Skip to content

coding sandboxes followup #24030

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dvdksn merged 2 commits into from
Jan 27, 2026
Merged

coding sandboxes followup #24030

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8e47bd6
sandboxes: windows crash issue with too many sandboxes
dvdksn Jan 27, 2026
e706416
sandboxes: add security notice for mounting directories/executables
dvdksn Jan 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions content/manuals/ai/sandboxes/get-started.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,11 @@ When you ran `docker sandbox run`:
The sandbox persists until you remove it. Installed packages and configuration
remain available. Run `docker sandbox run <sandbox-name>` again to reconnect.

> [!NOTE]
> Agents can modify files in your workspace. Review changes before executing
> code or performing actions that auto-run scripts. See
> [Security considerations](workflows.md#security-considerations) for details.

## Basic commands

Here are essential commands to manage your sandboxes:
Expand Down
14 changes: 14 additions & 0 deletions content/manuals/ai/sandboxes/troubleshooting.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,3 +105,17 @@ Also verify the workspace path exists:
$ cd <workspace>
$ pwd
```

## Sandbox crashes on Windows when launching multiple sandboxes

On Windows, launching too many sandboxes simultaneously can cause crashes.

If this happens, recover by closing the OpenVMM processes:

1. Open Task Manager (Ctrl+Shift+Esc).
2. Find all `docker.openvmm.exe` processes.
3. End each process.
4. Restart Docker Desktop if needed.

To avoid this issue, launch sandboxes one at a time rather than creating
multiple sandboxes concurrently.
25 changes: 25 additions & 0 deletions content/manuals/ai/sandboxes/workflows.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,31 @@

To preserve a configured environment, create a [Custom template](templates.md).

## Security considerations

Agents can create and modify any files in your mounted workspace, including
scripts, configuration files, and hidden files.

After an agent works in a workspace, review changes before performing actions
on your host that might execute code:

- Committing changes (executes Git hooks)
- Opening the workspace in an IDE (may auto-run scripts or extensions)
- Running scripts or executables the agent created or modified

Review what changed:

```console
$ git status # See modified and new files
$ git diff # Review changes to tracked files
```

Check for untracked files and be aware that some changes, like Git hooks in

Check failure on line 112 in content/manuals/ai/sandboxes/workflows.md

View workflow job for this annotation

GitHub Actions / validate (vale) 

[vale] reported by reviewdog 🐶
[Vale.Spelling] Did you really mean 'untracked'?

Raw Output:
{"message": "[Vale.Spelling] Did you really mean 'untracked'?", "location": {"path": "content/manuals/ai/sandboxes/workflows.md", "range": {"start": {"line": 112, "column": 11}}}, "severity": "ERROR"}
`.git/hooks/`, won't appear in standard diffs.

This is the same trust model used by editors like Visual Studio Code, which
warn when opening new workspaces for similar reasons.

## Named sandboxes

Use meaningful names for sandboxes you'll reuse:
Expand Down
Loading