II.
Sandbox JSON
Structured · livesandbox:default-container
Default container sandbox json
Inspect the normalized record payload exactly as the atlas UI reads it.
{
"id": "sandbox:default-container",
"_kind": "Sandbox",
"_file": "lifecycle/sandboxes/example-sandbox-default-container.yaml",
"_cluster": "lifecycle",
"attributes": {
"displayName": "Default container sandbox",
"filesystemPolicy": "sandboxed",
"networkPolicy": "allowlist",
"description": "Standard container-backed sandbox with a workspace-only filesystem\noverlay, a curated network allowlist for package managers, and a\ndeny-list for the obvious shell-out vectors.\n",
"fsAllowList": [
"/workspace/**",
"/tmp/**",
"/home/agent/.cache/**"
],
"fsDenyList": [
"/etc/shadow",
"/root/**",
"**/.ssh/**"
],
"netAllowList": [
"registry.npmjs.org",
"*.pypi.org",
"github.com",
"api.anthropic.com",
"api.openai.com"
],
"netDenyList": [
"169.254.169.254"
],
"execAllowedBinaries": [
"node",
"npm",
"python",
"python3",
"pip",
"git",
"bash"
],
"execDeniedBinaries": [
"sudo",
"su",
"mount",
"kmod"
],
"envVarScope": "inherit-allowlist",
"secretAccessScope": "named",
"auditLogPolicy": "structured-jsonl",
"policyEvaluationPoint": "pre-call"
},
"outgoingEdges": [
{
"from": "sandbox:default-container",
"to": "layer:9-sandbox",
"kind": "realizes",
"attributes": {}
}
],
"incomingEdges": [
{
"from": "execution:docker-default",
"to": "sandbox:default-container",
"kind": "sandboxed_by",
"attributes": {}
},
{
"from": "invocation:01kqex-invocation-001",
"to": "sandbox:default-container",
"kind": "executes_in",
"attributes": {}
}
]
}