CloudCodeTree LogoCloudCodeTree
AI NewsTutorialsAbout
CloudCodeTree Logo
CloudCodeTree
  • AI News
  • Tutorials
  • About
← Back to AI News
Safe AI Code Execution in One API Call: Google Cloud Run Sandboxes Hit Public Preview

Safe AI Code Execution in One API Call: Google Cloud Run Sandboxes Hit Public Preview

Chris Harper

2 min read

Jul 12, 2026 · 20:05 UTC

AI
Workflow
Developer Tools
Agents

Google Cloud Run Sandboxes (public preview, July 9) add millisecond-startup isolated execution environments directly inside your Cloud Run service — zero network access by default, no env-var leakage, no separate container cluster to manage.

Every AI app that lets a model generate and execute code faces the same question: where does that code actually run? You need isolation so the model's output can't touch your database or credentials, fast startup for concurrent user sandboxes, and low ops overhead. Cloud Run Sandboxes solve all three within infrastructure you likely already run.

What a sandbox guarantees

Each sandbox is a lightweight isolated container spawned on demand inside your existing Cloud Run service instance:

  • Millisecond startup. Google tested 1,000 concurrent sandboxes at an average of 500ms each.
  • Zero outbound network by default. A script that tries to exfiltrate data is blocked at the system layer, not by application-level checks.
  • No env-var access. Your ANTHROPIC_API_KEY, DATABASE_URL, and service credentials are invisible inside the sandbox — the isolation boundary is enforced by the platform, not by your code.
  • Auto-cleanup. The sandbox is torn down when the request completes; no lingering processes.

Quick start (Python)

import google.cloud.run_v2 as run_v2

client = run_v2.SandboxesClient()

# Spawn a sandbox within your existing Cloud Run service
op = client.create_sandbox(
    parent="projects/my-project/locations/us-central1/services/my-service",
    sandbox=run_v2.Sandbox(
        command=["python3", "-c", llm_generated_code],
        timeout={"seconds": 30},
    )
)
sandbox = op.result()     # blocks until the code finishes
print(sandbox.output)     # stdout from the model's code

Enable via: gcloud beta run sandboxes or the Cloud Console under your Cloud Run service.

Practical use cases

  • LLM code interpreter. Claude generates Python to analyze a user's CSV; run it in a sandbox; return the chart. Standard execute_python tool pattern, now with platform-enforced isolation.
  • Agent tool execution. Your agent writes a bash script to parse structured data; run it isolated; return stdout/stderr back to the model.
  • User-submitted scripts. Any scenario where you trust the intent but not the code.

Why it matters: until now, running LLM-generated code safely meant either a separate microVM service (Firecracker, gVisor), a container-per-request cluster, or accepting the risk of running in-process. Cloud Run Sandboxes make safe execution a first-class primitive in the same service you already deploy — no architecture change, just one API call.

Sources: Google Cloud Run sandboxes are in public preview — Google Cloud Blog · Cloud Run release notes