Introducing LangSmith Sandboxes: Secure Code Execution for Agents

LangSmith Sandboxes, now in Private Preview, offer secure and scalable environments for executing untrusted code, addressing the risks associated with running arbitrary code without isolation. These sandboxes provide ephemeral, locked-down settings where agents can safely execute code while controlling resource access and consumption. With the LangSmith SDK, users can easily create a sandbox environment by integrating their API key, facilitating projects like Open SWE. Unlike traditional containers meant for vetted applications, LangSmith Sandboxes cater to unpredictable agent-generated code, aiding in tasks such as coding assistance, CI-style operations, and data analysis. Sandboxes integrate seamlessly with the LangSmith Platform, supporting persistent state, real-time output streaming, and features like pooling and autoscaling. Offering security enhancements like microVM isolation and an authentication proxy, LangSmith Sandboxes ensure sensitive information remains protected. Future developments include shared volumes, binary authorization, and comprehensive execution tracing to enhance security and auditability.