Google Introducing Agent Sandbox (cloud.google.com)

Google announced Agent Sandbox, a new Kubernetes primitive and open-source CNCF project designed to provide strong, kernel-level guardrails for agentic AI workloads. Addressing the unique risks of agents that generate code, operate browsers/terminals, and orchestrate multi-step toolchains, Agent Sandbox offers per-task isolation built on gVisor with support for Kata Containers to reduce data-exfiltration and production-impact risks. The project aims to make Kubernetes the scalable, secure foundation for running thousands of ephemeral sandboxes in parallel while keeping operation and developer workflows simple. On Google Kubernetes Engine (GKE), Agent Sandbox is paired with managed gVisor, container-optimized compute, and features to accelerate and economize agent execution: configurable pre-warmed sandbox pools can deliver sub-second startup latency (up to ~90% faster than cold starts), and GKE’s new Pod Snapshots (limited preview) enables full checkpoint/restore of CPU and GPU pods so sandboxes can be snapshotted, suspended, and restored from saved state—cutting startup times from minutes to seconds and reducing idle compute waste. Developers get an API and Python SDK to manage sandbox lifecycles without deep infra expertise, while operators retain Kubernetes-grade control and extensibility. Agent Sandbox is open source and deployable on GKE today; Pod Snapshots will roll out more broadly later this year.