting up to ~16.8M rows/sec is all in one post. It s the best place to start: https://vertexclique.com/blog/burn-after-reading/One licensing note: it s source-available under BSL-1.1, which automatically converts to Apache-2.0 four years after each release. Free to use for your own projects so go build something.