Docker just released a game-changing feature for developers who love running AI coding agents in "YOLO mode": Docker Sandboxes. If you've ever hesitated to let an AI agent run wild with full permissions on your machine, this is the solution you've been waiting for.
What is Docker Sandbox?
Docker Sandboxes provide disposable, isolated microVM environments purpose-built for coding agents. Each agent runs in a completely isolated version of your development environment. When it installs packages, modifies configurations, or deletes files, your host machine remains untouched.
This isolation enables what Docker calls "Level 4 Coding Agent Autonomy": letting agents like Claude Code, Codex CLI, GitHub Copilot CLI, Gemini CLI, and Kiro run unattended without constant permission prompts, while keeping your system safe.
Key Benefits
- MicroVM-based isolation — Each agent runs inside a dedicated microVM with hypervisor-level security
- Real development environment — Agents can install system packages, run services, and modify files freely
- Safe Docker access — Agents can build and run Docker containers inside the sandbox, with no access to your host Docker daemon
- Fast reset — If an agent goes off the rails, delete the sandbox and spin up a fresh one in seconds
Running Copilot CLI in a Docker Sandbox
Docker Sandbox works great with GitHub Copilot CLI. Here's how to get started:
Prerequisites
- Docker Desktop 4.59 or later
- macOS or Windows
Create a GitHub Copilot CLI Sandbox
docker sandbox create copilot ./your-project-folder -- --yolo
This creates an isolated sandbox with Copilot CLI ready to go in full autonomous, YOLO mode.
Authenticate with GitHub
Since Docker Sandbox doesn't yet pull authentication tokens from your local ~/.copilot/ folder during the sandbox creation process for Copilot, you'll need to authenticate manually once inside the sandbox.
Run the /login command inside the Copilot CLI. You'll see something like:
⠦ Waiting for authorization...
Enter one-time code: ABCD-1234 at https://github.com/login/device
Press any key to copy to clipboard and open browser...
Follow the device flow to authenticate, and you're ready to go!
Useful Commands
# List all your sandboxes
docker sandbox ls
# Access a running sandbox interactively
docker sandbox exec -it <sandbox-name> bash
# Remove a sandbox when done
docker sandbox rm <sandbox-name>
Why This Matters
Running AI coding agents with full autonomy has always been a trade-off between productivity and risk. Docker Sandboxes eliminate that trade-off by providing:
- True isolation — Your host machine is completely protected
- No permission fatigue — Let the agent work without interruption
- Easy recovery — Something went wrong? Nuke the sandbox and start fresh
What's Next
Docker is continuing to expand Sandboxes based on developer feedback:
- Linux support
- MCP Gateway support
- Ability to expose ports to the host and access host-exposed services
- Support for additional coding agents
Get Started
Ready to let your AI coding agents run free (safely)? Check out the official documentation:
Happy coding — and let your agents loose! 🚀
Top comments (0)