sandstorm and sandboxed.sh
Both tools provide environments for running Claude agents in secure, isolated sandboxes, making them **competitors** offering different hosting models: tomascupr/sandstorm is a managed cloud service, while Th0rgal/sandboxed.sh is a self-hosted orchestrator.
About sandstorm
tomascupr/sandstorm
Run Claude agents in secure cloud sandboxes — via API, CLI, or Slack. One call. Full agent. Zero infrastructure.
Builds on Claude's agent SDK and E2B sandboxes with config-driven tooling through `sandstorm.json`, bundled MCP integrations (Linear, Notion, Firecrawl, GitHub), and native document processing for PDF/DOCX workflows. Ships multiple interfaces—CLI scaffolding via `ds init`, streaming REST API, async Python client, and Slack bot—all backed by ephemeral sandbox lifecycle management with automatic teardown. Pre-built starters (research-brief, document-analyst, security-audit) provide task-specific agent templates, eliminating boilerplate around file uploads, artifact generation, and multi-turn execution.
About sandboxed.sh
Th0rgal/sandboxed.sh
Self-hosted orchestrator for AI autonomous agents. Run Claude Code & Open Code in isolated linux workspaces. Manage your skills, configs and encrypted secrets with a git repo.
Orchestrates multiple AI coding agent runtimes (Claude Code, OpenCode, Amp) with native systemd-nspawn container isolation for workspace security and file scoping. Features a Git-backed library for versioning skills, tools, rules, and MCP servers alongside an optional OpenAI-compatible proxy queue mode for rate-limit handling, with real-time monitoring dashboards and iOS app support via Next.js and SwiftUI frontends.
Related comparisons
Scores updated daily from GitHub, PyPI, and npm data. How scores work