@cloudflare/sandbox 0.0.0-0ac3cfa → 0.0.0-0b4cc05

package/CHANGELOG.md

@@ -1,5 +1,196 @@
 # @cloudflare/sandbox
 
+## 0.3.3
+
+### Patch Changes
+
+- [#83](https://github.com/cloudflare/sandbox-sdk/pull/83) [`eec5bb6`](https://github.com/cloudflare/sandbox-sdk/commit/eec5bb6203dd5d775b4b54e91c26de25eeb767ce) Thanks [@mikenomitch](https://github.com/mikenomitch)! - Bump containers package version
+
+## 0.3.2
+
+### Patch Changes
+
+- [#76](https://github.com/cloudflare/sandbox-sdk/pull/76) [`ef9e320`](https://github.com/cloudflare/sandbox-sdk/commit/ef9e320dcef30e57797fef6ebd9a9383fa9720d9) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Replace Jupyter with lightweight interpreters for >90% faster cold starts for `.runCode` calls, while maintaining full code execution capabilities and rich output support.
+
+## 0.3.1
+
+### Patch Changes
+
+- [#71](https://github.com/cloudflare/sandbox-sdk/pull/71) [`fb3c9c2`](https://github.com/cloudflare/sandbox-sdk/commit/fb3c9c22242d9d4f157c26f547f1e697ef7875f9) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Bump containers package version
+
+- [#70](https://github.com/cloudflare/sandbox-sdk/pull/70) [`e1fa354`](https://github.com/cloudflare/sandbox-sdk/commit/e1fa354ab1bc7b0e89db4901b67028ebf1a93d0a) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Fix escaped quotes in file write operations
+
+- [#68](https://github.com/cloudflare/sandbox-sdk/pull/68) [`69b91d1`](https://github.com/cloudflare/sandbox-sdk/commit/69b91d1a8f6afb63262cc381ea93e94a033ed5e8) Thanks [@CyrusNuevoDia](https://github.com/CyrusNuevoDia)! - Configurable timeouts via environment variables in isolation.ts
+
+- [#66](https://github.com/cloudflare/sandbox-sdk/pull/66) [`eca93b9`](https://github.com/cloudflare/sandbox-sdk/commit/eca93b97e40fa0d3bd9dc27af2cc214ec355b696) Thanks [@peterp](https://github.com/peterp)! - Determine if the port is specified in the URL.
+
+## 0.3.0
+
+### Minor Changes
+
+- [#59](https://github.com/cloudflare/sandbox-sdk/pull/59) [`b6757f7`](https://github.com/cloudflare/sandbox-sdk/commit/b6757f730c34381d5a70d513944bbf9840f598ab) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Add process isolation for sandbox commands
+
+  Implements PID namespace isolation to protect control plane processes (Jupyter, Bun) from sandboxed code. Commands executed via `exec()` now run in isolated namespaces that cannot see or interact with system processes.
+
+  **Key security improvements:**
+
+  - Control plane processes are hidden from sandboxed commands
+  - Platform secrets in `/proc/1/environ` are inaccessible
+  - Ports 8888 (Jupyter) and 3000 (Bun) are protected from hijacking
+
+  **Breaking changes:**
+
+  1. **Removed `sessionId` parameter**: The `sessionId` parameter has been removed from all methods (`exec()`, `execStream()`, `startProcess()`, etc.). Each sandbox now maintains its own persistent session automatically.
+
+     ```javascript
+     // Before: manual session management
+     await sandbox.exec("cd /app", { sessionId: "my-session" });
+
+     // After: automatic session per sandbox
+     await sandbox.exec("cd /app");
+     ```
+
+  2. **Commands now maintain state**: Commands within the same sandbox now share state (working directory, environment variables, background processes). Previously each command was stateless.
+
+     ```javascript
+     // Before: each exec was independent
+     await sandbox.exec("cd /app");
+     await sandbox.exec("pwd"); // Output: /workspace
+
+     // After: state persists in session
+     await sandbox.exec("cd /app");
+     await sandbox.exec("pwd"); // Output: /app
+     ```
+
+  **Migration guide:**
+
+  - Remove `sessionId` from all method calls - each sandbox maintains its own session
+  - If you need isolated execution contexts within the same sandbox, use `sandbox.createSession()`:
+    ```javascript
+    // Create independent sessions with different environments
+    const buildSession = await sandbox.createSession({
+      name: "build",
+      env: { NODE_ENV: "production" },
+      cwd: "/build",
+    });
+    const testSession = await sandbox.createSession({
+      name: "test",
+      env: { NODE_ENV: "test" },
+      cwd: "/test",
+    });
+    ```
+  - Environment variables set in one command persist to the next
+  - Background processes remain active until explicitly killed
+  - Requires CAP_SYS_ADMIN (available in production, falls back gracefully in dev)
+
+### Patch Changes
+
+- [#62](https://github.com/cloudflare/sandbox-sdk/pull/62) [`4bedc3a`](https://github.com/cloudflare/sandbox-sdk/commit/4bedc3aba347f3d4090a6efe2c9778bac00ce74a) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Fix broken build due to bun lockfile not being used
+
+## 0.2.4
+
+### Patch Changes
+
+- [#57](https://github.com/cloudflare/sandbox-sdk/pull/57) [`12bbd12`](https://github.com/cloudflare/sandbox-sdk/commit/12bbd1229c07ef8c1c0bf58a4235a27938155b08) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Add listFiles method
+
+## 0.2.3
+
+### Patch Changes
+
+- [#53](https://github.com/cloudflare/sandbox-sdk/pull/53) [`c87db11`](https://github.com/cloudflare/sandbox-sdk/commit/c87db117693a86cfb667bf09fb7720d6a6e0524d) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Improve jupyterlab config to speed up startup
