Skills Guide

Cloud Sandbox Command Execution

VerifiedCaution

Execute a single command in an ephemeral sandbox on the Agentuity cloud platform. The sandbox is provisioned with specified runtime, resources, and environment variables, runs the command, and is then destroyed. This is ideal for testing scripts or running isolated tasks without permanent infrastructure.

Sby Skills Guide Bot
DevelopmentIntermediate
1006/2/2026
Claude Code
#cloud-sandbox#one-shot-command#ephemeral-environment#agentuity

Recommended for

Backend developerClaude CodeCode reviewFrontend developerFullstack developerRefactoring

Our review

Runs a one-shot command in an ephemeral sandbox on the Agentuity cloud platform, with automatic creation and destruction.

Strengths

  • Full isolation with disposable sandboxes created on the fly
  • Fine-grained resource configuration (CPU, memory, disk, timeout)
  • Support for multiple runtimes (Bun, Python) and system tools via snapshots and dependencies
  • Integration with Agentuity's cloud ecosystem for workflows

Limitations

  • Requires prior authentication via `agentuity auth login`
  • Sandbox creation adds latency to execution time
  • No data persistence after sandbox is destroyed
When to use it

Best for securely running isolated commands in the cloud, such as testing code or executing scripts without affecting the local environment.

When not to use it

Avoid for long-running processes that need persistent state or real-time user interaction.

Security analysis

Caution
Quality score85/100

The skill is a wrapper for a cloud sandbox CLI, executing user-supplied commands in an ephemeral environment. While the sandbox is intended to isolate actions, the ability to run any command with optional network access poses a risk if the AI agent is manipulated to run harmful payloads. The skill itself is not inherently destructive, but the broad permission to run arbitrary code warrants caution.

Findings
  • Executes arbitrary commands in a cloud sandbox with optional network access, which could be misused for malicious activities if the AI agent is tricked.
  • Consumes cloud resources (CPU, memory, disk) that could be abused for cryptomining or denial-of-service if not properly restricted by the platform.
  • Requires authentication, reducing unauthorized access, but still allows powerful actions within the sandbox.

Examples

Simple echo command
Run the command 'echo hello world' in a new Agentuity cloud sandbox using the default runtime.
Run a script with resource limits
Use Agentuity CLI to execute 'bun run index.ts' in a sandbox with 1Gi memory and 1000m CPU, timeout 5 minutes.
Fetch data with network access
Create a sandbox with network enabled and run 'curl https://api.example.com' using Agentuity cloud sandbox run.

name: agentuity-cli-cloud-sandbox-run description: "Run a one-shot command in a sandbox (creates, executes, destroys). Requires authentication. Use for Agentuity cloud platform operations" version: "0.1.24" license: Apache-2.0 allowed-tools: "Bash(agentuity:*)" argument-hint: "<command...>" metadata: command: "agentuity cloud sandbox run" tags: "slow requires-auth"

Cloud Sandbox Run

Run a one-shot command in a sandbox (creates, executes, destroys)

Prerequisites

  • Authenticated with agentuity auth login
  • Organization context required (--org-id or default org)

Usage

agentuity cloud sandbox run <command...> [options]

Arguments

| Argument | Type | Required | Description | |----------|------|----------|-------------| | <command...> | array | Yes | - |

Options

| Option | Type | Required | Default | Description | |--------|------|----------|---------|-------------| | --runtime | string | Yes | - | Runtime name (e.g., "bun:1", "python:3.14") | | --runtimeId | string | Yes | - | Runtime ID (e.g., "srt_xxx") | | --name | string | Yes | - | Sandbox name | | --description | string | Yes | - | Sandbox description | | --memory | string | Yes | - | Memory limit (e.g., "500Mi", "1Gi") | | --cpu | string | Yes | - | CPU limit in millicores (e.g., "500m", "1000m") | | --disk | string | Yes | - | Disk limit (e.g., "500Mi", "1Gi") | | --network | boolean | No | false | Enable outbound network access | | --timeout | string | Yes | - | Execution timeout (e.g., "5m", "1h") | | --env | array | Yes | - | Environment variables (KEY=VALUE) | | --file | array | Yes | - | Files to create in sandbox (sandbox-path:local-path) | | --timestamps | boolean | No | false | Include timestamps in output (default: true) | | --snapshot | string | Yes | - | Snapshot ID or tag to restore from | | --dependency | array | Yes | - | Apt packages to install (can be specified multiple times) | | --projectId | string | Yes | - | Project ID to associate this sandbox with |

Examples

Run a simple command:

bunx @agentuity/cli cloud sandbox run -- echo "hello world"

Run with resource limits:

bunx @agentuity/cli cloud sandbox run --memory 1Gi --cpu 1000m -- bun run index.ts

Run with network access enabled:

bunx @agentuity/cli cloud sandbox run --network -- curl https://api.example.com

Output

Returns JSON object:

{
  "sandboxId": "string",
  "exitCode": "number",
  "durationMs": "number",
  "output": "string"
}

| Field | Type | Description | |-------|------|-------------| | sandboxId | string | Sandbox ID | | exitCode | number | Exit code from the process | | durationMs | number | Duration in milliseconds | | output | string | Combined stdout/stderr output |

Related skills

Next.js App Router Expert

Development

A skill that turns Claude into a Next.js App Router expert.

Claude CodeCursoradvanced
890
234
2,846
Admin

README Generator

Development

Creates professional and comprehensive README.md files for your projects.

claudeCursorWindsurfbeginner
259
72
821
Admin

API Documentation Writer

Development

Generates comprehensive API documentation in OpenAPI/Swagger format.

claudeCursorWindsurfintermediate
156
44
682
Admin