AI Sandboxes: Running Coding Agents Safely in Production-Grade Environments

The number of cyber attacks and security risks related to Coding Agents has sky rocketed. AI coding agents like Claude Code, Codex CLI, and Gemini CLI don’t behave like your typical developer tools. They install system packages, modify configurations, delete files, run services, and even spin up Docker containers, often requiring constant permission prompts or risky access to your host machine.

This talk explores Docker Sandboxes as a new execution model for autonomous coding agents. Built on microVM-based isolation, Docker Sandboxes provide disposable, agent-safe environments where coding agents can run unattended while remaining fully isolated from the host system.

We’ll walk through why traditional approaches like OS sandboxing, containers, and full virtual machines, break down for agent workflows, and how Docker Sandboxes combine the developer experience of containers with the hard security boundaries of VMs. Using live examples, we’ll show how agents can safely run Docker-in-Docker, install dependencies, access only the project workspace, and be reset instantly.

By the end of this session, you’ll have a clear mental model for when and how to use Docker Sandboxes to unlock higher levels of agent autonomy without compromising safety, security, or developer experience.