Taming agentic AI with Agent-Sandbox: How to run agent-generated code safely on Kubernetes

As AI agents increasingly evolve from simple chatbots to autonomous systems capable of generating and executing code and manipulating data, they introduce significant security and operational challenges. This talk explores Agent Sandbox, a Kubernetes-native solution designed to run these non-deterministic and untrusted workloads safely and efficiently.

The session discusses how Agent Sandbox bridges the gap between the safety of virtual machines and the speed of containers. Attendees will learn how it uses a dedicated CRD to manage templates and allow agents to run generated code in an isolated container, leveraging gVisor to provide a user-space kernel runtime.

• Create high-level APIs that reduce YAML complexity while maintaining flexibility
• Support both native Kubernetes and cloud-specific resources for more efficient orchestration
• Integrate KRO into Kubernetes workflows for better scalability and simplicity