A sandbox by agents, for agents.
sanbox-3.mov
| Solution | Art | Container default | MicroVM default | Hardened runtime option | FS policy | Network policy | Process policy | Creds kept outside sandbox |
|---|---|---|---|---|---|---|---|---|
| sanbox | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ |
| Docker Sandboxes | ❌ | ❌ | ✅ | ✅ | ✅ | ❌ | ✅ | |
| NVIDIA OpenShell | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ✅ | ✅ |
| Alibaba OpenSandbox | ❌ | ✅ | ❌ | ✅ | ✅ | |||
| kubernetes-sigs/agent-sandbox | ❌ | ✅ | ❌ | ✅ | ❌ | |||
| AgentScope Runtime | ❌ | ✅ | ❌ | ✅ | ❌ | ❌ |
The binary name is san.
Run it with a profile word and an optional extra word:
san claude box
san codex box
san openclaw boxhttps://github.com/chenhunghan/sanbox/releases
The website is deployed from GitHub Actions to:
https://chenhunghan.github.io/sanbox/
The workflow builds the wasm bundle into docs/ and publishes that directory to GitHub Pages.
![@github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=64&v=4){kind=small}