Serverless

Deno has introduced Deno Sandbox, a specialized environment designed for running untrusted LLM-generated code safely. Recognizing the security risks of prompt-injected code exfiltrating API keys or accessing unauthorized networks, Deno Sandbox utilizes lightweight Linux microVMs with sub-second boot times. Key features include a robust secret management system where real credentials only materialize during requests to approved hosts, and strict network egress controls to block malicious outbound traffic. It supports JavaScript and Python SDKs, allowing developers to manage sandboxes programmatically and deploy them directly to production on Deno Deploy. This tool is ideal for building AI agents, secure plugin systems, and ephemeral CI runners while maintaining defense-in-depth security.