+
+## 0.2.2
+
+### Patch Changes
+
+- [#51](https://github.com/cloudflare/sandbox-sdk/pull/51) [`4aceb32`](https://github.com/cloudflare/sandbox-sdk/commit/4aceb3215c836f59afcb88b2b325016b3f623f46) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Handle intermittent interpreter failures and decouple jupyter startup
+
+## 0.2.1
+
+### Patch Changes
+
+- [#49](https://github.com/cloudflare/sandbox-sdk/pull/49) [`d81d2a5`](https://github.com/cloudflare/sandbox-sdk/commit/d81d2a563c9af8947d5444019ed4d6156db563e3) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Implement code interpreter API
+
+## 0.2.0
+
+### Minor Changes
+
+- [#47](https://github.com/cloudflare/sandbox-sdk/pull/47) [`8a93d0c`](https://github.com/cloudflare/sandbox-sdk/commit/8a93d0cae18a25bda6506b8b0a08d9e9eb3bb290) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Change default directory to a clean /workspace
+
+## 0.1.4
+
+### Patch Changes
+
+- [#46](https://github.com/cloudflare/sandbox-sdk/pull/46) [`7de28be`](https://github.com/cloudflare/sandbox-sdk/commit/7de28be482d9634551572d548c7c4b5842df812d) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Update README
+
+- [#44](https://github.com/cloudflare/sandbox-sdk/pull/44) [`215ab49`](https://github.com/cloudflare/sandbox-sdk/commit/215ab494427d7e2a92bb9a25384cb493a221c200) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Update example to use env & cwd
+
+- [#42](https://github.com/cloudflare/sandbox-sdk/pull/42) [`bb72193`](https://github.com/cloudflare/sandbox-sdk/commit/bb72193ad75695979bd1132206f481e91fe37325) Thanks [@jonasnobile](https://github.com/jonasnobile)! - Propagate `cwd` and `env` options in `executeCommand`
+
+- [#27](https://github.com/cloudflare/sandbox-sdk/pull/27) [`fd5ec7f`](https://github.com/cloudflare/sandbox-sdk/commit/fd5ec7f34bc12b06320a89356c4af07801f52d64) Thanks [@threepointone](https://github.com/threepointone)! - remove yarn and pnpm from the image
+
+## 0.1.3
+
+### Patch Changes
+
+- [#32](https://github.com/cloudflare/sandbox-sdk/pull/32) [`1a42464`](https://github.com/cloudflare/sandbox-sdk/commit/1a4246479369c5d0160705caf192aa1816540d52) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Bring back package README
+
+## 0.1.2
+
+### Patch Changes
+
+- [#30](https://github.com/cloudflare/sandbox-sdk/pull/30) [`30e5c25`](https://github.com/cloudflare/sandbox-sdk/commit/30e5c25cf7d4b07f9049724206c531e2d5d29d5c) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Remove actions timeout
+
+- [#29](https://github.com/cloudflare/sandbox-sdk/pull/29) [`d78508f`](https://github.com/cloudflare/sandbox-sdk/commit/d78508f7287a59e0423edd2999c2c83e9e34ccfd) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Create multi-platform Docker image and switch to Cloudflare official repo
+
+## 0.1.1
+
+### Patch Changes
+
+- [`157dde9`](https://github.com/cloudflare/sandbox-sdk/commit/157dde9b1f23e9bb6f3e9c3f0514b639a8813897) Thanks [@threepointone](https://github.com/threepointone)! - update deps
+
+- [`a04f6b6`](https://github.com/cloudflare/sandbox-sdk/commit/a04f6b6c0b2ef9e3ce0851b53769f1c10d8c6de6) Thanks [@threepointone](https://github.com/threepointone)! - trigger a build with updated deps
+
+## 0.1.0
+
+### Minor Changes
+
+- [#24](https://github.com/cloudflare/sandbox-sdk/pull/24) [`cecde0a`](https://github.com/cloudflare/sandbox-sdk/commit/cecde0a7530a87deffd8562fb8b01d66ee80ee19) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Redesign command execution API
+
+### Patch Changes
+
+- [#22](https://github.com/cloudflare/sandbox-sdk/pull/22) [`f5fcd52`](https://github.com/cloudflare/sandbox-sdk/commit/f5fcd52025d1f7958a374e69d75e3fc590275f3f) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Allow setting env variables dynamically and remove command restrictions
+
+## 0.0.9
+
+### Patch Changes
+
+- [#20](https://github.com/cloudflare/sandbox-sdk/pull/20) [`f106fda`](https://github.com/cloudflare/sandbox-sdk/commit/f106fdac98e7ef35677326290d45cbf3af88982c) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - add preview URLs and dynamic port forwarding
+
+## 0.0.8
+
+### Patch Changes
+
+- [`60af265`](https://github.com/cloudflare/sandbox-sdk/commit/60af265d834e83fd30a921a3e1be232f13fe24da) Thanks [@threepointone](https://github.com/threepointone)! - update dependencies
+
+## 0.0.7
+
+### Patch Changes
+
+- [`d1c7c99`](https://github.com/cloudflare/sandbox-sdk/commit/d1c7c99df6555eff71bcd59852e4b8eed2ad8cb6) Thanks [@threepointone](https://github.com/threepointone)! - fix file operations
+
+## 0.0.6
+
+### Patch Changes
+
+- [#9](https://github.com/cloudflare/sandbox-sdk/pull/9) [`24f5470`](https://github.com/cloudflare/sandbox-sdk/commit/24f547048d5a26137de4656cea13d83ad2cc0b43) Thanks [@ItsWendell](https://github.com/ItsWendell)! - fix baseUrl for stub and stub forwarding
+
+## 0.0.5
+
+### Patch Changes
+
+- [#5](https://github.com/cloudflare/sandbox-sdk/pull/5) [`7c15b81`](https://github.com/cloudflare/sandbox-sdk/commit/7c15b817899e4d9e1f25747aaf439e5e9e880d15) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Make package ready for deployment
+
 ## 0.0.4
 
