Share feedback
Answers are generated based on the documentation.

Docker Sandboxes

Table of contents
Availability: Experimental

Docker Sandboxes run AI coding agents in isolated microVM sandboxes. Each sandbox gets its own Docker daemon, filesystem, and network — the agent can build containers, install packages, and modify files without touching your host system.

Get started

Install the sbx CLI and sign in:

$ brew install docker/tap/sbx
$ sbx login

> winget install -h Docker.sbx
> sbx login

Then launch an agent in a sandbox:

$ cd ~/my-project
$ sbx run claude

See the get started guide for a full walkthrough, or jump to the usage guide for common patterns.

Learn more

  • Agents — supported agents and per-agent configuration
  • Custom environments — build reusable sandbox images with pre-installed tools
  • Architecture — microVM isolation, workspace mounting, networking
  • Security — isolation model, credential handling, network policies, workspace trust
  • CLI reference — full list of sbx commands and options
  • Troubleshooting — common issues and fixes
  • FAQ — login requirements, telemetry, etc

Docker Desktop integration

Docker Desktop also includes a built-in sandbox command (docker sandbox) with a subset of features. The sbx CLI is recommended for most use cases.