sandbox
Verified Safeby agent-infra
Overview
A comprehensive sandbox environment for AI agents, integrating browser, shell, file system, VSCode server, Jupyter notebooks, and Model Context Protocol (MCP) services within a unified Docker container for agent development and tool evaluation.
Installation
docker run --security-opt seccomp=unconfined --rm -it -p 8080:8080 ghcr.io/agent-infra/sandbox:latestSecurity Notes
The system is designed as an agent sandbox to execute arbitrary code (shell, Python, Node.js, browser automation) within a Docker container. The provided `docker run` command explicitly uses `--security-opt seccomp=unconfined`, which disables seccomp filtering, allowing the container broader syscall access. This is an intentional design choice for a flexible sandbox but means the Docker container itself is the primary security boundary. Users must ensure robust container isolation and carefully manage agent permissions to prevent unintended execution or privilege escalation outside the sandbox. Environment variables are utilized for credentials in SDK integrations (e.g., Volcengine, OpenAI), mitigating hardcoded secret risks within the core server.
Similar Servers
1mcp
Orchestrate AI agent tool calls by executing JavaScript/Python code safely in a WebAssembly sandbox, significantly reducing LLM token context by chaining multiple operations into a single execution.
kitwork
KitWork is a serverless engine and workflow automation platform that allows users to define and run scheduled tasks, backend APIs, and web automation using YAML files.
kerneldev-mcp
An MCP server for intelligent Linux kernel configuration management, building, and filesystem regression testing, including advanced device management for performance optimization.
qoder-test-repo
This repository appears to be a placeholder or a test environment for an unknown application, lacking sufficient information to determine its specific function.