Deno Sandbox is a new service providing instant Linux microVMs with hypervisor-level isolation for running untrusted code, particularly LLM-generated code. Key security features include secret protection through placeholders that only materialize for approved hosts, and network egress control to restrict outbound connections. Sandboxes boot in under a second, support 768MB to 4GB memory, and can be deployed directly to Deno Deploy. The service includes persistence options through volumes and snapshots, with usage-based pricing starting at $0.05/hour for CPU time.
Table of contents
Secrets That Can’t Be StolenNetwork Egress ControlWhat You Can BuildSandbox to ProductionPersistenceTechnical DetailsPricingGet StartedSort: