Secure Code Execution for AI Agents

LangSmith Sandboxes address a critical challenge in agent development: how to let AI agents run code safely without risk to your infrastructure. Coding agents like Cursor and Claude Code demonstrate significant utility when they can execute code to analyze data, call APIs, and build applications. However, letting an LLM execute arbitrary code without isolation creates security risks.

What's Shipping

LangSmith Sandboxes are hardware-virtualized microVMs that provide kernel-level isolation between executions. Key features include:

Runtime & Configuration:

• Bring your own Docker images or use provided defaults
• Sandbox templates for reusable environment configurations
• Pooling and autoscaling to eliminate cold-start delays
• Shared sandbox access for multiple agents

Execution Capabilities:

• Long-running sessions supporting minutes or hours of execution
• Real-time output streaming over WebSockets
• Persistent state across multiple agent interactions
• Local tunnels for previewing agent output

Security & Integration:

• Authentication Proxy ensures secrets never touch the runtime
• Hardware-virtualized microVM isolation (not just Linux namespaces)
• Python and JavaScript SDK support
• Native integration with LangChain's Deep Agents framework

Getting Started

Sandboxes integrate seamlessly with the existing LangSmith SDK, requiring just a single line of code to spin up an isolated environment. The feature works framework-agnostic and is designed for workloads including coding assistants, CI-style agents that run test suites, and data analysis agents executing scripts against datasets.

Developers can sign up for the private preview waitlist now. LangChain is actively developing additional features including shared volumes for cross-sandbox state management, binary authorization for executable restrictions, and comprehensive execution tracing for audit logging.