Security
Management API, not isolation.
Sandbox SDK normalizes provider management APIs. The selected provider supplies the security boundary.
Isolation still needs application security
Responsible disclosure
Report vulnerabilities privately to security@opencore.dev. Do not include production credentials or customer data.
Credentials
Provider credentials stay in official SDK configuration. Errors and serialized preview objects redact access tokens.
Preview URLs
Authenticated preview requests keep tokens inside request functions rather than JSON output or examples.
Local isolation
Local runs guest files, processes and sockets inside an AgentOS WebAssembly/V8 VM instead of host child processes.
Cleanup
Stop is idempotent and withSandbox attempts cleanup after every callback outcome.
Provider differences
Network policy, persistence, authentication and snapshot semantics differ. Check provider capabilities.