Sandbox
Agent Tools
Expose a sandbox session as Anvia tools.
Use createSandboxTools(...) when an agent should run commands and manage files inside a live sandbox session.
import { AgentBuilder } from "@anvia/core/agent";
import { createSandboxTools, DockerSandbox } from "@anvia/sandbox";
const sandbox = new DockerSandbox();
const session = await sandbox.createSession();
const tools = createSandboxTools(session, {
allow: ["exec_command", "read_file", "write_file", "list_files"],
exec: {
allowedCommands: ["node", "npm"],
defaultTimeoutMs: 10_000,
maxTimeoutMs: 30_000,
},
readFile: {
maxBytes: 64_000,
},
writeFile: {
maxBytes: 64_000,
},
});
const agent = new AgentBuilder("coder", model)
.instructions("Use the sandbox for code execution and file operations.")
.tools(tools)
.defaultMaxTurns(6)
.build();
try {
const response = await agent
.prompt("Write a JavaScript file that prints the first five Fibonacci numbers, run it, and summarize the output.")
.send();
console.log(response.output);
} finally {
await session.destroy();
}The default bundle exposes:
| Tool | Purpose |
|---|---|
exec_command | Run a structured command with command and args |
read_file | Read a text file from the sandbox workspace |
write_file | Write a text file, creating parent directories |
list_files | List files and directories under a workspace path |
Keep the session lifetime explicit. Create the session before the agent run and destroy it in a finally block.
Tool Policy
Use allow to choose which sandbox tools are exposed. Use exec.allowedCommands or exec.blockedCommands to keep model-chosen commands inside the product boundary.
const tools = createSandboxTools(session, {
allow: ["exec_command", "read_file", "list_files"],
exec: {
allowedCommands: ["node", "npm"],
maxTimeoutMs: 30_000,
},
readFile: {
maxBytes: 64_000,
},
});Tool policy is separate from Docker isolation. Docker limits protect the host; tool policy controls what the model can ask the session to do.