08

Sandboxes and artifacts

Core platform1 min read

Run bounded code, control network access, and publish scanned outputs.

  • Choose a purpose-built template and explicit network profile.
  • Set wall-clock, command-output, file, resource, and artifact limits.
  • Do not inject signing material, connector refresh tokens, service-role keys, or exchange credentials.
  • Upload outputs through the artifact service, then scan and scope them before publishing.
  • Pause only when work will continue; kill completed or suspicious sandboxes.
Sandbox readiness
$ pnpm build:e2b:templates$ pnpm readiness:e2b:network

Was this page helpful?

Edit on GitHub