July 1, 2026InfrastructureOpen SourceAgents

Tencent open-sourced the box you run untrusted agent code in

Every time your agent runs LLM-generated code, you are trusting something no human read to touch your machine. CubeSandbox, just open-sourced by Tencent Cloud, is a place to run that code where a bad line can't reach out and bite you. It's built on RustVMM and KVM, and the key move is that every sandbox gets its own guest OS kernel. Hardware-level isolation, not the shared-kernel gamble Docker makes.

The numbers are the sell. Sandboxes boot in under 60 milliseconds, carry under 5MB of overhead each, and you can pack thousands of them onto a single node. So you get true micro-VM isolation without the fat and the slow boot that made people reach for containers in the first place. And it speaks the E2B SDK, so if you already built on E2B, moving over is close to a swap.

The agent sandbox has quietly become a real category. Microsoft shipped MXC at kernel level, Apple has its Container framework, Claude Desktop got a sandbox VM. But those are all proprietary or tied to one OS. CubeSandbox is the open, drop-in one, first release back in April, now at v0.4.0 with snapshots, clone, rollback and a credential vault, 6.8k stars.

Worth saying plainly, as agents do more of the work, the thing that runs their code safely stops being a nice-to-have and becomes core infrastructure, and Tencent just made a good one free. github.com/TencentCloud/CubeSandbox
← Previous
Orca wants one brain for video, language and action
Next β†’
Meta open-sourced its design system so agents build like you do
← Back to all articles

Comments

Loading...
>_