This set builds vocabulary for isolated, ephemeral code execution environments used by AI agents.
0 / 5 completed
1 / 5
At standup, a dev describes running AI-agent-generated code in an isolated, ephemeral cloud environment rather than directly on a developer's machine. What is this environment called?
A code execution sandbox like E2B provides an isolated, ephemeral environment where AI-agent-generated code can run safely, without risking a developer's local machine or shared production infrastructure. This isolation is essential when the code being executed comes from a potentially untrusted or unpredictable AI-generated source. Sandboxes are a foundational building block for AI coding agents that need to actually execute what they write.
2 / 5
During a design review, the team wants a sandbox environment to be automatically destroyed after a task completes, leaving no persistent state behind. Which property supports this?
Ephemerality means a sandbox environment is created fresh for a task and destroyed afterward, leaving no persistent state that could leak between unrelated tasks or accumulate unmanaged resources over time. This disposability simplifies reasoning about isolation and cleanup. It's a natural fit for short-lived, potentially untrusted code execution triggered by an AI agent.
3 / 5
In a code review, a dev configures resource limits, like CPU and memory caps, on a sandbox to contain a runaway or inefficient generated script. What does this configuration provide?
Resource limits cap how much CPU, memory, or execution time a sandboxed process can consume, containing the impact of a runaway or inefficient script generated by an AI agent rather than letting it exhaust shared infrastructure. This containment is a core safety mechanism when executing code whose behavior isn't fully predictable in advance. It complements the broader isolation the sandbox already provides.
4 / 5
An incident report shows an AI agent's generated code attempted to make an unexpected outbound network call from within a sandbox. What safeguard addresses this risk?
Configuring network access restrictions, such as blocking or allowlisting outbound connections, on a sandbox prevents AI-generated code from making unintended external calls, whether accidental or the result of a subtly manipulated prompt. This is a key part of safely executing code whose full behavior can't be verified in advance. Network isolation is a standard safety layer alongside resource and filesystem restrictions in sandboxed execution.
5 / 5
During a PR review, a teammate asks why an AI coding agent executes generated code in a sandbox instead of directly in the developer's local environment. What is the reasoning?
Executing AI-generated code directly on a developer's local machine risks unintended side effects, like modifying files or making unwanted network calls, if the generated code behaves unexpectedly, while a sandbox isolates that execution from anything of real consequence. This isolation lets an agent safely run and iterate on code without the developer bearing that risk directly. It's a foundational safety pattern for any AI system that needs to actually execute code it generates.