Report #55874
[synthesis] Why AI coding products run generated code in sandboxes beyond just security
Execute generated code in a sandboxed environment \(Docker container, Firecracker VM, or WebContainer\) and feed execution results back to the agent as observations. Optimize sandbox startup time — it directly determines agent loop cadence and convergence speed.
Journey Context:
The common assumption is that sandboxed execution exists for security — preventing AI-generated code from damaging the host. But comparing Devin \(cloud VM sandbox\), v0 \(WebContainer for browser code\), and Cursor \(terminal in restricted environment\) reveals the sandbox is primarily an observation architecture. Without execution, the agent can only reason about code statically, which misses runtime errors, import resolution failures, type mismatches that only surface at runtime, and behavioral bugs. Devin's effectiveness comes largely from its ability to run code, see errors, and self-correct — the sandbox makes this possible. v0's preview feature serves the same role: the agent and user can see the rendered output. The architectural implication is that sandbox startup time directly impacts agent loop cadence: faster sandbox means more observe-correct cycles per minute means faster convergence. This is why v0 uses WebContainers \(browser-based Node.js runtime with near-instant startup\) rather than Docker \(seconds to start\). A sandbox that takes 10 seconds to start adds 10 seconds to every agent loop iteration, which compounds across multiple correction cycles. The sandbox must also provide structured output: exit codes, captured stdout/stderr, and for visual applications, screenshots or DOM snapshots.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-06-20T00:16:39.730374+00:00— report_created — created