This repository demonstrates running LLM coding agents in a sandboxed environment using Agent Sandbox. Each example builds on the previous one, showing progressively more sophisticated configurations for Java/Kotlin/Maven projects.
These examples focus on what's needed specifically for Java/Kotlin/Maven projects. The configurations handle Java-specific concerns like:
- Proxy configuration for Java tools (doesn't honor standard environment variables)
- Maven repository management and caching strategies
- Project-scoped dependency isolation
Basic sandbox setup with Java runtime and Maven support. Shows how to:
- Initialize Agent Sandbox for a Java project
- Add OpenJDK 17 to the container
- Configure network policy for Maven Central
- Set up Java proxy settings for HTTPS traffic
Start here if you're new to sandboxing Java projects.
Adds Maven artifact caching with Docker volumes. Dependencies persist across container restarts, avoiding redundant downloads.
Two-tier cache setup that mounts the host's Maven repository read-only. Dependencies already on the host are available immediately without network access. New artifacts go to the container-specific volume.
Strictest isolation: network access to Maven Central is revoked entirely. Maven can only use a pre-populated project-scoped cache. Prevents the agent from downloading any new dependencies.
Initial state after running agentbox init and selecting devcontainer mode. Shows what files are created by initialization and serves as a baseline for understanding the generated structure. Other examples are based on cli mode, but the changes shown could be applied to devcontainer mode in the same way.
Install Agent Sandbox following the official documentation.
Clone this repository and navigate to any example:
$ cd kotlin-junit-sample-basic
$ agentbox exec
dev@ab75dca99874:/workspace% claude --dangerously-skip-permissions # we are in a sandbox!- Filesystem and Environment isolation: Only the project directory is mounted
- Network filtering: HTTP proxy enforces an allowlist, blocks everything else
- Read-only config: Policy files can't be modified by the agent
- IDE integration: Works with VS Code and JetBrains devcontainers (examples not included in this repo, but it's an add-on functionality)