vercel-sandbox
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Isolated Environment Orchestration: The skill documents the use of the @vercel/sandbox SDK to create and manage ephemeral Firecracker microVMs. This approach is intended to provide strong isolation when executing user-generated or AI-generated code.
- Trusted Vendor Integration: The patterns and URLs provided trace back to official Vercel domains and repositories, including vercel.com and the vercel organization on GitHub.
- Security Proactive Measures: It includes logic to detect the use of insecure libraries like vm2 and recommends transitioning to the Vercel Sandbox for better security posture.
- Privileged Sandbox Operations: The instructions mention that the sandbox environment supports sudo operations. These capabilities are restricted to the isolated VM environment and do not impact the security of the host or the executing agent.
- Egress Filtering Capabilities: The documentation details how to implement network policies, such as SNI filtering, to restrict network access from within the sandbox to approved destinations.
Audit Metadata