sandbox

AIO Sandbox is a unified, all-in-one agent sandbox environment that exposes multiple MCP servers inside a single Docker container. This MCP setup provides pre-configured servers for Browser, File, Shell, and Markitdown operations, enabling automated agent workflows that can browse web pages, manipulate files, execute shell commands, and process documents. With MCP endpoints, you can programmatically drive browser automation via MCP, perform file system actions, run shell commands, and convert or manipulate content through the included MCP services. To start, run the provided Docker command to launch the sandbox container, then access the MCP services at http://localhost:8080/mcp for high-level APIs and http://localhost:8080/v1/docs for API documentation. You can also leverage the integrated VSCode Server, Jupyter support, and VNC browser interfaces exposed by the sandbox environment.

Prerequisites:

• Docker installed and running
• Sufficient system resources (CPU, memory) to run a full development sandbox

Installation steps:

1. Ensure Docker is running on your machine.
2. Pull and run the sandbox image (this uses the default latest tag):

docker run --security-opt seccomp=unconfined --rm -it -p 8080:8080 ghcr.io/agent-infra/sandbox:latest

3. If you need to use a specific version, replace the image tag with the desired version, for example:

docker run --security-opt seccomp=unconfined --rm -it -p 8080:8080 ghcr.io/agent-infra/sandbox:1.0.0.150

4. Verify the MCP services are reachable at http://localhost:8080/mcp and that the documentation is available at http://localhost:8080/v1/docs.

Notes:

• In environments with restricted network access, use the enterprise CN mirror as shown in the Quick Start section of the README.
• If you encounter port conflicts, map to different host ports accordingly.

Tips and caveats:

• The sandbox container includes pre-configured MCP servers for Browser, File, Shell, and Markitdown, enabling integrated browser automation and file/command operations.
• The environment provides multiple interfaces (VNC, VSCode Server, Jupyter) alongside MCP services for versatile interaction.
• When using MCP programmatically, reference the endpoint at /mcp for service orchestration and /v1/docs for API details.
• If you need to customize environment variables, you can extend the Docker run with -e VAR=value as needed. Typical needs include base URLs or authentication tokens for external services.
• Ensure you expose ports only as needed and follow best practices for securing access to the sandbox in shared or public networks.