How sandboxes work
Each Slack thread maps 1:1 to a sandbox instance with its own git worktree branch and snapshot chain. Slack Agent restores from the most recent snapshot when a thread starts work and snapshots the sandbox when a run completes. The shared base snapshot provides the starting point for all new threads.Guaranteed tools
Every sandbox includes:| Category | Tools |
|---|---|
| Version control | git |
| Network and archive | curl, tar, zip, unzip |
| Languages | python3 |
| Search and navigation | rg (ripgrep), fd, tree |
| Data processing | jq, yq, sqlite3, gawk |
| Build and patch | make, patch, file |
| System | time, procps |
gh (GitHub CLI), glab (GitLab CLI) on a best-effort basis.
What admins can configure
- Runtime selection (curated set including modern Node.js and Python, not arbitrary environments)
- Package setup
- Saved snapshots
- Reset-to-clean behavior
- Interactive editing or console access where supported
Lifecycle states
| Status | Meaning |
|---|---|
draft | Configuration exists, no snapshot saved yet |
saving | Snapshot save in progress |
ready | Saved snapshot available |
failed | Most recent operation failed |
archived | Sandbox retired |
What’s next
Admin roles and security
Confirm who should be allowed to manage shared workspace execution settings.
Working in Slack
Understand when Slack Agent might rely on the shared sandbox during real conversations.
Thread reviews
Inspect the resulting runs and diffs after sandbox-backed work completes.