CubeSandbox: a high-density secure sandbox service for AI agents with sub-60ms boot times and hardware-level isolation

CubeSandbox: a high-density secure sandbox service for AI agents with sub-60ms boot times and hardware-level isolation

What it solves

CubeSandbox provides a secure, high-performance environment for AI agents to execute untrusted, LLM-generated code. It eliminates the trade-off between the high security of traditional virtual machines (which are slow to boot) and the lightweight nature of Docker containers (which share a kernel and are prone to escapes).

How it works

Built on RustVMM and KVM, the system creates hardware-isolated MicroVMs with their own Guest OS kernels. It uses a custom Copy-on-Write (CubeCoW) snapshot engine to enable near-instant cloning and rollbacks. The architecture includes a Rust-based API gateway (CubeAPI) compatible with the E2B SDK, a cluster orchestrator (CubeMaster), and an eBPF-based virtual switch (CubeVS) for kernel-level network isolation.

Who it’s for

Developers building AI agents that require a safe, scalable way to run code, perform browser automation, or conduct RL training without risking the host system's security.

Highlights

  • Extreme Performance: Cold starts in under 60ms with less than 5MB of memory overhead per instance.
  • Hardware Isolation: Dedicated kernels for every sandbox to prevent shared-kernel escapes.
  • E2B Compatibility: Drop-in replacement for E2B SDK users by simply changing a URL environment variable.
  • Advanced State Management: Supports hundred-millisecond checkpoints, snapshots, cloning, and rollbacks.
  • Enterprise Security: Includes a credential vault to keep API keys out of the sandbox and an egress gateway for domain allowlisting and auditing.
  • Operational Tools: Features a Web console for visual management of templates, nodes, and sandboxes.

Sources