What is an Agen Sandbox?
An Agen Sandbox is a secure, ephemeral environment running in a Dockerized container where AI agents can safely interact with your repository. When you create a new AI session via Agen, we immediately spin up an isolated virtual machine. The AI is granted restricted access strictly to this sandbox container, allowing it to modify files, resolve dependencies, and compile code.Why Sandboxes Matter
Instead of running untrusted AI scripts or experimental, AI-generated configurations directly on your local development machine (which might alter your main workspace or leak sensitive credentials), the sandbox ensures security by design. The agent is free to browse and alter the codebase within the container. You, as the developer, review all these isolated changes.- Safety First: Your local development machine or production environment is entirely unaffected by mistakes the AI might make.
- Immutable Clean Slate: Every new session boots a fresh environment. There is no lingering state from previous runs.
- No Direct Code Spills: Any generated file changes must be explicitly synced and approved via the
agenCLI before they affect your local system.
Sandbox Capabilities
Because our Sandboxes operate as independent Linux environments, they come fully equipped to support robust and active development commands inside the isolated session:- Git Control: Sandboxes have full native Git capabilities. The AI can manage branches, commit changes internally, and generate detailed patch diffs for review.
- Real-Time Streaming: Using our real-time streaming layer, every modification the AI makes inside the sandbox is instantly streamed to your local command line (
agen CLI), showing a clear before-and-after view of file modifications.
Seamless Syncing
To retrieve code generated within the Sandbox, simply runagen watch <YOUR_SESSION_ID>. You can stream patches generated safely inside the environment directly to your local file system, apply the code you verify, and dismiss the rest.