Hanselminutes with Scott Hanselman Run your AI Agent in a Sandbox, with Docker President Mark Cavage
Jan 22, 2026
Mark Cavage, President and COO of Docker and container tooling leader. He talks about Docker's new sandbox feature, micro-VMs and secure runtimes for running AI agents. They discuss isolation, curated agent images, filesystem visibility, pen-testing escapes, observability, and how sandboxes enable safer automation without exposing host secrets.
AI Snips
Chapters
Books
Transcript
Episode notes
Sandboxes Are Purpose-Built Safety Boundaries
- Sandboxes are safety boundaries that restrict resources like files, network, syscalls, CPU, and memory.
- Docker's sandbox runtime uses lightweight micro-VMs to run untrusted code faster and with stronger isolation than typical containers.
Copilot Pen-Tested Live On Air
- Scott ran GitHub Copilot inside Docker sandbox and actively tried to jailbreak it while watching the agent probe the environment.
- The agent listed uname, nproc, and file info, then concluded it was a well-isolated sandbox and couldn't access the host.
Use Curated Templates And Save State
- Use curated sandbox templates so agents run with appropriate tools and permissions without manual Docker tuning.
- Save mutable sandbox state after configuring tools so you can reuse or share the environment.
