Skip to content

feat: add Sandbox abstraction — core only (1/N)#2198

Open
agent-of-mkmeral wants to merge 1 commit intostrands-agents:feature/sandboxfrom
agent-of-mkmeral:feat/sandbox-core-abstraction
Open

feat: add Sandbox abstraction — core only (1/N)#2198
agent-of-mkmeral wants to merge 1 commit intostrands-agents:feature/sandboxfrom
agent-of-mkmeral:feat/sandbox-core-abstraction

Conversation

@agent-of-mkmeral
Copy link
Copy Markdown
Contributor

@agent-of-mkmeral agent-of-mkmeral commented Apr 24, 2026

Summary

Add the core Sandbox interface that decouples tool logic from where code runs. This is the first PR in a series to incrementally merge the large PR #1968 into the feature/sandbox branch.

Target: feature/sandbox (not main)

What's Included (Core Abstraction Only)

New: src/strands/sandbox/

File Lines Purpose
base.py 418 Sandbox ABC — 6 abstract streaming/file methods + 2 non-streaming convenience wrappers, ExecutionResult, FileInfo, OutputFile, StreamChunk dataclasses
host.py 380 HostSandbox — native Python file I/O + asyncio.create_subprocess_exec (default)
shell_based.py 200 ShellBasedSandbox — abstract class for remote environments (Docker, SSH)
noop.py 73 NoOpSandbox — raises NotImplementedError for all operations
__init__.py 30 Module exports

Modified

File Change
src/strands/__init__.py Added exports: Sandbox, HostSandbox, NoOpSandbox, ShellBasedSandbox, ExecutionResult, FileInfo, OutputFile, StreamChunk, StreamType
src/strands/agent/agent.py Added sandbox parameter to Agent.__init__ — defaults to HostSandbox() via lazy import
AGENTS.md Added sandbox/ to directory structure

Tests: 151 passing ✅

Suite Tests Coverage
test_base.py 55 ABC contract, dataclasses, convenience methods, streaming/non-streaming
test_host.py 50 Command execution, file I/O (bytes), streaming, timeouts
test_adversarial_security.py 27 Path traversal, injection, language validation, edge cases
test_adversarial_shared_sandbox.py 13 Shared sandboxes, concurrency, multi-agent
test_agent_sandbox.py 7 Agent integration (default HostSandbox, explicit sandbox, tool access)
test_noop.py 12 NoOpSandbox raises NotImplementedError for all operations

Class Hierarchy

Sandbox (ABC — 6 abstract + lifecycle + helpers)
  ├── HostSandbox (concrete — native Python, default)
  ├── ShellBasedSandbox (ABC — shell-based defaults for remote envs)
  └── NoOpSandbox (concrete — raises NotImplementedError)

Usage

from strands import Agent, HostSandbox, NoOpSandbox

agent = Agent(model=model)                              # default HostSandbox
agent = Agent(sandbox=HostSandbox(working_dir="/tmp/ws")) # explicit
agent = Agent(sandbox=NoOpSandbox())                     # disable

What's NOT Included (Coming in Follow-up PRs)

  1. Vended toolsshell, editor, python_repl in src/strands/vended_tools/
  2. AgentSkills sandbox integration — sandbox skill loading
  3. CodeActPlugin — P2 per design doc

Part of #1968 series → feature/sandbox branch

cc @mkmeral

@agent-of-mkmeral
feat: add Sandbox abstraction for agent code execution environments
56dcd76 
Add the core Sandbox interface that decouples tool logic from where code
runs. This is the first PR in a series to break up the large PR strands-agents#1968
into the feature/sandbox branch.

## What's included (core abstraction only)

### New: src/strands/sandbox/
- base.py: Sandbox ABC with 6 abstract streaming/file methods + 2 non-streaming
  convenience wrappers, ExecutionResult/FileInfo/OutputFile/StreamChunk dataclasses
- host.py: HostSandbox — native Python file I/O + asyncio subprocess (default)
- shell_based.py: ShellBasedSandbox — abstract class for remote environments
  where only shell access is available (Docker, SSH)
- noop.py: NoOpSandbox — raises NotImplementedError for all operations

### Modified
- src/strands/__init__.py: Added sandbox exports (Sandbox, HostSandbox,
  NoOpSandbox, ShellBasedSandbox, ExecutionResult, FileInfo, OutputFile,
  StreamChunk, StreamType)
- src/strands/agent/agent.py: Added sandbox parameter to Agent.__init__,
  defaults to HostSandbox() via lazy import for backwards compatibility
- AGENTS.md: Added sandbox/ to directory structure

### Tests: 151 passing
- test_base.py (55): ABC contract, dataclasses, convenience methods
- test_host.py (50): Command execution, file I/O, streaming, timeouts
- test_adversarial_security.py (27): Path traversal, injection, edge cases
- test_adversarial_shared_sandbox.py (13): Shared sandboxes, concurrency
- test_agent_sandbox.py (7): Agent integration
- test_noop.py (12): NoOpSandbox raises NotImplementedError

## What's NOT included (coming in follow-up PRs)
- Vended tools (shell, editor, python_repl)
- AgentSkills sandbox integration
- CodeActPlugin

Part of strands-agents#1968 series → feature/sandbox branch
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@agent-of-mkmeral