Sandbox SDK

The sandbox layer
for AI agents

Use the Sandbox SDK when you want direct control over the runtime primitives: sandboxes, templates, volumes, credentials, files, processes, ports, webhooks, and network policy.

Read sandbox docsView GitHub

Prompt for your agent

Read https://sandbox0.ai/llms.txt and plan a Sandbox SDK integration for my AI agent backend.
Cover sandboxes, volumes, files, processes, network policy, credentials, tests, and risks.
SDK workbench

direct API

const sandbox = await client.sandboxes.claim("agent-dev", {
  volumes: ["repo-cache"],
  network: { egress: "policy" }
});

await sandbox.process.exec("npm", ["test"]);

template

Define the runtime

Images, resources, warm processes, defaults, and policy live in reusable templates.

sandbox

Claim execution

Run commands, REPLs, file operations, app servers, and agent tools inside isolated sandboxes.

volume

Persist state

Mount, snapshot, restore, and fork durable storage independently from sandbox compute.

Direct primitives

Build your own agent backend on top of the runtime layer.

The Sandbox SDK is for teams that want to own orchestration, but do not want to rebuild isolated execution, storage, and network control from scratch.

sa

Sandbox

Claim isolated runtimes from templates, pause and resume work, expose ports, and run processes.

te

Template

Package runtime images, resources, warm pools, volume mounts, and default policy.

vo

Volume

Persist repositories, caches, checkpoints, and artifacts with snapshot, restore, and fork workflows.

cr

Credential

Resolve and project outbound auth without placing raw secret material inside the agent process.

SDKs

Control Sandbox0 from the language your backend uses.

Use Sandbox0 through SDKs and the CLI when you want to assemble your own session model, scheduler, workflow engine, or product-specific agent backend.

go

Go SDK

The preferred hand-written wrapper layer over the generated API client for backend services.

js / py

JavaScript and Python

Use generated SDK surfaces for app servers, automation scripts, and agent-side tooling.

cli

s0 CLI

Use the CLI for local workflows, debugging, and operational access to sandboxes and volumes.

When to choose it

Use the Sandbox SDK when Managed Agents is too opinionated.

Some teams need to own the queue, session schema, approvals, tenant routing, or workflow graph. Sandbox0 gives them the execution substrate directly.

custom control plane

Bring your own orchestration

Build your scheduler, workflow engine, or product-specific session model above Sandbox0 primitives.

deep runtime control

Own process and file behavior

Run the exact command model, file pipeline, context lifecycle, and port exposure your agent needs.

infra boundaries

Keep policy explicit

Control templates, volume lifecycle, credential sources, egress rules, and cluster deployment shape.

Use Sandbox0 as your agent runtime substrate.

Start with sandbox docs when you want direct runtime control, or use Managed Agents when you want the higher-level session API.

Read sandbox docsManaged Agents