Vercel Sandbox
Run AI-generated or user-submitted code in isolated Vercel Sandbox microVMs instead of on your laptop or CI without guardrails.
Install
npx skills add https://github.com/vercel-labs/vercel-plugin --skill vercel-sandboxWhat is this skill?
- Guides ephemeral Firecracker-based Vercel Sandbox for untrusted and AI-generated code
- Covers isolated execution for agents, codegen pipelines, and experimentation workflows
- Documents @vercel/sandbox install patterns for npm, pnpm, bun, and yarn
- Maps prompt signals for sandbox, isolated environment, and safe execute/run intents
- Links official Vercel Sandbox docs for configuration and operational limits
Adoption & trust: 237 installs on skills.sh; 187 GitHub stars; 2/3 security scanners passed (skills.sh audits).
Recommended Skills
Azure Deploymicrosoft/azure-skills
Azure Preparemicrosoft/azure-skills
Azure Storagemicrosoft/azure-skills
Azure Validatemicrosoft/azure-skills
Appinsights Instrumentationmicrosoft/azure-skills
Azure Resource Lookupmicrosoft/azure-skills
Journey fit
Common Questions / FAQ
Is Vercel Sandbox safe to install?
skills.sh reports 2 of 3 security scanners passed. Review the Security Audits panel on this page before installing in production.
SKILL.md
READMESKILL.md - Vercel Sandbox
name: vercel-sandbox description: Vercel Sandbox guidance — ephemeral Firecracker microVMs for running untrusted code safely. Supports AI agents, code generation, and experimentation. Use when executing user-generated or AI-generated code in isolation. metadata: priority: 4 docs: - "https://vercel.com/docs/sandbox" sitemap: "https://vercel.com/sitemap/docs.xml" pathPatterns: [] importPatterns: - '@vercel/sandbox' bashPatterns: - '\bnpm\s+(install|i|add)\s+[^\n]*@vercel/sandbox\b' - '\bpnpm\s+(install|i|add)\s+[^\n]*@vercel/sandbox\b' - '\bbun\s+(install|i|add)\s+[^\n]*@vercel/sandbox\b' - '\byarn\s+add\s+[^\n]*@vercel/sandbox\b' promptSignals: phrases: - "@vercel/sandbox" - "sandbox" - "code sandbox" - "vercel sandbox" - "isolated environment" - "sandboxed execution" allOf: - [sandbox, code] - [sandbox, execute] - [sandbox, run] - [sandbox, isolated] - [sandbox, safe] - [sandbox, environment] - [isolated, execute] - [isolated, code] - [isolated, environment] - [isolated, run] - [safe, execute] - [safe, code] - [untrusted, code] - [untrusted, execute] - [code, runner] - [code, playground] - [execute, safely] - [run, safely] - [run, isolation] - [execute, isolation] - [ffmpeg, process] - [ffmpeg, convert] - [ffmpeg, compress] - [student, code] - [student, execute] - [student, run] anyOf: - "sandbox" - "isolated" - "isolation" - "untrusted" - "safely" - "microvm" - "ffmpeg" - "playground" noneOf: - "iframe sandbox" - "sandbox attribute" - "codesandbox.io" - "stackblitz" minScore: 4 retrieval: aliases: - code sandbox - microvm - isolated execution - safe code runner intents: - run untrusted code - execute code safely - create sandbox - isolate code execution entities: - Vercel Sandbox - Firecracker - microVM - isolated execution chainTo: - pattern: 'from\s+[''""]vm2[''""]|require\s*\(\s*[''""]vm2[''""\)]|new\s+VM\(' targetSkill: vercel-sandbox message: 'vm2 detected — it has known security vulnerabilities. Reloading Vercel Sandbox guidance for Firecracker microVM-based safe execution.' - pattern: 'child_process.*exec\(|execSync\(|spawn\(.*\{.*shell:\s*true' targetSkill: ai-sdk message: 'Shell exec for code execution detected — loading AI SDK guidance for tool-calling patterns that pair with Vercel Sandbox for safe agent execution.' --- name: vercel-sandbox description: Vercel Sandbox guidance — ephemeral Firecracker microVMs for running untrusted code safely. Supports AI agents, code generation, and experimentation. Use when executing user-generated or AI-generated code in isolation. metadata: priority: 4 docs: - "https://vercel.com/docs/sandbox" sitemap: "https://vercel.com/sitemap/docs.xml" pathPatterns: [] importPatterns: - '@vercel/sandbox' bashPatterns: - '\bnpm\s+(install|i|add)\s+[^\n]*@vercel/sandbox\b' - '\bpnpm\s+(install|i|add)\s+[^\n]*@vercel/sandbox\b' - '\bbun\s+(install|i|add)\s+[^\n]*@vercel/sandbox\b' - '\byarn\s+add\s+[^\n]*@vercel/sandbox\b' promptSignals: phrases: - "@vercel/sandbox" - "sandbox" - "code sandbox" - "vercel sandbox" - "isolated environment" - "sandboxed execution" allOf: - [sandbox, code] - [sandbox, execute] - [sandbox, run] - [sandbox, isolated] - [sandbox, safe] - [sandbox, environment] - [isolated, execute] - [isolated, code] - [isolated, environment] - [isolated, run] - [safe, execute] - [safe, code] - [untrusted, code] - [untrusted, execute] - [code, runner] - [code, playground] - [execute, safely] - [run