CubeSandbox: a high-density secure sandbox service for AI agents with sub-60ms boot times and hardware-level isolation
CubeSandbox: a high-density secure sandbox service for AI agents with sub-60ms boot times and hardware-level isolation
What it solves
CubeSandbox provides a secure, high-performance environment for AI agents to execute untrusted, LLM-generated code. It eliminates the trade-off between the high security of traditional virtual machines (which are slow to boot) and the lightweight nature of Docker containers (which share a kernel and are prone to escapes).
How it works
Built on RustVMM and KVM, the system creates hardware-isolated MicroVMs with their own Guest OS kernels. It uses a custom Copy-on-Write (CubeCoW) snapshot engine to enable near-instant cloning and rollbacks. The architecture includes a Rust-based API gateway (CubeAPI) compatible with the E2B SDK, a cluster orchestrator (CubeMaster), and an eBPF-based virtual switch (CubeVS) for kernel-level network isolation.
Who it’s for
Developers building AI agents that require a safe, scalable way to run code, perform browser automation, or conduct RL training without risking the host system's security.
Highlights
- Extreme Performance: Cold starts in under 60ms with less than 5MB of memory overhead per instance.
- Hardware Isolation: Dedicated kernels for every sandbox to prevent shared-kernel escapes.
- E2B Compatibility: Drop-in replacement for E2B SDK users by simply changing a URL environment variable.
- Advanced State Management: Supports hundred-millisecond checkpoints, snapshots, cloning, and rollbacks.
- Enterprise Security: Includes a credential vault to keep API keys out of the sandbox and an egress gateway for domain allowlisting and auditing.
- Operational Tools: Features a Web console for visual management of templates, nodes, and sandboxes.
Sources
- undefinedTencentCloud/CubeSandbox