OpenAI Agents SDK Adds Native Sandbox Execution for Production Agent Workflows
OpenAI's updated Agents SDK adds a model-native harness and native sandbox execution, giving teams a more controlled way to run long-running agent work across files, tools, and code.
OpenAI's updated Agents SDK gives developers a more standardized way to build agents that inspect files, use tools, run code, and continue across multi-step work. The core change is native sandbox execution paired with a model-native harness, so an agent can operate inside a controlled workspace instead of improvising around local files and credentials. For teams moving from demos to production, the release is mainly about safer execution boundaries, resumable work, and less custom infrastructure.
Key takeaways
- OpenAI says the Agents SDK now includes a more capable harness with configurable memory, sandbox-aware orchestration, filesystem-style tools, MCP, skills, AGENTS.md, shell execution, and apply-patch support.
- Native sandbox execution lets agents run in controlled computer environments with files, tools, dependencies, mounted data, and provider-backed workspaces.
- The SDK introduces a Manifest abstraction for describing workspace inputs, output directories, and storage-backed data from services such as S3, Google Cloud Storage, Azure Blob Storage, and Cloudflare R2.
- OpenAI's developer docs position the SDK path for applications that need to own orchestration, tool execution, approvals, state, and integration logic.
- The GitHub repository now documents Sandbox Agents as a feature for long-horizon work that needs filesystem access, commands, patches, and workspace state.
Practical LinkLoot angle
The practical workflow shift is not "let an agent run anything." It is "give the agent a smaller, auditable computer." A product team can package a repo, a test command, a reference dataset, and an output directory into a sandbox manifest; then the agent can inspect evidence, edit files, run checks, and return artifacts without getting broad access to the host environment.
| Option | Best use | Limitation | Source |
|---|---|---|---|
| OpenAI Agents SDK sandbox execution | Code-first agents that need files, commands, packages, snapshots, and mounted data | Python launches first; TypeScript support is planned rather than fully available in the announcement | OpenAI announcement / GitHub |
| Agent Builder | Hosted workflow creation and ChatKit deployment where OpenAI owns more of the product surface | Less suitable when your app must own orchestration, storage, and runtime control | OpenAI docs |
| Custom sandbox stack | Highly specialized security or infrastructure requirements | More engineering overhead for snapshots, state, manifests, and provider portability | OpenAI announcement context |
A useful adoption test is to pick one internal workflow that already has clear acceptance checks: dependency update PRs, log triage, documentation migration, report generation, or data-file validation. Put only the needed repo, files, secrets-free fixtures, and output locations into the sandbox. Then compare the agent's result against a human-run baseline: diff quality, test pass rate, evidence trail, time to review, and whether any manual approval gates were skipped.
What to verify before you act
Confirm which language runtime your team needs before planning a migration, because OpenAI says the new harness and sandbox capabilities launch first in Python with TypeScript support planned later. Review how credentials are separated from model-generated code, especially if the agent can install packages or call external tools. Also test snapshot and rehydration behavior under failure conditions; durable execution is only valuable if your own app can recover state, artifacts, and approvals cleanly.
Source check
OpenAI's announcement confirms the model-native harness, native sandbox execution, supported sandbox providers, Manifest abstraction, storage mounts, state recovery direction, pricing position, and Python-first rollout. OpenAI's developer documentation corroborates that the Agents SDK is the code-first path when the application owns orchestration, tool execution, approvals, and state. The official GitHub repository corroborates the open-source SDK surface and specifically describes Sandbox Agents for long-horizon file, command, patch, and workspace-state work.
OpenAI added a more capable agent harness and native sandbox execution for controlled work across files, tools, commands, and multi-step state.
For teams comparing agent tooling patterns, LinkLoot's AI workflow automation guide is a good next stop for deciding which workflows deserve sandboxed automation and which should stay human-reviewed.