Task Pods
Ephemeral Kubernetes jobs for isolated code execution with zero ingress.
Task Pods
Task Pods are ephemeral Kubernetes Jobs that the Brain launches on demand for isolated work. They provide a secure sandbox where the agent can execute code, run scripts, or perform complex operations without risking the stability or security of the core platform.
How Task Pods Work
- Claude decides a task requires isolated execution (via the
launch_tasktool) - The Brain creates a Kubernetes Job spec with the task instructions
- Kubernetes schedules the pod on an available node
- The task pod connects to NATS and receives its instructions
- The pod executes the work and streams progress updates back through NATS
- On completion (or timeout), the pod reports its results and is cleaned up
The entire lifecycle is automatic. The Brain dispatches, monitors, and collects results without manual intervention.
Security Posture
Task Pods have the strictest security posture of any Baker Street component:
| Control | Setting |
|---|---|
| RBAC permissions | None -- no Kubernetes API access |
| Ingress | Zero -- no inbound network connections |
| Egress | NATS only -- no internet, no other services |
| User | Non-root (UID 1000) |
| Filesystem | Read-only root, writable /tmp only |
| Capabilities | All dropped |
| Seccomp | Runtime default profile |
| Timeout | 30 minutes maximum |
| Cleanup | Automatic on completion, failure, or timeout |
This means a task pod cannot reach the internet, cannot access Kubernetes secrets, cannot modify its own filesystem, and cannot outlive its timeout. Even if malicious code runs inside a task pod, the blast radius is contained.
Enterprise Isolation
The enterprise distribution (baker-street-hardened) adds additional isolation:
- Dedicated namespace -- task pods run in a separate
baker-tasksnamespace - Pod Security Standards -- the namespace enforces the
restrictedPod Security Standard - Resource quotas -- CPU and memory limits prevent resource exhaustion
- Network policies -- cross-namespace traffic is blocked; only NATS egress is allowed
Use Cases
Task Pods are ideal for:
- Code execution -- running user-provided scripts in a sandbox
- Data processing -- transforming or analyzing data without loading it into the Brain
- Build tasks -- compiling code, generating artifacts, running test suites
- Long-running operations -- anything that might take minutes rather than seconds
Monitoring
Task pod status flows through NATS in real time. The Web UI displays active task pods with their current state, output logs, and elapsed time. Completed task pods appear in the job history with their full output.