Agent-Infra Releases AIO Sandbox: An All-in-One Runtime for AI Agents with Browser, Shell, Shared Filesystem, and MCP

The Challenge of Autonomous Agent Development

When it comes to the advancement of autonomous agents, a significant technical challenge is emerging. The focus is shifting from model reasoning to the execution environment. Even though Large Language Models (LLMs) have the capability to generate code and multi-step plans, creating a functional and isolated environment for running that code poses a substantial infrastructure hurdle.

Introducing Agent-Infra’s AIO Sandbox

Agent-Infra has developed an open-source project known as the Sandbox, which tackles this challenge by offering an ‘All-in-One’ (AIO) execution layer. Unlike traditional containerization methods that often require manual configuration for tool-chaining, the AIO Sandbox integrates a browser, a shell, and a file system into a unified environment specifically designed for AI agents.

The All-in-One Architecture

One of the primary obstacles in agent development is tool fragmentation. Typically, an agent may require a browser for data retrieval, a Python interpreter for analysis, and a filesystem for storing results. Managing these as separate services can introduce latency and synchronization complexities.

Agent-Infra addresses this issue by consolidating these requirements into a single containerized environment. The sandbox includes:

Computer Interaction: A Chromium browser that can be controlled via the Chrome DevTools Protocol (CDP), with Playwright support.

Code Execution: Pre-configured runtimes for Python and Node.js.

Standard Tooling: A bash terminal and a shared file system accessible across modules.

Development Interfaces: Integrated VSCode Server and Jupyter Notebook instances for monitoring and debugging.

The Unified File System

A key technical feature of the Sandbox is its Unified File System. In a standard workflow, an agent might download a file using a browser-based tool. In a fragmented setup, this file would need to be moved programmatically to a separate environment for processing.

The AIO Sandbox utilizes a shared storage layer, allowing a file downloaded via the Chromium browser to be immediately visible to the Python interpreter and the Bash shell. This shared state enables seamless transitions between tasks without the need for external data handling.

Model Context Protocol (MCP) Integration

The Sandbox comes with built-in support for the Model Context Protocol (MCP), an open standard that facilitates communication between AI models and tools. By offering pre-configured MCP servers, Agent-Infra enables developers to expose sandbox capabilities to LLMs through a standardized protocol.

The available MCP servers include:

Browser: For web navigation and data extraction.

File: For operations on the unified filesystem.

Shell: For executing system commands.

Markitdown: For converting document formats into Markdown for optimized LLM consumption.

Isolation and Deployment

The Sandbox is optimized for ‘enterprise-grade Docker deployment,’ with a focus on isolation and scalability. It offers a persistent environment for complex tasks, such as maintaining a terminal session over multiple turns, while remaining lightweight enough for high-density deployment.

Deployment and Control:

Infrastructure: The project includes Kubernetes (K8s) deployment examples, enabling teams to utilize K8s-native features like resource limits (CPU and memory) for managing the sandbox’s footprint.

Container Isolation: By running agent activities within a dedicated container, the sandbox ensures a layer of separation between the agent’s generated code and the host system.

Access: The environment can be managed through an API and SDK, allowing developers to programmatically trigger commands, execute code, and manage the environment state.

Technical Comparison: Traditional Docker vs. AIO Sandbox

The table below highlights the differences between the traditional Docker approach and the AIO Sandbox approach developed by Agent-Infra:

Feature	Traditional Docker Approach	AIO Sandbox Approach (Agent-Infra)
Architecture	Typically multi-container (one for browser, one for code, one for shell).	Unified Container: Browser, Shell, Python, and IDEs (VSCode/Jupyter) in one runtime.
Data Handling	Requires volume mounts or manual API “plumbing” to move files between containers.	Unified File System: Files are natively shared. Browser downloads are instantly visible to the shell/Python.
Agent Integration	Requires custom “glue code” to map LLM actions to container commands.	Native MCP Support: Pre-configured Model Context Protocol servers for standard agent discovery.
User Interface	CLI-based; Web-UIs like VSCode or VNC require significant manual setup.	Built-in Visuals: Integrated VNC (for Chromium), VSCode Server, and Jupyter ready out-of-the-box.
Resource Control	Managed via standard Docker/K8s cgroups and resource limits.	Relies on underlying orchestrator (K8s/Docker) for resource throttling and limits.
Connectivity	Standard Docker bridge/host networking; manual proxy setup needed.	CDP-based Browser Control: Specialized browser interaction via Chrome DevTools Protocol.
Persistence	Containers are typically long-lived or reset manually; state management is custom.	Stateful Session Support: Supports persistent terminals and workspace state during the task lifecycle.

Scaling the Agent Stack

While the core Sandbox is open-source under the Apache-2.0 license, it is positioned as a scalable solution for teams working on complex agentic workflows. By reducing the ‘Agent Ops’ overhead—the work needed to maintain execution environments and handle dependency conflicts—the sandbox empowers developers to concentrate on the agent’s logic rather than the underlying runtime.

As AI agents evolve from basic chatbots to operators capable of engaging with web content and local files, the execution environment becomes a crucial element of the stack. The Agent-Infra team views the AIO Sandbox as a standardized, lightweight runtime for this evolution.

For more information, check out the Agent-Infra Sandbox Repository. You can also stay updated by following us on Twitter and joining our ML SubReddit with over 120k members. Don’t forget to subscribe to our Newsletter and connect with us on Telegram as well!

Meet Michal Sutter, a data science professional with a Master of Science in Data Science from the University of Padova. With expertise in statistical analysis, machine learning, and data engineering, Michal excels at transforming complex datasets into actionable insights.