Skip to main content
Interactive 3D/Agent Sandboxing
Sandbox Architecture
Hover each layer to see what it blocks. Agent code runs in the innermost layer.
Host OSLAYER 1
ContainerLAYER 2
SandboxLAYER 3
Agent CodeEXECUTION
Action Risk Register
read_file("config.json")
Read a config file
ALLOWED
write_file("output.txt")
Write results to disk
Blocked by: Filesystem restriction
BLOCKED
execute_code("script.py")
Run a Python script
ALLOWED
http_get("api.example.com")
Fetch external data
Blocked by: Network restriction
BLOCKED
subprocess("bash -c ...")
Spawn a shell subprocess
Blocked by: Subprocess restriction
BLOCKED
delete_file("/etc/passwd")
Delete system file
Blocked by: Filesystem restriction
BLOCKED
exfiltrate_data(secrets)
Send secrets to external URL
Blocked by: Network restriction
BLOCKED
rm_rf("/")
Recursively delete filesystem
Blocked by: Filesystem restriction
BLOCKED
Sandbox Restrictions
Simulate Attack
Display
Total actions8
Allowed2
Blocked6
Sandboxing isolates agent code inside nested security layers - container, restricted process, and seccomp syscall filter. Each layer blocks a different class of dangerous action, so even a compromised agent cannot escape.

Agent Sandboxing - Interactive Visualization

Agent sandboxing wraps the agent's code execution environment inside multiple nested security layers: a container (Docker), a restricted process sandbox, and a seccomp syscall filter. Each layer blocks a different class of dangerous action - from network exfiltration to filesystem deletion - ensuring a compromised or misbehaving agent cannot escape to the host system. This visualization shows the layered architecture and lets you toggle individual restrictions to see how they interact.

  • See the 4-layer security model: Host OS → Container → Sandbox → Agent Code
  • Risk register rates every action type from low (read file) to critical (rm -rf /)
  • Toggle network, filesystem, subprocess, and syscall restrictions independently
  • Simulate dangerous attacks (rm -rf /, data exfiltration, shell spawning) and watch the sandbox block them
  • Real-time action log shows ALLOWED vs BLOCKED decisions with the blocking layer identified
  • Used in production by e2b.dev, Modal, and Anthropic's computer-use sandbox environments

Part of the EngineersOfAI Interactive 3D - free interactive visualizations covering every major concept in machine learning and AI engineering. Hover any element for a plain-English explanation. No code required.