The safest way to run code you didn’t write
Vercel Sandbox
Vercel Sandbox
Vercel Sandbox
Network Firewall with Credentials Brokering
Control egress traffic with fine-grained network policies that can be updated at runtime. Credentials brokering injects secrets into outbound requests without exposing them inside the sandbox, preventing data exfiltration even when running untrusted code.
- Dynamic policies: allow-all, deny-all, or user-defined rules
- Credentials injected on egress: never enter sandbox scope
- Domain-based allowlists with wildcard support
- Live policy updates without restarting processes
Vercel Sandbox
const sandbox = await Sandbox.create({ network: { policy: 'allow-all', },});
// Install dependencies with full network accessawait sandbox.runCommand({ cmd: 'npm', args: ['install'] });
// Lock down network before running untrusted codeawait sandbox.setNetworkPolicy({ policy: 'user-defined', allowedDomains: ['api.openai.com', '*.vercel.app'], // Credentials injected on egress - never in sandbox transformations: [{ domain: 'api.openai.com', headers: { Authorization: 'Bearer $OPENAI_API_KEY' }, }],});Snapshots with Instant Environment Restore
Capture the complete state of a running sandbox (filesystem and installed packages), then restore it instantly. Share environments with teammates, checkpoint long-running tasks, or skip dependency installation entirely by snapshotting after setup.
- Skip dependency installation on every run
- Share identical environments with your team
- Checkpoint progress on long-running tasks
- Spin up multiple parallel instances from one snapshot
Vercel Sandbox
// Create a sandbox and set up your environmentconst sandbox = await Sandbox.create();await sandbox.runCommand({ cmd: 'npm', args: ['install'] });await sandbox.runCommand({ cmd: 'npm', args: ['run', 'build'] });
// Capture the state as a snapshotconst snapshot = await sandbox.snapshot();console.log('Snapshot created:', snapshot.id);
// Create new sandboxes instantly from the snapshotconst fast = await Sandbox.create({ snapshot: snapshot.id });
// Spin up multiple parallel instances from same snapshotconst runners = await Promise.all([ Sandbox.create({ snapshot: snapshot.id }), Sandbox.create({ snapshot: snapshot.id }), Sandbox.create({ snapshot: snapshot.id }),]);Cost-efficient, scalable execution with Fluid compute
Vercel Sandbox runs on Fluid compute, Vercel’s optimized execution model that scales CPU and memory dynamically across millions of executions.
With Active CPU pricing, you’re billed only when code is actively running, not during idle or wait time, resulting in up to 95% lower cost for workloads with bursty or I/O-bound patterns.
“Vercel Sandbox expands what our frontend infrastructure can handle. We plan to rely on it more for running untrusted code in AI workflows and for integrating tools that cannot run in a Node.js serverless function.”
“Cua lets teams run computer-use agents from their apps with 100+ compatible VLMs — agents operate real desktops backed by Vercel Sandbox. Next.js playground on Vercel; agents execute in Vercel Sandbox via Cua with logs, replays, and evals.”
How much will it cost?
Estimate your monthly Vercel Sandbox costs. Adjust your workload settings and compare pricing across providers.
Launch a secure, interactive sandbox environment in milliseconds.
Quickly give Vercel Sandbox a try with your AI tool of choice.
Bootstrap a simple Node.js CLI that creates a Vercel sandbox. Use this code:
Include auth setup (vercel login && vercel link) with error handling.