sandbox

AIO Sandbox has been aligned to SemVer. This is a cumulative release from 1.0.0.152 to 1.9.3, and also a consolidation release before the 2.0 refactor.

The 1.9.x line syncs the major capabilities, reliability improvements, and documentation updates accumulated over the past releases.

The current image is distributed for linux/amd64 only. ARM machines can run it with --platform linux/amd64 emulation.

Highlights

• Built-in AIO CLI: The sandbox image now includes the aio command, allowing agents and users to access browser, GUI, file, sandbox, MCP, and skills capabilities directly from shell.
• Improved Bash execution: Added /v1/bash/*, a stateful Bash execution path designed for agent workflows, with separated stdout/stderr, stdin writing, process control, output polling, and session management.
• Real-time file watching: Added File Watch with SSE, long polling, and blocking wait modes for file and directory events such as create, write, remove, rename, and chmod.
• Desktop recording: Added Display recording support for capturing the X11 desktop as MP4.
• Proxy Mapping upgrade: Upgraded Proxy Mapping to GOST v3, with support for domain/IP/port mapping, HTTPS mapping, header-based port routing, proxy authentication, and health checks.
• Runtime and tooling improvements: Added or improved support for multiple Node.js versions, Go, bun, yarn, common system dependencies, and fonts for better code execution and browser rendering.
• MCP and Skills improvements: Reworked MCP Hub integration with extensible MCP servers, tool search, skill loading, and skill registration overwrite support.

Reliability and Compatibility

• Overall browser path improvements: Improved stability across browser connection, restart, cookies, language handling, user-agent behavior, agent-browser integration, and page interactions.
• Core execution path improvements: Shell / Bash, file upload/download, file watching, and proxy routing are more reliable for long-running tasks, large files, and concurrent workloads.

For more details, see the documentation: https://sandbox.agent-infra.com/guide/start/agent-sandbox

AIO Sandbox 已统一为 SemVer（三段式语义化版本）。本次为从 1.0.0.152 到 1.9.3 的累积更新，也是 2.0 重构前的一次集中同步。

1.9.x 同步了过去一段时间内的主要能力、稳定性修复和文档更新。

当前镜像仅分发 linux/amd64 版本，ARM 机器可使用 --platform linux/amd64 模拟执行。

主要更新

• 内置 AIO CLI：镜像内置 aio 命令，Agent 和用户可以直接在 shell 中调用 browser、GUI、file、sandbox、MCP 和 skills 等能力。
• Bash 执行能力升级：新增 /v1/bash/*，提供更适合 Agent 使用的有状态 Bash 执行链路，支持 stdout/stderr 分离、stdin 写入、进程控制、输出轮询和会话管理。
• 实时文件监听：新增 File Watch，支持 SSE、长轮询和阻塞等待，可监听文件和目录的 create、write、remove、rename、chmod 等事件。
• 桌面录屏：新增 Display recording 能力，可录制 X11 桌面画面并输出 MP4。
• 代理能力升级：Proxy Mapping 升级为 GOST v3，支持域名/IP/端口映射、HTTPS 映射、请求头端口路由、代理认证和健康检查。
• 运行时与工具链增强：补齐多版本 Node.js、Go、bun、yarn、常用系统依赖和字体支持，提升代码执行、浏览器渲染和多语言场景的可用性。
• MCP 与 Skills 体验增强：重构 MCP Hub，支持扩展 MCP server、工具搜索、skill 加载和 skill 覆盖注册，降低 Agent 接入成本。

稳定性与兼容性

• 浏览器链路整体优化：围绕连接、重启、Cookie、语言、User-Agent、agent-browser 和页面操作稳定性进行了系统性增强。
• 核心执行链路增强：Shell / Bash、文件上传下载、文件监听和代理转发在长任务、大文件和并发场景下更加稳定。

更多使用方式和能力说明可参考文档：https://sandbox.agent-infra.com/guide/start/agent-sandbox