# Modal Sandboxes — Secure Cloud Code Execution for AI Agents > Modal Sandboxes spin up secure Linux environments for agent-generated code in seconds. Custom images, GPUs, persistent volumes from any Modal Function. ## Install Copy the content below into your project: ## Quick Use 1. `pip install modal && modal token new` 2. Define an image with `modal.Image.debian_slim().pip_install(...)` 3. Spawn `modal.Sandbox.create(image=...)` and call `sb.exec(...)` --- ## Intro Modal Sandboxes are isolated Linux environments you spin up programmatically — perfect for running agent-generated code, fine-tuning, or untrusted user code. Custom Docker-style images, optional GPUs, persistent volumes, sub-second cold start. Best for: AI agents that need to execute generated Python / shell / Node code safely. Works with: Modal SDK (Python). Setup time: 5 minutes. --- ### Spawn a sandbox ```python import modal app = modal.App("agent-sandbox") image = modal.Image.debian_slim(python_version="3.12").pip_install("pandas", "numpy", "matplotlib") @app.function(image=image) def run_agent_code(code: str): sb = modal.Sandbox.create( image=image, cpu=2.0, memory=4096, timeout=300, app=app, ) process = sb.exec("python", "-c", code) stdout = process.stdout.read() stderr = process.stderr.read() sb.terminate() return {"stdout": stdout, "stderr": stderr, "exit_code": process.returncode} ``` ### Sandbox with persistent storage ```python volume = modal.Volume.from_name("agent-workspace", create_if_missing=True) sb = modal.Sandbox.create( image=image, volumes={"/workspace": volume}, workdir="/workspace", ) # Files written to /workspace persist across sandboxes sb.exec("python", "fetch_data.py") volume.commit() # Later sandbox reads the same files sb2 = modal.Sandbox.create(volumes={"/workspace": volume}) sb2.exec("python", "process_data.py") ``` ### GPU sandbox ```python sb = modal.Sandbox.create( image=image, gpu="A10G", # or "H100", "T4", etc timeout=3600, ) sb.exec("python", "train.py") ``` ### Why use Modal Sandboxes vs Docker locally - Spin up in <1s vs Docker's tens of seconds - Pre-built images cached at the platform level - Pay per second of execution - Same SDK works for Functions, Sandboxes, Volumes, GPUs - Built-in monitoring, logs, dashboards --- ### FAQ **Q: Is Modal free?** A: Modal has a free tier ($30/mo platform credit). Beyond that you pay per second of compute (CPU + memory + GPU). No platform fee — just resources used. **Q: How is this different from E2B?** A: E2B and Modal Sandboxes overlap heavily. E2B optimizes for sandbox-as-a-product (the fastest cold start, isolated networking by default). Modal optimizes for the bigger Modal platform (Functions, Volumes, queues, GPUs). Both work for agent code execution; pick by ecosystem fit. **Q: Can I install custom packages in the sandbox?** A: Yes — define an image with `modal.Image.debian_slim().pip_install(...)` or `apt_install(...)` or `dockerfile_commands(...)`. The image is built once and cached for fast cold starts. --- ## Source & Thanks > Built by [Modal](https://github.com/modal-labs). Commercial product with free tier. > > [modal.com/docs](https://modal.com/docs/guide/sandbox) — Sandbox documentation --- ## 快速使用 1. `pip install modal && modal token new` 2. 用 `modal.Image.debian_slim().pip_install(...)` 定义镜像 3. 起 `modal.Sandbox.create(image=...)` 然后调 `sb.exec(...)` --- ## 简介 Modal Sandbox 是程序化启动的隔离 Linux 环境 —— 适合跑 agent 生成的代码、微调、不可信用户代码。自定义 Docker 风格镜像、可选 GPU、持久 volume、亚秒级冷启动。适合需要安全执行生成的 Python / shell / Node 代码的 AI agent。需要 Modal SDK(Python)。装机时间 5 分钟。 --- ### 起一个 sandbox ```python import modal app = modal.App("agent-sandbox") image = modal.Image.debian_slim(python_version="3.12").pip_install("pandas", "numpy", "matplotlib") @app.function(image=image) def run_agent_code(code: str): sb = modal.Sandbox.create( image=image, cpu=2.0, memory=4096, timeout=300, app=app, ) process = sb.exec("python", "-c", code) stdout = process.stdout.read() stderr = process.stderr.read() sb.terminate() return {"stdout": stdout, "stderr": stderr, "exit_code": process.returncode} ``` ### 带持久存储的 sandbox ```python volume = modal.Volume.from_name("agent-workspace", create_if_missing=True) sb = modal.Sandbox.create( image=image, volumes={"/workspace": volume}, workdir="/workspace", ) # 写到 /workspace 的文件跨 sandbox 保留 sb.exec("python", "fetch_data.py") volume.commit() # 后面的 sandbox 读同样的文件 sb2 = modal.Sandbox.create(volumes={"/workspace": volume}) sb2.exec("python", "process_data.py") ``` ### GPU sandbox ```python sb = modal.Sandbox.create( image=image, gpu="A10G", # 或 "H100" / "T4" 等 timeout=3600, ) sb.exec("python", "train.py") ``` ### 为啥用 Modal Sandbox 而不是本地 Docker - 启动 <1s,Docker 要几十秒 - 预构建镜像在平台层缓存 - 按执行秒计费 - 同一 SDK 涵盖 Function / Sandbox / Volume / GPU - 自带监控、日志、仪表盘 --- ### FAQ **Q: Modal 免费吗?** A: Modal 有免费档(每月 $30 平台 credit)。之后按计算秒(CPU + 内存 + GPU)收费。没有平台费 —— 只算资源用量。 **Q: 跟 E2B 啥区别?** A: E2B 和 Modal Sandbox 高度重叠。E2B 优化「沙箱即产品」(最快冷启动、默认隔离网络)。Modal 优化整个 Modal 平台(Function / Volume / 队列 / GPU)。都能跑 agent 代码;按生态适配选。 **Q: 能在 sandbox 里装自定义包吗?** A: 能 —— 用 `modal.Image.debian_slim().pip_install(...)` 或 `apt_install(...)` 或 `dockerfile_commands(...)` 定义镜像。镜像构建一次,缓存以加速冷启动。 --- ## 来源与感谢 > Built by [Modal](https://github.com/modal-labs). Commercial product with free tier. > > [modal.com/docs](https://modal.com/docs/guide/sandbox) — Sandbox documentation --- Source: https://tokrepo.com/en/workflows/modal-sandboxes-secure-cloud-code-execution-for-ai-agents Author: Modal