DEV Community

Jasdeep Singh Bhalla
Jasdeep Singh Bhalla

Posted on

Using a Docker Sandbox for a Coding Agent

#docker #containers #ai #tutorial

This guide shows a concrete, end-to-end example of how Docker Sandboxes can be created and used to safely run autonomous coding agents that can install packages, modify files, and even run Docker — without touching your host machine.

Scenario

You want to let a coding agent:

  • Modify a real codebase
  • Install system dependencies
  • Build and run containers
  • Run unattended with permissive flags

…but without risking your laptop or credentials.

Docker Sandboxes solve this by running the agent inside a disposable microVM with only your project workspace mounted.

Step 1: Create a Sandbox

Create a new sandbox using your local project directory as the workspace:

docker sandbox create   --name agent-sandbox   --workspace ./my-project
Enter fullscreen mode Exit fullscreen mode

What this does:

  • Creates a dedicated microVM
  • Mounts only ./my-project into the sandbox
  • Keeps your OS, home directory, and secrets isolated

Step 2: Enter the Sandbox

Start an interactive shell inside the sandbox:

docker sandbox exec agent-sandbox bash
Enter fullscreen mode Exit fullscreen mode

You are now inside the sandbox, not your host machine.

From this point on:

  • Any package installs
  • Any config changes
  • Any Docker commands

…are fully isolated.

Step 3: Run a Coding Agent (Unattended)

Inside the sandbox, run your coding agent in permissive mode:

claude-code run   --dangerously-skip-permissions   --project /workspace
Enter fullscreen mode Exit fullscreen mode

Why this is safe:

  • The agent runs inside a microVM
  • Only the project directory is writable
  • No access to your host OS, SSH keys, or credentials

This is the intended workflow for Docker Sandboxes.

Step 4: Let the Agent Install Dependencies

The agent can freely modify the environment:

apt-get update
apt-get install -y nodejs npm
Enter fullscreen mode Exit fullscreen mode

No permission prompts.

No approval loops.

No risk to your machine.

Step 5: Let the Agent Use Docker

Inside the sandbox, the agent can build and run containers:

docker build -t my-app .
docker run -p 8080:8080 my-app
Enter fullscreen mode Exit fullscreen mode

Important notes:

  • This does not use your host Docker daemon
  • Containers run entirely inside the sandbox microVM

This capability is what makes Docker Sandboxes fundamentally different from regular containers.

Step 6: Review the Results on the Host

Exit the sandbox and inspect the changes:

git diff
Enter fullscreen mode Exit fullscreen mode

You’ll see only the intentional code changes made by the agent.

No stray system packages.

No modified OS files.

No lingering background processes.

Step 7: Delete the Sandbox

When you’re done, delete the sandbox:

docker sandbox delete agent-sandbox
Enter fullscreen mode Exit fullscreen mode

The microVM is destroyed immediately.

  • The environment is wiped
  • Nothing persists except your code changes
  • You start clean the next time

Why This Pattern Works

Docker Sandboxes give agents:

  • A real operating system
  • Package managers and system tools
  • Docker access
  • Full autonomy

While giving you:

  • Strong isolation via microVMs
  • Disposable environments
  • Zero host contamination
  • Confidence to use permissive agent modes

When to Use Docker Sandboxes

This pattern is ideal when:

  • Running coding agents unattended
  • Using flags like --dangerously-skip-permissions
  • Allowing agents to install tools dynamically
  • Letting agents build and run containers
  • Experimenting aggressively without fear

Agents need freedom.

Your machine doesn’t.

Top comments (0)