Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.neoagent.io/llms.txt

Use this file to discover all available pages before exploring further.

The sandbox gives a Neo Agent a temporary, isolated Linux environment for the run: a shell, plus simple file read and write. Use it for data wrangling that doesn’t fit a fixed tool — parsing an export, running a quick script, transforming a file, assembling a report — without giving the agent access to anything outside the sandbox.
The sandbox is available on every agent. There’s nothing to enable — the agent reaches for it on its own when no dedicated tool fits. It’s created fresh for the run and discarded afterwards; nothing persists between runs.

What It Does

ToolWhat it doesTier
Sandbox BashRun a shell command in the sandbox and read its outputStandard
Sandbox Read FileRead a file from the sandboxBasic
Sandbox Write FileWrite a file in the sandboxBasic
Typical uses:
  • Parse or reshape a CSV/JSON export the agent fetched from another tool
  • Run a one-off calculation or text transformation
  • Build an intermediate file the agent then attaches via Generate Artifact
If you want to steer the agent toward (or away from) the sandbox on a particular workflow, say so in custom instructions — e.g. “use the sandbox to parse the exported CSV before summarising it.”

Safety

ControlBehavior
Isolated and ephemeralThe sandbox can’t reach your PSA, RMM, M365, or Neo’s internals — it only sees what the agent puts in it. It’s destroyed at the end of the run.
Test modeWhen test mode is on, sandbox commands that would have external side effects are not executed.
Reach-for-the-sandbox is the agent’s job, not yours. For PSA, RMM, M365, IT Glue, Hudu, or Neo’s own API, the agent uses those tools directly — they’re safer and produce cleaner audit trails. The sandbox is the fallback when no dedicated tool fits.