Your agents execute code without isolation. A compromised agent = a compromised IS.
Isolated execution
Capabilities
microVM/gVisor integration
Default-deny network
Read-only mounts
Ephemeral (destroyed after use)
Storage-to-compute bridge
Customization
Security policies, network rules, compute resource limits, storage mount config.
Integration
The Sandbox receives execution tasks from the orchestrator. Code runs in an isolated environment with no network access by default — results flow back to the orchestrator.
Compliance
DORA (resilience, isolation), GDPR art. 9 (sensitive data isolation).
Related accelerators
AI Sovereignty