Skip to main content

Documentation Index

Fetch the complete documentation index at: https://veryfront.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

Sandbox

Run isolated commands and file operations in ephemeral sandbox sessions. Use the sandbox when your app needs short-lived, isolated execution for tasks like code generation, repo inspection, file transformation, or script execution. The sandbox client talks to authenticated sandbox session APIs. In practice, that means you need either Veryfront Cloud credentials or your own compatible backing API/service layer for /sandbox-sessions.

Create a sandbox session

Use Sandbox.create() with sandbox API credentials. In local development, VERYFRONT_API_TOKEN plus a reachable VERYFRONT_API_URL is the default path. In remote requests, request-scoped credentials can be used automatically. 
import { Sandbox } from "veryfront/sandbox";

const sandbox = await Sandbox.create();
You can also reconnect to an existing session: 
const sandbox = await Sandbox.get(sessionId);
If you already know both the sandbox session ID and its runtime endpoint, attach without doing a reconnect lookup: 
const sandbox = Sandbox.attach({
  id: sessionId,
  endpoint: sandboxEndpoint,
});
If you want to defer session creation until the first command or file operation, use the lazy client: 
const sandbox = Sandbox.createLazy({
  projectId: "proj_123",
});
If your project context can change over time, prefer getProjectId() so lazy exec and async job calls inherit the latest project reference automatically: 
const sandbox = Sandbox.createLazy({
  getProjectId: () => currentProjectId,
});
If you need to override the resolved credentials, pass authToken explicitly. This can be a JWT or a Studio-generated API key. If you need project-scoped billing or isolation, pass projectId when creating the session. 
const sandbox = await Sandbox.create({
  projectId: "proj_123",
});

Execute commands

Buffered execution: 
const result = await sandbox.executeCommand("ls -la");
console.log(result.stdout, result.stderr, result.exitCode);
Streaming execution: 
for await (const event of sandbox.executeStream("npm test")) {
  if (event.type === "stdout") process.stdout.write(event.data ?? "");
  if (event.type === "stderr") process.stderr.write(event.data ?? "");
  if (event.type === "exit") console.log("exit:", event.exitCode);
}

Read and write files

await sandbox.writeFiles([
  { path: "/workspace/input.txt", content: "hello" },
]);

const content = await sandbox.readFile("/workspace/input.txt");
console.log(content);

Lifecycle best practices

  • Always call await sandbox.close() in finally blocks.
  • Prefer Sandbox.createLazy() for agent-style workflows that may not need a session every run.
  • Use sandbox.heartbeat() during long-running sessions to avoid idle timeouts.
  • Persist sandbox.id only when you need reconnect semantics.
  • Keep auth tokens and API keys server-side only. Do not expose them to browsers.

Example with cleanup

import { Sandbox } from "veryfront/sandbox";

const sandbox = await Sandbox.create();

try {
  const result = await sandbox.executeCommand("echo 'ready'");
  console.log(result.stdout);
} finally {
  await sandbox.close();
}

Next

  • MCP Server — expose tools, prompts, and resources over MCP
  • Agents — orchestrate sandbox-backed workflows with agents