TencentCloud open-sources CubeSandbox, a sub-60ms VM sandbox for AI agents
TencentCloud has open-sourced CubeSandbox, a RustVMM/KVM-based secure sandbox for AI agent code execution that cold-starts in under 60ms and uses less than 5MB of memory per instance.
Score breakdown
Teams running AI agents that execute LLM-generated code can now self-host a production-tested, kernel-isolated sandbox with near-instant cold starts as a drop-in replacement for E2B, without paying SaaS pricing or accepting Docker's container-escape risks.
- 01Cold-start latency is under 60ms, claimed to be 2.5x to 50x faster than traditional secure sandbox solutions.
- 02Memory footprint per instance is under 5MB, enabling 2,000+ concurrent sandboxes on a single 96-vCPU machine.
- 03Built on RustVMM and KVM with true kernel-level isolation — each agent gets its own dedicated guest OS kernel.
TencentCloud's team open-sourced CubeSandbox, a secure code-execution sandbox built from the ground up using RustVMM and KVM. The project was motivated by two pain points encountered while scaling internal AI agents: Docker containers carry container-escape security risks, while traditional full VMs are too slow to boot and too memory-hungry for high-density concurrent workloads. Existing SaaS sandbox solutions were deemed closed-source, expensive, and difficult to self-host.
CubeSandbox addresses these constraints by stripping the underlying OS to a minimal footprint.
CubeSandbox addresses these constraints by stripping the underlying OS to a minimal footprint. Key performance claims include a cold-start latency under 60ms (described as 2.5x to 50x faster than traditional secure sandbox alternatives), memory consumption under 5MB per instance, and the ability to run 2,000+ sandboxes concurrently on a single 96-vCPU physical machine while reducing storage consumption by 90%. The system provides true kernel-level isolation — each agent receives its own dedicated guest OS kernel — and supports spinning up hundreds of thousands of instances in minutes. A millisecond-level snapshot rollback feature is listed as coming soon.
For developer adoption, CubeSandbox offers native E2B SDK compatibility, requiring only a single URL environment variable change with no other code modifications. The project has been running in production on Tencent Cloud before today's public release, and author yukunqiu describes it as battle-tested infrastructure rather than a prototype. The source code and deployment guides are available in the GitHub repository at `TencentCloud/CubeSandbox`.
Key facts
- 01Cold-start latency is under 60ms, claimed to be 2.5x to 50x faster than traditional secure sandbox solutions.
- 02Memory footprint per instance is under 5MB, enabling 2,000+ concurrent sandboxes on a single 96-vCPU machine.
- 03Built on RustVMM and KVM with true kernel-level isolation — each agent gets its own dedicated guest OS kernel.
- 04Storage consumption is reduced by 90% compared to traditional approaches.
- 05Natively compatible with the E2B SDK via a single URL environment variable swap — no code changes required.
- 06A millisecond-level snapshot rollback feature is listed as coming soon.
- 07CubeSandbox was already running in production on Tencent Cloud before today's open-source release.