Daytona Sandbox backend for deepagents.
Extends BaseSandbox to provide command execution, file operations, and
sandbox lifecycle management using Daytona's SDK.
import { DaytonaSandbox } from "@langchain/daytona";
// Create and initialize a sandbox
const sandbox = await DaytonaSandbox.create({
language: "typescript",
timeout: 300,
});
try {
// Execute commands
const result = await sandbox.execute("node --version");
console.log(result.output);
} finally {
// Always cleanup
await sandbox.close();
}import { createDeepAgent } from "deepagents";
import { DaytonaSandbox } from "@langchain/daytona";
const sandbox = await DaytonaSandbox.create();
const agent = createDeepAgent({
model: new ChatAnthropic({ model: "claude-sonnet-4-20250514" }),
systemPrompt: "You are a coding assistant with sandbox access.",
backend: sandbox,
});class DaytonaSandboxClose the sandbox and release all resources.
After closing, the sandbox cannot be used again. The sandbox is deleted from Daytona's infrastructure.
Download files from the sandbox.
Each file is read individually, allowing partial success when some files exist and others don't.
Edit a file by replacing string occurrences.
Uses downloadFiles() to read, performs string replacement in TypeScript, then uploadFiles() to write back. No runtime needed on the sandbox host.
Execute a command in the sandbox.
Commands are run using the sandbox's shell.
Get the user's home directory path inside the sandbox.
Get the working directory path inside the sandbox.
Structured glob matching returning FileInfo objects.
Uses pure POSIX shell (find + stat) via execute() to list all files, then applies glob-to-regex matching in TypeScript. No Python or Node.js needed on the sandbox host.
Glob patterns are matched against paths relative to the search base:
* matches any characters except /** matches any characters including / (recursive)? matches a single character except /[...] character classesSearch for a literal text pattern in files using grep.
Initialize the sandbox by creating a new Daytona Sandbox instance.
This method authenticates with Daytona and provisions a new sandbox.
After initialization, the id property will reflect the actual sandbox ID.
Forcefully terminate and delete the sandbox.
Use this when you need to immediately stop the sandbox.
List files and directories in the specified directory (non-recursive).
Uses pure POSIX shell (find + stat) via execute() — works on any Linux including Alpine. No Python or Node.js needed.
Read file content with line numbers.
Uses pure POSIX shell (awk) via execute() — only the requested slice is returned over the wire, making this efficient for large files. Works on any Linux including Alpine (no Python or Node.js needed).
Read file content as raw FileData.
Uses downloadFiles() directly — no runtime needed on the sandbox host.
Start a stopped sandbox.
Stop the sandbox without deleting it.
The sandbox can be restarted later using start().
Upload files to the sandbox.
Files are written to the sandbox filesystem. Parent directories are created automatically if they don't exist.
Create a new file with content.
Uses downloadFiles() to check existence and uploadFiles() to write. No runtime needed on the sandbox host.
Create and initialize a new DaytonaSandbox in one step.
This is the recommended way to create a sandbox. It combines construction and initialization into a single async operation.
Delete all sandboxes matching the given labels.
This is useful for cleaning up stale sandboxes from previous test runs or CI pipelines that may not have shut down cleanly.
Connect to an existing sandbox by ID.
This allows you to resume working with a sandbox that was created earlier or that is still running.
Get a running sandbox by name from a deployed app.