Skip to main content
Sandboxes give your agents a safe place to run code, work with files, and keep state between steps. You can create them on demand and choose the CPU and memory combination that fits the job, from a tiny sandbox for a quick task to a larger one for demanding work. That makes sandboxes useful for more than one-off execution. An agent can install dependencies, inspect outputs, write intermediate results to disk, and continue from where the previous step left off. When you want a stable checkpoint, you can snapshot a sandbox and return to a known-good state later. When you want to fork work that is already in progress, you can clone a running sandbox and start a second copy from the same filesystem and memory state. That is useful when an agent has already installed dependencies, loaded data, or reached an interesting intermediate state and you want to debug it, test an alternative path, or continue in parallel without touching the original sandbox. When you want that prepared environment to become a reusable starting point for future sandboxes, you can turn an application Image into a named sandbox template and launch new sandboxes from it on demand. And when a sandbox goes idle, Tensorlake can suspend it and bring it back on the next request or scheduled wake-up, so you can preserve state without keeping it running.

Setup

1

Install the Tensorlake CLI

pip install tensorlake
2

Log in

tl login

Quickstart

Create a tiny sandbox for a quick task, or provision one with more CPU and memory for heavier workloads. 
# Create a sandbox sized for the job
tl sbx new --cpus 3.0 --memory 7000 --timeout 600

# List sandboxes and copy the sandbox ID
tl sbx ls

# Run code inside the sandbox
tl sbx exec <sandbox-id> python -c 'print("Hello from sandbox")'

# Copy files in or out as the sandbox accumulates state
tl sbx cp local-file.txt <sandbox-id>:/workspace/local-file.txt

# Save a checkpoint you can return to later
tl sbx snapshot <sandbox-id>

# Branch from the current live state without starting over
tl sbx clone <sandbox-id>

# Suspend it when you are done for now, or terminate it when the work is finished
tl sbx suspend <sandbox-id>
tl sbx terminate <sandbox-id>

Features

Command Execution

Run shell commands with full stdout/stderr capture or stream output in real time using SSE.

File Management

Read, write, and delete files. List directories with metadata. Transfer data in and out of sandboxes.

Process Management

Start background processes, send signals, monitor status, and stream stdout/stderr independently.

Network Controls

Allow or deny internet access. Block specific outbound destinations when needed.

Snapshots

Capture sandbox filesystem and memory state, then restore or branch from it later.

Templates

Prebuild dependencies and setup steps once, then start new sandboxes from a named template.

Use Cases

AI Code Execution

Run LLM-generated code in isolated containers with network restrictions and resource limits. Integrate sandboxes as tools in agentic workflows.

Agentic Swarm Intelligence

Orchestrate a swarm of LLM agents running specialized tasks in parallel sandboxes.

Agentic Dungeons & Dragons

Build a dynamic D&D-style game where parallel AI agents act as scene writers and a Dungeon Master agent orchestrates the story.

RL Training with GSPO

Fine-tune a language model on code generation tasks using Group Sequence Policy Optimization, with sandboxes as the reward oracle.

Reproducible RL Environments

Guarantee isolated, deterministic rollouts for RL training. Run parallel episodes with full seed control and no shared state between workers.

Agentic Autoresearch Loop

Autonomously improve an ML training script overnight using an LLM agent that proposes code modifications and races them in parallel sandboxes.

When to Use Sandboxes vs @function()

Use CaseApproach
Agent tool calls with different dependenciesUse @function() — built-in isolation per function
Executing LLM-generated codeUse Sandboxes — dynamic creation with network restrictions
Batch processing with bounded resourcesUse @function() with max_containers
Interactive code execution (notebooks, REPLs)Use Sandboxes — create on demand, inspect, and tear down
Untrusted user-submitted codeUse Sandboxes — network restrictions and resource limits
If your isolation needs are covered by @function() in Tensorlake Applications, you don’t need standalone sandboxes. Sandboxes are for cases where you need dynamic, on-demand container creation with fine-grained control.

Learn More

Lifecycle

Sandbox states, resources, timeouts, and lifecycle operations.

Commands

Run commands, inspect output, and open interactive shells.

Networking

Control internet access and blocked destinations.

Templates

Create reusable named starting points for sandboxes from application images.