← 返回 Skills 市场

Sandbox Sdk

Name: Sandbox Sdk
Author: creativerezz

作者 Reza · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ 安全检测通过

总下载

当前安装

版本数

在 OpenClaw 中安装

/install sandbox-sdk

功能描述

Build sandboxed applications for secure code execution. Load when building AI code execution, code interpreters, CI/CD systems, interactive dev environments,...

使用说明 (SKILL.md)

Cloudflare Sandbox SDK

Build secure, isolated code execution environments on Cloudflare Workers.

FIRST: Verify Installation

npm install @cloudflare/sandbox
docker info  # Must succeed - Docker required for local dev

Retrieval Sources

Your knowledge of the Sandbox SDK may be outdated. Prefer retrieval over pre-training for any Sandbox SDK task.

Resource	URL
Docs	https://developers.cloudflare.com/sandbox/
API Reference	https://developers.cloudflare.com/sandbox/api/
Examples	https://github.com/cloudflare/sandbox-sdk/tree/main/examples
Get Started	https://developers.cloudflare.com/sandbox/get-started/

When implementing features, fetch the relevant doc page or example first.

Required Configuration

wrangler.jsonc (exact - do not modify structure):

{
  "containers": [{
    "class_name": "Sandbox",
    "image": "./Dockerfile",
    "instance_type": "lite",
    "max_instances": 1
  }],
  "durable_objects": {
    "bindings": [{ "class_name": "Sandbox", "name": "Sandbox" }]
  },
  "migrations": [{ "new_sqlite_classes": ["Sandbox"], "tag": "v1" }]
}

Worker entry - must re-export Sandbox class:

import { getSandbox } from '@cloudflare/sandbox';
export { Sandbox } from '@cloudflare/sandbox';  // Required export

Quick Reference

Task	Method
Get sandbox	`getSandbox(env.Sandbox, 'user-123')`
Run command	`await sandbox.exec('python script.py')`
Run code (interpreter)	`await sandbox.runCode(code, { language: 'python' })`
Write file	`await sandbox.writeFile('/workspace/app.py', content)`
Read file	`await sandbox.readFile('/workspace/app.py')`
Create directory	`await sandbox.mkdir('/workspace/src', { recursive: true })`
List files	`await sandbox.listFiles('/workspace')`
Expose port	`await sandbox.exposePort(8080)`
Destroy	`await sandbox.destroy()`

Core Patterns

Execute Commands

const sandbox = getSandbox(env.Sandbox, 'user-123');
const result = await sandbox.exec('python --version');
// result: { stdout, stderr, exitCode, success }

Code Interpreter (Recommended for AI)

Use runCode() for executing LLM-generated code with rich outputs:

const ctx = await sandbox.createCodeContext({ language: 'python' });

await sandbox.runCode('import pandas as pd; data = [1,2,3]', { context: ctx });
const result = await sandbox.runCode('sum(data)', { context: ctx });
// result.results[0].text = "6"

Languages: python, javascript, typescript

State persists within context. Create explicit contexts for production.

File Operations

await sandbox.mkdir('/workspace/project', { recursive: true });
await sandbox.writeFile('/workspace/project/main.py', code);
const file = await sandbox.readFile('/workspace/project/main.py');
const files = await sandbox.listFiles('/workspace/project');

When to Use What

Need	Use	Why
Shell commands, scripts	`exec()`	Direct control, streaming
LLM-generated code	`runCode()`	Rich outputs, state persistence
Build/test pipelines	`exec()`	Exit codes, stderr capture
Data analysis	`runCode()`	Charts, tables, pandas

Extending the Dockerfile

Base image (docker.io/cloudflare/sandbox:0.7.0) includes Python 3.11, Node.js 20, and common tools.

