Skip to content
OpenClaw Docs

Sandbox CLI

Sandbox CLI

Section titled “Sandbox CLI”

Manage sandbox runtimes for isolated agent execution.

Overview

Section titled “Overview”

OpenClaw can run agents in isolated sandbox runtimes for security. The sandbox commands help you inspect and recreate those runtimes after updates or configuration changes.

Today that usually means:

  • Docker sandbox containers
  • SSH sandbox runtimes when agents.defaults.sandbox.backend = "ssh"
  • OpenShell sandbox runtimes when agents.defaults.sandbox.backend = "openshell"

For ssh and OpenShell remote, recreate matters more than with Docker:

  • the remote workspace is canonical after the initial seed
  • openclaw sandbox recreate deletes that canonical remote workspace for the selected scope
  • next use seeds it again from the current local workspace

Commands

Section titled “Commands”

openclaw sandbox explain

Section titled “openclaw sandbox explain”

Inspect the effective sandbox mode/scope/workspace access, sandbox tool policy, and elevated gates (with fix-it config key paths).

Terminal window
openclaw sandbox explain
openclaw sandbox explain --session agent:main:main
openclaw sandbox explain --agent work
openclaw sandbox explain --json

openclaw sandbox list

Section titled “openclaw sandbox list”

List all sandbox runtimes with their status and configuration.

Terminal window
openclaw sandbox list
openclaw sandbox list --browser  # List only browser containers
openclaw sandbox list --json     # JSON output

Output includes:

  • Runtime name and status
  • Backend (docker, openshell, etc.)
  • Config label and whether it matches current config
  • Age (time since creation)
  • Idle time (time since last use)
  • Associated session/agent

openclaw sandbox recreate

Section titled “openclaw sandbox recreate”

Remove sandbox runtimes to force recreation with updated config.

Terminal window
openclaw sandbox recreate --all                # Recreate all containers
openclaw sandbox recreate --session main       # Specific session
openclaw sandbox recreate --agent mybot        # Specific agent
openclaw sandbox recreate --browser            # Only browser containers
openclaw sandbox recreate --all --force        # Skip confirmation

Options:

  • --all: Recreate all sandbox containers
  • --session <key>: Recreate container for specific session
  • --agent <id>: Recreate containers for specific agent
  • --browser: Only recreate browser containers
  • --force: Skip confirmation prompt

Important: Runtimes are automatically recreated when the agent is next used.

Use Cases

Section titled “Use Cases”

After updating a Docker image

Section titled “After updating a Docker image”
Terminal window
# Pull new image
docker pull openclaw-sandbox:latest
docker tag openclaw-sandbox:latest openclaw-sandbox:bookworm-slim


# Update config to use new image
# Edit config: agents.defaults.sandbox.docker.image (or agents.list[].sandbox.docker.image)


# Recreate containers
openclaw sandbox recreate --all

After changing sandbox configuration

Section titled “After changing sandbox configuration”
Terminal window
# Edit config: agents.defaults.sandbox.* (or agents.list[].sandbox.*)


# Recreate to apply new config
openclaw sandbox recreate --all

After changing SSH target or SSH auth material

Section titled “After changing SSH target or SSH auth material”
Terminal window
# Edit config:
# - agents.defaults.sandbox.backend
# - agents.defaults.sandbox.ssh.target
# - agents.defaults.sandbox.ssh.workspaceRoot
# - agents.defaults.sandbox.ssh.identityFile / certificateFile / knownHostsFile
# - agents.defaults.sandbox.ssh.identityData / certificateData / knownHostsData


openclaw sandbox recreate --all

For the core ssh backend, recreate deletes the per-scope remote workspace root on the SSH target. The next run seeds it again from the local workspace.

After changing OpenShell source, policy, or mode

Section titled “After changing OpenShell source, policy, or mode”
Terminal window
# Edit config:
# - agents.defaults.sandbox.backend
# - plugins.entries.openshell.config.from
# - plugins.entries.openshell.config.mode
# - plugins.entries.openshell.config.policy


openclaw sandbox recreate --all

For OpenShell remote mode, recreate deletes the canonical remote workspace for that scope. The next run seeds it again from the local workspace.

After changing setupCommand

Section titled “After changing setupCommand”
Terminal window
openclaw sandbox recreate --all
# or just one agent:
openclaw sandbox recreate --agent family

For a specific agent only

Section titled “For a specific agent only”
Terminal window
# Update only one agent's containers
openclaw sandbox recreate --agent alfred

Why is this needed?

Section titled “Why is this needed?”

Problem: When you update sandbox configuration:

  • Existing runtimes continue running with old settings
  • Runtimes are only pruned after 24h of inactivity
  • Regularly-used agents keep old runtimes alive indefinitely

Solution: Use openclaw sandbox recreate to force removal of old runtimes. They’ll be recreated automatically with current settings when next needed.

Tip: prefer openclaw sandbox recreate over manual backend-specific cleanup. It uses the Gateway’s runtime registry and avoids mismatches when scope/session keys change.

Configuration

Section titled “Configuration”

Sandbox settings live in ~/.openclaw/openclaw.json under agents.defaults.sandbox (per-agent overrides go in agents.list[].sandbox):

{
  "agents": {
    "defaults": {
      "sandbox": {
        "mode": "all", // off, non-main, all
        "backend": "docker", // docker, ssh, openshell
        "scope": "agent", // session, agent, shared
        "docker": {
          "image": "openclaw-sandbox:bookworm-slim",
          "containerPrefix": "openclaw-sbx-",
          // ... more Docker options
        },
        "prune": {
          "idleHours": 24, // Auto-prune after 24h idle
          "maxAgeDays": 7, // Auto-prune after 7 days
        },
      },
    },
  },
}

See Also

Section titled “See Also”