 ### Patch Changes

package/Dockerfile

@@ -1,16 +1,173 @@
-# syntax=docker/dockerfile:1
+# Sandbox container image with full development environment
+# Multi-stage build optimized for Turborepo monorepo
+
+# ============================================================================
+# Stage 1: Prune monorepo to only include necessary packages
+# ============================================================================
+FROM node:20-alpine AS pruner
+
+WORKDIR /app
+
+# Install Turborepo globally
+RUN npm install -g turbo
+
+# Copy entire monorepo
+COPY . .
+
+# Prune to only @repo/sandbox-container and its dependencies (@repo/shared)
+# The --docker flag generates out/json and out/full directories
+RUN turbo prune @repo/sandbox-container --docker
+
+# ============================================================================
+# Stage 2: Install dependencies and build packages
+# ============================================================================
+FROM node:20-alpine AS builder
+
+WORKDIR /app
+
+# Copy pruned lockfile and package.json files (for Docker layer caching)
+COPY --from=pruner /app/out/json/ .
+COPY --from=pruner /app/out/package-lock.json ./package-lock.json
+
+# Install ALL dependencies (including devDependencies for build)
+RUN npm ci
+
+# Copy pruned source code
+COPY --from=pruner /app/out/full/ .
+
+# Build all packages (Turborepo handles dependency order automatically)
+# This builds @repo/shared first, then @repo/sandbox-container
+RUN npx turbo run build
+
+# ============================================================================
+# Stage 3: Install production-only dependencies
+# ============================================================================
+FROM node:20-alpine AS prod-deps
 
