Skip to main content

Why Sandboxes

Prime Sandboxes are disposable Docker environments for AI-assisted coding, benchmarking, and quick experiments. They give agents and humans an isolated workspace without touching production infrastructure. Sandbox Dashboard
  • Prototype quickly – launch a clean runtime and iterate without worrying about teardown.
  • Benchmark safely – run untrusted code or model evaluations in a locked-down environment.
  • Run AI agents securely – disable network access to prevent code from reaching the internet.
  • Inject secrets safely – pass API keys, passwords, and tokens as encrypted secrets that never appear in logs or API responses.
  • Teach & demo – hand teammates a reproducible workspace that mirrors your setup.
  • Use custom images – push your own Docker images and use them in sandboxes with all your dependencies pre-installed.
  • Organize with labels – tag sandboxes by project, team, or environment for easy filtering and bulk cleanup.

First Run

Make sure you have an API key with the right permissions on hand (prime login) before running these commands. 
# Create
prime sandbox create python:3.11-slim --timeout-minutes 120

# See what is active
prime sandbox list

# Try a quick command
prime sandbox run <sandbox-id> "python --version"

# Clean up when you're done
prime sandbox delete <sandbox-id>
Track usage limits and billing inside the Prime Billing dashboard.

Pricing

Sandboxes are billed while running:
  • CPU: $0.05 per core per hour
  • Memory: $0.01 per GB per hour
  • Disk: $0.001 per GB per hour
Example: 1 CPU core, 2 GB RAM, 10 GB disk → $0.08/hour.

Limits

Per-sandbox

ResourceMinMaxDefault
CPU cores0.1161
Memory0.1 GB64 GB2 GB
Disk0.1 GB1,000 GB10 GB
Timeout1 min1,440 min (24 hr)60 min

Per-account

ResourceDefault limit
Active sandboxes512
Total CPU cores512
Total memory1,024 GB
Total storage5,120 GB
HTTP port exposures128
TCP port exposures32
Account limits apply across all running sandboxes. If you need higher limits, contact support.

Container Images

Sandboxes support images from any Docker-compatible registry: Docker Hub is the default, so pytorch/pytorch resolves to Docker Hub, but ghcr.io/org/image goes to GitHub’s registry. For private images, add registry credentials via the dashboard, then pass --registry-credentials-id when creating a sandbox. Use prime registry list to view saved credentials and prime registry check-image to verify an image is accessible.

GPU Support

GPU-enabled sandboxes are on the roadmap. For now, sandboxes run on CPU-only machines and setting --gpu-count to a value greater than 0 will return an error. We’ll announce as soon as GPU tiers open up.

Next Steps