Loading...
Agent Sandboxing(SBX)
Runs agent-generated code, shell commands, and untrusted-content processing inside isolated environments with a scoped filesystem and a proxy-mediated network egress allow-list. Even a prompt-injected agent cannot read host secrets, touch files outside its scope, or exfiltrate data to an unapproved domain. Isolation is built from OS primitives such as Seatbelt and bubblewrap, from microVMs or containers, or from dedicated sandbox infrastructure such as E2B, Modal, and Docker.
Loading technique guideβ¦
Agent Sandboxing(SBX)
Runs agent-generated code, shell commands, and untrusted-content processing inside isolated environments with a scoped filesystem and a proxy-mediated network egress allow-list. Even a prompt-injected agent cannot read host secrets, touch files outside its scope, or exfiltrate data to an unapproved domain. Isolation is built from OS primitives such as Seatbelt and bubblewrap, from microVMs or containers, or from dedicated sandbox infrastructure such as E2B, Modal, and Docker.
Loading technique guideβ¦