Skip to content

Available Sandboxes

Strands provides two built-in Sandbox backends: DockerSandbox for containers on the local host, and SshSandbox for remote machines. Both automatically register sandbox_bash and sandbox_file_editor tools on the agent. This page covers their configuration, plus how to drive a sandbox directly from your own code.

Executes operations inside a Docker container on the host via docker exec. The container must already be running; Strands does not create it.

import { Agent } from '@strands-agents/sdk'
import { DockerSandbox } from '@strands-agents/sdk/sandbox/docker'
const sandbox = new DockerSandbox({
container: 'agent-workspace',
workingDir: '/workspace',
user: '1000:1000',
})
const agent = new Agent({ sandbox })
void agent.invoke('Run the test suite and summarize any failures')
OptionTypeDefaultDescription
containercontainerstrstring(required)ID or name of a running container
working_dirworkingDirstr \| NonestringNonecontainer defaultWorking directory for executed commands. If omitted, runs in the container’s configured working directory.
useruserstr \| NonestringNonecontainer defaultUser to run commands as ("uid", "uid:gid", or name). If omitted, runs as the container’s configured user.

Executes operations on a remote host via SSH. Each command spawns a fresh ssh process. There is no persistent connection. The host must be reachable with key-based authentication; BatchMode is enforced, so password prompts fail rather than block.

import { Agent } from '@strands-agents/sdk'
import { SshSandbox } from '@strands-agents/sdk/sandbox/ssh'
const sandbox = new SshSandbox({
host: 'ubuntu@10.0.1.5',
workingDir: '/home/ubuntu/workspace',
identityFile: '~/.ssh/agent_key',
})
const agent = new Agent({ sandbox })
void agent.invoke('Check disk usage and list running processes')
OptionTypeDefaultDescription
hosthoststrstring(required)SSH destination (e.g., "user@host", "192.168.1.10")
working_dirworkingDirstrstring(required)Working directory on the remote host
identity_fileidentityFilestr \| NonestringNoneundefinedPath to SSH private key file
portportintnumber22SSH port
allow_unknown_hostsallowUnknownHostsboolbooleanFalsefalseWhen false, uses StrictHostKeyChecking=accept-new. When true, disables host key verification.
ssh_optionssshOptionslist[str] \| Nonestring[]None[]Additional SSH options passed as -o flags
allow_unsafe_ssh_optionsallowUnsafeSshOptionsboolbooleanFalsefalseBypass the SSH option allowlist. When false, unknown options throw at construction time.

By default, SshSandbox only permits known-safe SSH options (connection tuning, crypto, authentication). Unknown options throw an error at construction time. This prevents model-generated or user-provided options from executing commands on the host via directives like ProxyCommand or LocalCommand.

Neither backend sets environment variables at construction time. Pass them per-command via the env option on execute()execute() / execute_code()executeCode().

You can drive a sandbox directly from your own code. This is useful for setup and verification around an agent run: seed input files, invoke the agent, then read results back.

MethodDescription
executeexecuteRun a shell command, return the result
execute_codeexecuteCodeRun code via an interpreter, return the result
read_textreadTextRead a file as a UTF-8 string
write_textwriteTextWrite a string as UTF-8
import { Agent } from '@strands-agents/sdk'
import { DockerSandbox } from '@strands-agents/sdk/sandbox/docker'
const agent = new Agent({
sandbox: new DockerSandbox({ container: 'my-container-id' }),
})
// Seed an input file, let the agent work, then read the result back
await agent.sandbox.writeText('/workspace/input.csv', 'id,value\n1,42\n')
await agent.invoke(
'Summarize /workspace/input.csv and write the summary to /workspace/out.txt'
)
const result = await agent.sandbox.execute('cat /workspace/out.txt')
console.log(result.exitCode, result.stdout)

execute waits for the command to finish. When you need output as it arrives, use the streaming form. It yields chunks as they are produced, then a final result with the exit code:

import { DockerSandbox } from '@strands-agents/sdk/sandbox/docker'
const sandbox = new DockerSandbox({ container: 'my-container-id' })
for await (const chunk of sandbox.executeStreaming('npm run build')) {
if (chunk.type === 'streamChunk') {
process.stdout.write(chunk.data)
} else {
console.log(`\nexit code: ${chunk.exitCode}`)
}
}

For more on configuring tools and plugins that work with sandboxes, see the overview. To target an environment the built-ins don’t cover, build a custom sandbox.