CubeSandbox
ActiveDescription
A high-performance, secure sandbox service for AI agents by Tencent Cloud, built on RustVMM and KVM with hardware-level isolation, sub-60ms cold start, <5MB memory overhead, and E2B SDK compatibility.
Key Features
- Blazing-fast cold start: sub-60ms end-to-end sandbox creation via resource pool pre-provisioning and snapshot cloning
- Ultra-low memory overhead: less than 5MB per instance, enabling thousands of sandboxes on a single machine
- True kernel-level isolation: each agent runs with its own dedicated Guest OS kernel based on RustVMM and KVM
- E2B SDK drop-in replacement: swap one URL environment variable to migrate from closed-source sandboxes
- Event-level snapshot and rollback: millisecond-granularity checkpoints with instant clone and rollback via CubeCoW CoW engine
- Network security via CubeVS eBPF: inter-sandbox network isolation with fine-grained egress traffic filtering
Use Cases
💡 Secure code execution sandbox for AI agents generating and running untrusted LLM-generated code
💡 High-concurrency agent deployment: thousands of isolated sandboxes running simultaneously on a single node
💡 Reinforcement learning environments like SWE-bench with fast sandbox provisioning and reset
💡 Production-grade sandbox service replacing E2B with better performance and lower cost
Categories
Quick Start
pip install cubesandbox
# Single-node deployment:
cubesandbox serve
# Create a sandbox:
import cubesandbox
client = cubesandbox.Client()
sandbox = client.sandboxes.create()
result = sandbox.run_code('print("Hello from CubeSandbox!")')
print(result)
# Cluster mode: see docs at https://docs.cubesandbox.ai/