-FROM oven/bun:latest
-# Set destination for COPY
 WORKDIR /app
 
-# Install git
-RUN apt-get update && apt-get install -y git
+# Copy package files from builder
+COPY --from=builder /app/package.json ./package.json
+COPY --from=builder /app/package-lock.json ./package-lock.json
+COPY --from=builder /app/packages ./packages
+COPY --from=builder /app/tooling ./tooling
+
+# Install ONLY production dependencies (excludes typescript, @types/*, etc.)
+RUN npm ci --production
+
+# ============================================================================
+# Stage 4: Runtime - Ubuntu 22.04 with full development environment
+# ============================================================================
+FROM ubuntu:22.04 AS runtime
 
-COPY container_src/* ./
-# RUN bun install
+# Prevent interactive prompts during package installation
+ENV DEBIAN_FRONTEND=noninteractive
 
+# Install essential system packages and development tools
+RUN apt-get update && apt-get install -y \
+    # Basic utilities
+    curl \
+    wget \
+    git \
+    unzip \
+    zip \
+    file \
+    # Process management
+    procps \
+    htop \
+    # Build tools
+    build-essential \
+    pkg-config \
+    # Network tools
+    net-tools \
+    iputils-ping \
+    dnsutils \
+    # Text processing
+    jq \
+    vim \
+    nano \
+    # Python dependencies
+    python3.11 \
+    python3.11-dev \
+    python3-pip \
+    python3.11-venv \
+    # Other useful tools
+    ca-certificates \
+    gnupg \
+    lsb-release \
+    strace \
+    && rm -rf /var/lib/apt/lists/*
+
+# Set Python 3.11 as default python3
+RUN update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 1
+
+# Install Node.js 20 LTS using official NodeSource setup script
+RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
+    && apt-get install -y nodejs \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install Bun runtime from official image
+COPY --from=oven/bun:1 /usr/local/bin/bun /usr/local/bin/bun
+COPY --from=oven/bun:1 /usr/local/bin/bunx /usr/local/bin/bunx
+
+# Install development tools globally
+RUN npm install -g \
+    wrangler \
+    vite \
+    opencode-ai
+
+# Install essential Python packages for code execution
+RUN pip3 install --no-cache-dir \
+    matplotlib \
+    numpy \
+    pandas \
+    ipython
+
+# Verify installations
+RUN python3 --version && \
+    node --version && \
+    npm --version && \
+    bun --version
+
+# Set up runtime container server directory
+WORKDIR /container-server
+
+# Copy built sandbox-container package
+COPY --from=builder /app/packages/sandbox-container/dist ./dist
+COPY --from=builder /app/packages/sandbox-container/package.json ./package.json
+
+# Copy Python executor to runtime location
+COPY --from=builder /app/packages/sandbox-container/src/runtime/executors/python/ipython_executor.py ./dist/runtime/executors/python/
+
+# Copy production-only node_modules (excludes typescript, @types/*, etc.)
+# Includes: @repo/shared, zod, esbuild (runtime dependencies)
+COPY --from=prod-deps /app/node_modules ./node_modules
+
+# Copy workspace packages so node_modules symlinks work
+# @repo/shared and @repo/typescript-config are symlinked in node_modules
+COPY --from=prod-deps /app/packages/shared ./packages/shared
+COPY --from=prod-deps /app/tooling/typescript-config ./tooling/typescript-config
+
+# Configure process pool sizes (can be overridden at runtime)
+ENV PYTHON_POOL_MIN_SIZE=3
+ENV PYTHON_POOL_MAX_SIZE=15
+ENV JAVASCRIPT_POOL_MIN_SIZE=3
+ENV JAVASCRIPT_POOL_MAX_SIZE=10
+ENV TYPESCRIPT_POOL_MIN_SIZE=3
+ENV TYPESCRIPT_POOL_MAX_SIZE=10
+
+# Create clean workspace directory for user code
+# Architecture:
+#   /container-server/ - SDK infrastructure (server, executors, dependencies)
+#   /workspace/ - User's clean workspace for their code
+RUN mkdir -p /workspace
+
+# Expose the application port (3000 for control)
 EXPOSE 3000
-# Run
-CMD ["bun", "index.ts"]
 
