What is a Desktop Sandbox?
Understanding isolated environments for safe computer-use agent execution
A desktop sandbox is an isolated virtual environment that provides a complete desktop operating system where computer-use agents can safely execute tasks. Think of it as a disposable computer that your agent can control without risk to your real system.
Why Use Sandboxes?
Running AI agents directly on your computer poses risks:
- Unintended actions - Agents might click the wrong button or delete files
- Security concerns - Malicious content could affect your system
- State pollution - Each run might leave behind artifacts that affect future runs
- Reproducibility - Hard to ensure consistent starting conditions
Sandboxes solve these problems by providing:
- Isolation - Actions in the sandbox don't affect your host system
- Reset capability - Start fresh for each task
- Safety - Experiment freely without consequences
- Consistency - Identical environment every time
- Reproducibility - Define dependencies and configurations that create baseline environments your agents can rely on
Sandbox Options in Cua
Cua supports multiple sandbox types to fit different needs:
Cloud Sandboxes
Managed virtual machines hosted by Cua's infrastructure.
| Feature | Details |
|---|---|
| OS Options | Linux (Ubuntu), Windows, macOS |
| Setup | Instant—create via CLI or dashboard |
| Best For | Production workloads, teams, CI/CD |
| Access | API key required |
# Create a cloud sandbox
cua sb create --os linux --size small --region north-americaDocker Sandboxes
Linux desktops running in Docker containers on your machine.
| Feature | Details |
|---|---|
| OS Options | Linux (XFCE, Ubuntu Desktop) |
| Setup | Docker Desktop required |
| Best For | Local development, testing |
| Access | No API key needed |
# Pull and run a Docker sandbox
docker pull trycua/cua-xfce:latestQEMU Docker Sandboxes
Full virtual machines (Linux, Windows, Android) running inside Docker via QEMU emulation.
| Feature | Details |
|---|---|
| OS Options | Linux, Windows 11, Android |
| Setup | Requires golden image preparation |
| Best For | Testing on specific OS versions |
| Access | No API key needed |
macOS Sandboxes (Lume)
Native macOS virtual machines using Apple's Virtualization framework.
| Feature | Details |
|---|---|
| OS Options | macOS (various versions) |
| Setup | macOS host required, install Lume CLI |
| Best For | macOS-specific automation |
| Access | No API key needed |
# Start a macOS sandbox
lume run macos-sequoia-cua:latestWindows Sandbox
Native Windows sandbox using Windows Sandbox feature.
| Feature | Details |
|---|---|
| OS Options | Windows |
| Setup | Windows 10 Pro/Enterprise or Windows 11 |
| Best For | Windows-specific automation |
| Access | No API key needed |
How Sandboxes Connect to Agents
Your agent interacts with sandboxes through the Computer Framework:
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ │ │ │ │ │
│ Your Agent │────▶│ Computer │────▶│ Sandbox │
│ (AI Logic) │ │ Framework │ │ (Desktop) │
│ │◀────│ │◀────│ │
└─────────────────┘ └─────────────────┘ └─────────────────┘
│
│ Unified API
│
┌─────────┴─────────┐
│ │
Screenshots Actions
(what agent sees) (click, type, etc.)The Computer Framework provides the same API regardless of which sandbox type you're using. This means you can:
- Develop locally with Docker
- Test on specific platforms with QEMU
- Deploy to production with Cloud Sandboxes
...all without changing your agent code.
Choosing the Right Sandbox
| Use Case | Recommended Sandbox |
|---|---|
| Getting started / learning | Docker (Linux) |
| Production deployment | Cloud Sandbox |
| macOS automation | Lume (macOS) |
| Windows automation | Cloud (Windows) or Windows Sandbox |
| Android testing | QEMU Docker (Android) |
| CI/CD pipelines | Cloud Sandbox |
| Air-gapped environments | Docker or QEMU |
Next Steps
- Set Up a Sandbox to create your first environment
- Learn about Computer SDK for controlling sandboxes
- Explore Computer SDK Reference for production deployments
Was this page helpful?