Add dependencies by extending the Dockerfile:

FROM docker.io/cloudflare/sandbox:0.7.0

# Python packages
RUN pip install requests beautifulsoup4

# Node packages (global)
RUN npm install -g typescript

# System packages
RUN apt-get update && apt-get install -y ffmpeg && rm -rf /var/lib/apt/lists/*

EXPOSE 8080  # Required for local dev port exposure

Keep images lean - affects cold start time.

Preview URLs (Port Exposure)

Expose HTTP services running in sandboxes:

const { url } = await sandbox.exposePort(8080);
// Returns preview URL for the service

Production requirement: Preview URLs need a custom domain with wildcard DNS (*.yourdomain.com). The .workers.dev domain does not support preview URL subdomains.

See: https://developers.cloudflare.com/sandbox/guides/expose-services/

OpenAI Agents SDK Integration

The SDK provides helpers for OpenAI Agents at @cloudflare/sandbox/openai:

import { Shell, Editor } from '@cloudflare/sandbox/openai';

See examples/openai-agents for complete integration pattern.

Sandbox Lifecycle

getSandbox() returns immediately - container starts lazily on first operation
Containers sleep after 10 minutes of inactivity (configurable via sleepAfter)
Use destroy() to immediately free resources
Same sandboxId always returns same sandbox instance

Anti-Patterns

Don't use internal clients (CommandClient, FileClient) - use sandbox.* methods
Don't skip the Sandbox export - Worker won't deploy without export { Sandbox }
Don't hardcode sandbox IDs for multi-user - use user/session identifiers
Don't forget cleanup - call destroy() for temporary sandboxes

Detailed References

references/api-quick-ref.md - Full API with options and return types
references/examples.md - Example index with use cases

安全使用建议

Install this when you want Codex to help build Cloudflare Sandbox SDK integrations. Expect it to guide dependency installation, Docker-based local development, Cloudflare Worker configuration, command execution inside sandboxes, file operations, and preview URL exposure; review any generated app code and cleanup behavior before deploying.

能力评估

✓ Purpose & Capability

The stated purpose is sandboxed code execution, and the artifact content is aligned with that purpose: SDK setup, lifecycle, command execution, file operations, code interpreter use, preview URLs, and cleanup.

✓ Instruction Scope

Instructions are scoped to implementation guidance and documentation retrieval for Cloudflare Sandbox SDK tasks; there are no hidden role changes, prompt overrides, or unrelated data-access instructions.

ℹ Install Mechanism

The skill tells users to install @cloudflare/sandbox and verify Docker for local development, which is expected for this SDK but should be done in projects where that dependency is intended.

✓ Credentials

The environment requirements, including Docker, Cloudflare Workers configuration, container images, and port exposure, are proportionate to building sandboxed execution services and are disclosed.

ℹ Persistence & Privilege

The skill discusses persistent sandbox IDs, reusable code contexts, Durable Objects, and cleanup with destroy(); this persistence is expected for the SDK and is explicitly described.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install sandbox-sdk
安装完成后，直接呼叫该 Skill 的名称或使用 /sandbox-sdk 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of the sandbox-sdk skill. - Enables secure, isolated code execution using Cloudflare Sandbox SDK. - Supports lifecycle management, command execution, code interpretation, file operations, and port exposure. - Biases knowledge and retrieval toward the latest Cloudflare documentation and examples. - Provides configuration, setup, and integration guidance for AI code execution, CI/CD, and interactive environments. - Offers quick reference and best practices for safe, scalable sandbox use.

元数据

Slug sandbox-sdk

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题

Sandbox Sdk 是什么？

Build sandboxed applications for secure code execution. Load when building AI code execution, code interpreters, CI/CD systems, interactive dev environments,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 21 次。

如何安装 Sandbox Sdk？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install sandbox-sdk」即可一键安装，无需额外配置。

Sandbox Sdk 是免费的吗？

是的，Sandbox Sdk 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Sandbox Sdk 支持哪些平台？

Sandbox Sdk 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Sandbox Sdk？

由 Reza（@creativerezz）开发并维护，当前版本 v1.0.0。