DISCOVER THE FUTURE OF AI AGENTS
Agent Park
BACK TO PROJECTS

sandboxed.sh

Added May 4, 2026
Agent & Tooling
Open Source
Workflow AutomationDockerMulti-Agent SystemAI AgentsAgent & ToolingDeveloper Tools & CodingAutomation, Workflow & RPASecurity & Privacy

Self-hosted cloud orchestrator for running and managing AI coding agents within isolated Linux workspaces, with multi-agent runtime support, task scheduling, and Git-versioned configuration.

Overview#

sandboxed.sh (formerly Open Agent) is a self-hosted cloud orchestration platform designed for AI coding agents. Its core value lies in providing secure isolated Linux execution environments and complete lifecycle management for agents. The project uses Rust for a high-performance backend core, combined with Next.js and SwiftUI for multi-platform interfaces.

Core Capabilities#

Multi-Agent Runtime Support#

Unified infrastructure supporting Claude Code (Anthropic), OpenCode (open-source alternative), and Amp (Sourcegraph). Each workspace has an independent Harness for backend-runtime integration.

Workspace & Isolation#

Strong containerized isolation via systemd-nspawn (native Linux) or Docker, with independent directories per task. Supports X11/Xvfb configuration for GUI desktop automation within isolated environments.

Task Orchestration & Scheduling#

Mission Control enables remote start/stop/monitoring with real-time streaming. Built-in cron-like triggers for scheduled agent execution.

Model Routing & Failover#

Provider fallback chains with health checks and rate limit handling. OpenAI-compatible /v1/chat/completions endpoint for deferred execution when all providers are rate-limited.

Configuration Management & Extensions#

Skills, tools, rules, agent configs, and MCP are version-controlled in a single Git repo. Supports optional MCP tool servers (desktop automation, Playwright, etc.) and encrypted secrets management.

Multi-Platform Access & Integrations#

Web Dashboard (Next.js), iOS App (SwiftUI with picture-in-picture), and CLI. Telegram bot integration auto-creates tasks per chat for conversational AI assistance.

Typical Use Cases#

  • Long-running development delegation: Point to a GitHub Issue, let agents auto-complete coding, testing, and PR creation
  • Multi-day unattended operations: Grant agents SSH access via VPN for GPU model training configuration
  • Sensitive data local processing: Local inference in isolated containers for healthcare, finance, defense sectors
  • Team-customized agent behavior: Encode team standards via Skills (e.g., always run fraud detection tests when modifying payment modules)

Architecture#

┌─────────────────────────────────────────────┐
│              Client Layer                    │
│  Web Dashboard (Next.js) │ iOS App │ CLI    │
└────────────┬──────────────┬────────┬────────┘
             │              │        │
             └──────────────┼────────┘
                     HTTPS
                     ▼
┌─────────────────────────────────────────────┐
│            Server Layer                      │
│  ┌──────────────────────────────────────┐   │
│  │  sandboxed.sh (Rust Core)             │   │
│  │  • Task orchestration & monitoring    │   │
│  │  • Container workspace (systemd-nspawn)│   │
│  │  • Git Library sync                   │   │
│  │  • Model routing & health checks      │   │
│  └──────────────┬───────────────────────┘   │
│                 ▼                            │
│  ┌──────────────────────────────────────┐   │
│  │  Agent Runtimes                       │   │
│  │  Claude Code / OpenCode / Amp         │   │
│  └──────────────────────────────────────┘   │
└─────────────────────────────────────────────┘
  • Core Backend: Rust (src/), handling task scheduling, container lifecycle, and model routing
  • Persistent Session Design: Specialized session management for Claude CLI
  • Frontend Separation: Web dashboard (dashboard/, Next.js/TypeScript) and mobile (ios_dashboard/, SwiftUI) deployed independently
  • Documentation: Dedicated docs site (docs-site/, MDX), plus agent config (agents.md/claude.md) and provider config (PROVIDERS.md) references

Installation#

Docker (Recommended, ~5 min)#

git clone https://github.com/Th0rgal/sandboxed.sh.git
cd sandboxed.sh
cp .env.example .env
# Edit .env config
docker compose up -d

Access http://localhost:3000 after deployment. Uncomment privileged: true in docker-compose.yml for workspace isolation.

Native (Bare metal Ubuntu 24.04 LTS, ~30 min)#

Follow the official Native Installation Guide.

AI-Assisted Deployment#

Hand the installation guide to a coding agent, e.g.:

"Deploy Sandboxed.sh on my server at 1.2.3.4 with domain agent.example.com"

Configuration#

  • Backend connections and container orchestration via .env (from .env.example) and docker-compose.yml
  • Agent behavior via agents.md (and harness details in claude.md)
  • LLM providers and routing fallback chains via PROVIDERS.md
  • X11/Xvfb environment variables for GUI automation capabilities
  • Telegram Bot Token and Webhook for chat-to-task automation

Unconfirmed Information#

  • Discord community link (mentioned in README but no specific URL shown)
  • Current stable version (latest release is v0.11.1, project marked as WIP)
  • Amp runtime integration completeness
  • Encrypted secrets management implementation details

Related Projects

View All

Genkit

An open-source AI application building framework for full-stack apps, providing a unified SDK and developer toolchain.

PythonTypeScript
VIEW DETAILS

Gobii Platform

Always-on autonomous AI Agent platform for teams, with email/SMS channels, browser automation, and persistent memory.

PythonDocker
VIEW DETAILS

Semble

Fast and accurate code search library for AI agents, achieving ~98% token reduction over grep+read via hybrid retrieval and code-aware reranking.

PythonModel Context Protocol
VIEW DETAILS

STAY UPDATED

Get the latest AI tools and trends delivered straight to your inbox. No spam, just intelligence.