Technology
Preferred on Google
Google News

Cloudflare Sandboxes Go General

Cloudflare Sandboxes are now generally available, offering AI developers a robust platform for building and deploying agents with enhanced security and state management.

3 min read
Cloudflare logo with abstract network graphics
Cloudflare's platform aims to enhance internet security and performance.· Cloudflare

Cloudflare has officially moved its Sandboxes product out of beta, making the tool for running AI agents generally available. This move aims to provide developers with a robust and secure environment to build and deploy AI agents that can execute code.

Launched initially last June, the premise behind Cloudflare Sandboxes was to create a safe space for AI agents to develop and run code. This often requires mimicking developer actions like cloning repositories, building code across various languages, and running development servers, necessitating a full computer environment.

The company highlighted persistent challenges in the agent development landscape: managing bursty workloads, ensuring quick state restoration, maintaining security without granting direct credentials, providing programmatic control, and offering an ergonomic interface for both humans and agents. Cloudflare Sandboxes aims to solve these by providing managed infrastructure.

Figma, an early adopter, utilized Cloudflare Containers to run untrusted agent and user-authored code for its Figma Make feature. Alex Mullans, AI and Developer Platforms at Figma, noted the need for reliable, highly-scalable sandboxes.

Related startups

Key Enhancements for General Availability

Since its initial launch, Cloudflare has significantly enhanced Sandboxes. Key new features include:

  • Secure credential injection: Allows authenticated calls to services without exposing raw credentials to the agent.
  • PTY support: Provides a real terminal experience for agents, compatible with tools like xterm.js, enabling interactive debugging.
  • Persistent code interpreters: Offers stateful execution environments for Python, JavaScript, and TypeScript.
  • Background processes and live preview URLs: Simplifies interaction with development servers and allows verification of in-flight changes.
  • Filesystem watching: Improves iteration speed by enabling agents to react to file changes in real time.
  • Snapshots: Facilitates quick recovery of an agent's coding session state.
  • Higher limits and Active CPU Pricing: Enables scaling agent fleets without paying for idle compute, with pricing based on actively used CPU cycles.

Under the Hood: Cloudflare Sandboxes Explained

A Cloudflare Sandbox is a persistent, isolated environment powered by Cloudflare Containers. It can be requested by name, starting on demand and automatically sleeping when idle. Programmatic interaction is facilitated through methods like exec, gitClone, and writeFile.

The platform addresses the complex problem of authentication for agentic workloads. Secure credential injection operates at the network layer via a programmable egress proxy, ensuring agents never access credentials directly. This allows for customized authentication logic.

Unlike earlier systems that simulated shell access, Cloudflare Sandboxes now offers full PTY support. This enables a real-time, interactive terminal experience over WebSockets, mirroring how human developers use terminals for debugging and development.

For data analysis and scripting, Sandboxes provide persistent code execution contexts. Variables and imports remain between calls, similar to a Jupyter notebook, allowing for stateful workflows.

Agents can now start development servers and expose them via live preview URLs. Background processes can be managed, with readiness checks and the ability to expose running services, enabling immediate user feedback.

Filesystem event watching, powered by Linux's native inotify mechanism, allows agents to react instantly to file modifications, mirroring modern event-driven development loops.

Snapshots, rolling out soon, will preserve an entire container's state—including dependencies and modified files—enabling quick restoration and session resumption. This addresses the challenge of maintaining agent state without incurring continuous compute costs.

The platform also offers increased capacity, with higher limits on concurrent instances. The pricing model has shifted to active CPU usage, ensuring users only pay for compute actively consumed by their agents.

This evolution transforms Cloudflare Sandboxes from a basic command-runner to a full development environment. It enables AI agents to perform complex engineering tasks, mirroring the tight feedback loops of human developers. The SDK is available at version 0.8.9.

© 2026 StartupHub.ai. All rights reserved. Do not enter, scrape, copy, reproduce, or republish this article in whole or in part. Use as input to AI training, fine-tuning, retrieval-augmented generation, or any machine-learning system is prohibited without written license. Substantially-similar derivative works will be pursued to the fullest extent of applicable copyright, database, and computer-misuse laws. See our terms.
#Cloudflare#Sandboxes#AI Agents#Developer Tools#Cloud Computing#Containers#Zero Trust