Wasm sandboxes are fast for pure compute but get painful the moment LLM code needs filesystem access or subprocess spawning. And it will, constantly. Containers with seccomp filters give you near-native speed and way broader syscall support — overhead is basically startup time (~2s cold, sub-second warm). For anything IO-heavy it's not even close. We're doing throwaway containers at https://cyqle.in if anyone's curious.

I will run the same benchmark test on wasm sandboxes just to be able to compare it with Zerobox. I will share the results tomorrow.

Pairing through the gnarly bits is doing the review, just synchronously and earlier. You haven't eliminated reviews — you've moved them to a higher-bandwidth channel. Genuinely better for catching design-level stuff. But it needs overlapping hours and enough shared context to actually work, which falls apart fast across timezones. Async review exists partly because async work does.

Onboarding was our canary. At 12 people the setup doc was a wiki page someone maintained as a hobby. By 30 it was a graveyard of broken links.

We gave up on documenting the environment and just made it cloneable. Snapshot a working setup, hand it over, done. First-commit time went from ~2 weeks to a day. (fwiw I work on https://cyqle.in partly because of this)