What Is Sandboxing?
Sandboxing is the practice of running AI agents in an isolated environment where their actions are contained and cannot affect systems outside the sandbox boundary. OpenClaw supports multiple sandboxing strategies, each offering different levels of isolation and convenience.
Sandboxing Options
1. Process-Level Sandboxing (Default)
OpenClaw's built-in sandbox restricts the agent process using OS-level security features. File access is limited to the workspace directory, and command execution is filtered through the allowlist. This is the lightest option with minimal performance overhead.
2. Container Sandboxing (Docker/Podman)
Running OpenClaw inside a container provides file system isolation, network namespace separation, and resource limits. See the Docker Sandbox Setup guide for detailed instructions.
3. VM-Level Sandboxing
For maximum isolation, run OpenClaw in a virtual machine. This provides hardware-level separation and is recommended for production deployments handling sensitive data.
Choosing the Right Level
- Personal use / learning: Process-level sandboxing is sufficient
- Development workflows: Container sandboxing provides a good balance of security and convenience
- Production / enterprise: VM-level sandboxing is recommended, especially when handling customer data or financial systems