+# Copy and make startup script executable
+COPY packages/sandbox/startup.sh ./
+RUN chmod +x startup.sh
+
+# Use startup script
+CMD ["./startup.sh"]

package/README.md

@@ -1,65 +1,164 @@
-## @cloudflare/sandbox
+<img width="1362" height="450" alt="Image" src="https://github.com/user-attachments/assets/6f770ae3-0a14-4d2b-9aed-a304ee5446c5" />
 
-> **⚠️ Experimental** - This library is currently experimental and we're actively seeking feedback. Please try it out and let us know what you think!
+# Cloudflare Sandbox SDK
 
-A library to spin up a sandboxed environment.
+[![npm version](https://img.shields.io/npm/v/@cloudflare/sandbox.svg)](https://www.npmjs.com/package/@cloudflare/sandbox)
 
-First, setup your wrangler.json to use the sandbox:
+**Build secure, isolated code execution environments on Cloudflare.**
 
-```jsonc
-{
-  // ...
-  "containers": [
-    {
-      "class_name": "Sandbox",
-      "image": "./node_modules/@cloudflare/sandbox/Dockerfile",
-      "name": "sandbox"
-    }
-  ],
-  "durable_objects": {
-    "bindings": [
-      {
-        "class_name": "Sandbox",
-        "name": "Sandbox"
-      }
-    ]
-  },
-  "migrations": [
-    {
-      "new_sqlite_classes": ["Sandbox"],
-      "tag": "v1"
-    }
-  ]
-}
+The Sandbox SDK lets you run untrusted code safely in isolated containers. Execute commands, manage files, run background processes, and expose services — all from your Workers applications.
+
+Perfect for AI code execution, interactive development environments, data analysis platforms, CI/CD systems, and any application that needs secure code execution at the edge.
+
+> **Note:** The latest published version of the SDK is on the [v03 branch](https://github.com/cloudflare/sandbox-sdk/tree/v03). This main branch is currently the development version and is not yet published.
+
+## Getting Started
+
+### Prerequisites
+
+1. Install [Node.js](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm) (version 16.17.0 or later)
+2. Ensure Docker is running locally
+3. For deploying to production, sign up for a [Cloudflare account](https://dash.cloudflare.com/sign-up/workers-and-pages)
+
+### 1. Create a new project
+
+Create a new Sandbox SDK project using the minimal template:
+
+```bash
+npm create cloudflare@latest -- my-sandbox --template=cloudflare/sandbox-sdk/examples/minimal
+cd my-sandbox
+```
+
+### 2. Test locally
+
+Start the development server:
+
+```bash
+npm run dev
 ```
 
-Then, export the Sandbox class in your worker:
+> **Note:** First run builds the Docker container (2-3 minutes). Subsequent runs are much faster.
+
+Test the endpoints:
+
+```bash
+# Execute Python code
+curl http://localhost:8787/run
+
+# File operations
+curl http://localhost:8787/file
+```
+
+### 3. Deploy to production
+
+Deploy your Worker and container:
 
-```ts
-export { Sandbox } from "@cloudflare/sandbox";
+```bash
+npx wrangler deploy
 ```
 
-You can then use the Sandbox class in your worker:
+> **Wait for provisioning:** After first deployment, wait 2-3 minutes before making requests.
 
