Definition
Plain language
An isolated computing environment where AI code can run without affecting anything important.
As stated in the literature
An isolated execution environment, often a container or VM, used to run untrusted or experimental code with controlled access to resources.
Why it matters: Sandboxes are the first line of defense whenever you let an AI execute arbitrary code, since they bound the blast radius of mistakes or attacks.
For example, when an AI agent wants to run a downloaded script, it executes it inside a sandboxed container that can't see the user's home directory or the wider network.
Heard on the show
“One caveat to pocket, because Finn will want it back later: what varied here is wording in a prompt, inside a sandbox.”Episode 195 — Why 'Be Careful' Does Nothing for AI Coding Agents, and What Does