content/manuals/ai/sandboxes/get-started.md
{{< summary-bar feature_name="Docker Sandboxes" >}}
This guide shows how to run an AI coding agent in an isolated sandbox for the first time, using Claude Code as an example. The same concepts apply to other supported agents.
[!NOTE] Upgrading from an earlier version of Docker Desktop? See the migration guide for information about the new microVM architecture.
Before you begin, ensure you have:
Follow these steps to run a sandbox with Claude Code:
(Optional but recommended) Set your Anthropic API key as an environment variable.
Add the API key to your shell configuration file:
export ANTHROPIC_API_KEY=sk-ant-api03-xxxxx
Docker Sandboxes use a daemon process that runs independently of your current shell session. This means setting the environment variable inline or in your current session will not work. You must set it globally in your shell configuration file to ensure the daemon can access it.
Apply the changes:
Alternatively, you can skip this step and authenticate interactively when Claude Code starts. Interactive authentication is less secure and requires you to re-authenticate for each workspace. See Credential security for details.
Create and run a sandbox for Claude Code for your workspace:
$ docker sandbox run claude [PATH]
This creates a microVM sandbox. Docker assigns it a name automatically based
on the agent and workspace directory (claude-somedir). If that name is
already in use, Docker appends a number.
The workspace parameter is optional and defaults to your current directory if omitted:
$ cd ~/my-project
$ docker sandbox run claude
You can also mount multiple workspaces. Append :ro for read-only access:
$ docker sandbox run claude ~/my-project ~/docs:ro
Claude Code starts and you can begin working. The first run takes longer while Docker initializes the microVM and pulls the template image.
When you ran docker sandbox run:
The sandbox persists until you remove it. Installed packages and configuration
remain available. Run docker sandbox run <sandbox-name> again to reconnect.
[!NOTE] Agents can modify files in your workspace. Review changes before executing code or performing actions that auto-run scripts. See Security considerations for details.
Here are essential commands to manage your sandboxes:
$ docker sandbox ls
Shows all your sandboxes with their IDs, names, status, workspace paths, and creation time. Workspace paths are shown for both running and stopped sandboxes.
[!NOTE] Sandboxes don't appear in
docker psbecause they're microVMs, not containers. Usedocker sandbox lsto see them.
$ docker sandbox exec -it <sandbox-name> bash
Executes a command inside the container in the sandbox. Use -it to open an
interactive shell for debugging or installing additional tools.
$ docker sandbox rm <sandbox-name>
Deletes the sandbox VM and all installed packages inside it. You can remove multiple sandboxes at once by specifying multiple names:
$ docker sandbox rm <sandbox-1> <sandbox-2>
To start fresh with a clean environment, remove and recreate the sandbox:
$ docker sandbox rm <sandbox-name>
$ docker sandbox run claude [PATH]
Configuration like custom templates and workspace paths are set when you create the sandbox. To change these settings, remove and recreate.
For a complete list of commands and options, see the CLI reference.
Now that you have an agent running in a sandbox, learn more about: