AIIntermediate Some commands deprecated

Docker Sandboxes (sbx) Cheatsheet

Q: Agent can't reach the network

Loosen the policy or override at run time. Command: sbx run --network host

Q: Sandbox can't see your files

Add an explicit mount. Command: sbx run --mount $(pwd):/workspace

Standalone CLI for ephemeral, isolated sandboxes — built for running AI agents safely.

What it is

Use `sbx` to give an AI coding agent (Claude, Codex, etc.) a disposable, sandboxed environment with controlled filesystem and network policies. Note: the older Docker Desktop-integrated `docker sandbox` commands are deprecated; use the standalone `sbx` CLI going forward.

Installation

Install the standalone `sbx` CLI from the Docker Sandboxes docs (Homebrew, install script, or release binaries). Verify with `sbx --version`.

Quick start

sbx run

Start a default sandbox shell.

sbx run claude ~/my-project

Run an agent (Claude) against a project directory inside a sandbox.

sbx ls

List active sandboxes.

sbx stop <id>

Stop a sandbox.

Common commands

Task	Command	Description
Start a sandbox	`sbx run [cmd] [path]`	Launch a sandbox, optionally with an entry command and mounted project path.
List sandboxes	`sbx ls`	Show running and recent sandboxes.
Stop a sandbox	`sbx stop <id>`	Gracefully stop a sandbox.
Remove a sandbox	`sbx rm <id>`	Delete a stopped sandbox.
View logs	`sbx logs <id>`	Inspect activity inside the sandbox.
Exec into sandbox	`sbx exec <id> -- <cmd>`	Run a command inside a running sandbox.
Apply / inspect policy	`sbx policy`	Manage the policy controlling network and filesystem access.

Useful flags

Flag	Example	Meaning
--name	`sbx run --name research`	Stable name for the sandbox.
--policy	`sbx run --policy strict`	Apply a named policy controlling network/FS access.
--network	`sbx run --network none`	Disable outbound network.
--mount	`sbx run --mount ~/proj:/workspace`	Mount a host directory into the sandbox.

Real-world examples

Let Claude work on a repo, sandboxed

sbx run claude ~/my-project

Disposable shell with no network

sbx run --network none --rm -- bash

Run a script with a custom policy

sbx run --policy strict -- bash -c './suspicious.sh'

Best practices

Default agents to the most restrictive policy that still lets them do the task.
Mount only the project directory — never your whole $HOME.
Use --network none when the task is offline; otherwise allow-list domains via policy.
Treat sandbox state as ephemeral; commit useful output back to the host explicitly.

Troubleshooting

`docker sandbox` shows a deprecation notice

Switch to the standalone `sbx` CLI.

Agent can't reach the network

Loosen the policy or override at run time.

sbx run --network host

Sandbox can't see your files

Add an explicit mount.

sbx run --mount $(pwd):/workspace

Official Docker Docs references

Last reviewed: 2026-06-15