back to features

Sandboxes

Isolated, ephemeral container environments where AI agents safely run code, execute shell commands, and process files without touching your infrastructure.

Sandboxes are the isolated environments where ChatBotKit agents do real work. When an agent needs to run code, execute a shell command, or process a file, it does so inside a container that has no access to your infrastructure or sensitive resources. This gives your agents the ability to act, while keeping your systems and data protected.

Sandboxes are ephemeral by design: created on demand and automatically cleaned up after use, so nothing persists between runs unless you explicitly manage it through workspace integration. The same isolated environment is where capabilities like Secure Code Execution run.

What You Can Do

  • Run code safely: Execute Python and other code inside an isolated container.
  • Use a real shell: Run shell commands and chain operations as part of a task.
  • Work with files: Read, write, and transform files within the sandbox.
  • Stay isolated: Keep execution away from your infrastructure and sensitive resources.
  • Persist when needed: Carry state across runs through workspace integration, or keep sandboxes fully ephemeral.

How It Works

Each execution happens in a completely isolated container created on demand. The agent runs its code or commands inside that container, and when the work is done the sandbox is torn down, leaving nothing behind unless a workspace is attached for persistence. Because the environment is disposable and isolated, an agent can experiment, fail, and retry without risk to your systems.

Getting Started

Sandboxes power the agent capabilities that need to run code or commands - no separate setup is required. Enable code execution or shell abilities on a skillset, and the agent runs them inside a sandbox automatically. Attach a workspace when you need state to survive between runs.

Practical Uses

Sandboxes are ideal for data processing, code generation and verification, file conversion, automation scripts, and any task where an agent needs to run something rather than only describe it. The isolation makes them safe for untrusted input and experimentation, while optional persistence supports longer-running, multi-step work.

sandboxcode executionshellsecurityagentinfrastructure