-```ts
-import { getSandbox } from "@cloudflare/sandbox";
+**📖 [View the complete getting started guide](https://developers.cloudflare.com/sandbox/get-started/)** for detailed instructions and explanations.
+
+## Quick API Example
+
+```typescript
+import { getSandbox, proxyToSandbox, type Sandbox } from '@cloudflare/sandbox';
+
+export { Sandbox } from '@cloudflare/sandbox';
+
+type Env = {
+  Sandbox: DurableObjectNamespace<Sandbox>;
+};
 
 export default {
-  async fetch(request: Request, env: Env) {
-    const sandbox = getSandbox(env.Sandbox, "my-sandbox");
-    return sandbox.exec("ls", ["-la"]);
-  },
+  async fetch(request: Request, env: Env): Promise<Response> {
+    // Required for preview URLs
+    const proxyResponse = await proxyToSandbox(request, env);
+    if (proxyResponse) return proxyResponse;
+
+    const url = new URL(request.url);
+    const sandbox = getSandbox(env.Sandbox, 'my-sandbox');
+
+    // Execute Python code
+    if (url.pathname === '/run') {
+      const result = await sandbox.exec('python3 -c "print(2 + 2)"');
+      return Response.json({ output: result.stdout, success: result.success });
+    }
+
+    // Work with files
+    if (url.pathname === '/file') {
+      await sandbox.writeFile('/workspace/hello.txt', 'Hello, Sandbox!');
+      const file = await sandbox.readFile('/workspace/hello.txt');
+      return Response.json({ content: file.content });
+    }
+
+    return new Response('Try /run or /file');
+  }
 };
 ```
 
-### Methods:
-
-- `exec(command: string, args: string[], options?: { stream?: boolean })`: Execute a command in the sandbox.
-- `gitCheckout(repoUrl: string, options: { branch?: string; targetDir?: string; stream?: boolean })`: Checkout a git repository in the sandbox.
-- `mkdir(path: string, options: { recursive?: boolean; stream?: boolean })`: Create a directory in the sandbox.
-- `writeFile(path: string, content: string, options: { encoding?: string; stream?: boolean })`: Write content to a file in the sandbox.
-- `readFile(path: string, options: { encoding?: string; stream?: boolean })`: Read content from a file in the sandbox.
-- `deleteFile(path: string, options?: { stream?: boolean })`: Delete a file from the sandbox.
-- `renameFile(oldPath: string, newPath: string, options?: { stream?: boolean })`: Rename a file in the sandbox.
-- `moveFile(sourcePath: string, destinationPath: string, options?: { stream?: boolean })`: Move a file from one location to another in the sandbox.
-- `ping()`: Ping the sandbox.
+## Documentation
+
+**📖 [Full Documentation](https://developers.cloudflare.com/sandbox/)**
+
+- [Get Started Guide](https://developers.cloudflare.com/sandbox/get-started/) - Step-by-step tutorial
+- [API Reference](https://developers.cloudflare.com/sandbox/api/) - Complete API docs
+- [Guides](https://developers.cloudflare.com/sandbox/guides/) - Execute commands, manage files, expose services
+- [Examples](https://developers.cloudflare.com/sandbox/tutorials/) - AI agents, data analysis, CI/CD pipelines
+
+## Key Features
+
+- **Secure Isolation** - Each sandbox runs in its own container
+- **Edge-Native** - Runs on Cloudflare's global network
+- **Code Interpreter** - Execute Python and JavaScript with rich outputs
+- **File System Access** - Read, write, and manage files
+- **Command Execution** - Run any command with streaming support
+- **Preview URLs** - Expose services with public URLs
+- **Git Integration** - Clone repositories directly
+
+## Development
+
+This repository contains the SDK source code. To contribute:
+
+```bash
+# Clone the repo
+git clone https://github.com/cloudflare/sandbox-sdk
+cd sandbox-sdk
+
+# Install dependencies
+npm install
+
+# Run tests
+npm test
+
+# Build the project
+npm run build
+
+# Type checking and linting
+npm run check
+```
+
+## Examples
+
+See the [examples directory](./examples) for complete working examples:
+
+- [Minimal](./examples/minimal) - Basic sandbox setup
+- [Code Interpreter](./examples/code-interpreter) - Use sandbox as an interpreter tool with gpt-oss
+- [Complete](./examples/basic) - Huge example integrated with every sandbox feature
+
+## Status
+
+**Beta** - The SDK is in active development. APIs may change before v1.0.
+
+## License
+
+[MIT License](LICENSE)
+
+## Links
+
+- [Documentation](https://developers.cloudflare.com/sandbox/)
+- [GitHub Issues](https://github.com/cloudflare/sandbox-sdk/issues)
+- [Developer Discord](https://discord.cloudflare.com)
+- [Cloudflare Developers](https://twitter.com/CloudflareDev)