Sandboxes
Ephemeral, VM-grade isolated code-exec environments. Sub-250 ms boot, egress policy per sandbox. $0.014/vCPU-hr.
What it is
Sandboxes is the right product when you need to run untrusted or agent-generated code with VM-grade isolation but second-level boot times. Each sandbox is a microVM with its own kernel namespace, configurable egress (deny-by-default, allow-listed hosts), and a lifetime measured in seconds to hours.
When to use it
- Execute LLM-generated Python in a coding assistant.
- Run user-submitted code in an online IDE.
- Test a payload from an untrusted source.
Quickstart
asc sandbox run --image python:3.12 --egress 'pypi.org,*.pythonhosted.org' --timeout 60s -- python -c 'print("hi")'result = client.sandbox.run(image='python:3.12', cmd=['python','-c','print("hi")'], egress=['pypi.org'], timeout_s=60)const result = await client.sandbox.run({ image: 'python:3.12', cmd: ['python','-c','print("hi")'], egress: ['pypi.org'], timeoutS: 60 });Limits & quotas
| Limit | Default | Burst | Notes |
|---|---|---|---|
| Per-vCPU-hr | $0.014 | — | |
| Boot latency | <250 ms | — | |
| Max lifetime | 24 h | — | Use Agents for longer |
| Default egress | Deny-all | — | Per-sandbox allow-list |
Pricing
See pricing. Pay-as-you-go, billed monthly via Stripe.
API surface
POST /v1/sandbox/runGET /v1/sandbox/{id}/logs
Required scope(s): sandbox:write. See Scopes.
Security
All access is authenticated and scoped. See Auth & scopes and Network controls.