Vercel Sandbox
Learn how to safely execute untrusted code using Vercel Sandbox. Build a CLI code review agent that clones repositories, runs tests, and uses AI to analyze code for security and quality issues, all in an isolated environment.
AI is writing more of your code. Claude Code oneshotting, ChatGPT copy and paste, forgetting what an IDE looks like. But running code you didn't write is risky. What if there are bugs? What if there are security vulnerabilities?
Before you YOLO everything into production, Vercel Sandbox lets you execute untrusted code in isolated microVMs that spin up in milliseconds. In this course, you'll build a CLI agent that doesn't just read code, it actually runs it, safely.
What you'll build
A CLI tool that accepts a GitHub repo URL, clones the repository into an isolated Sandbox environment, runs its test suite, and uses AI to review the code for security and quality issues. By the end, you'll have a tool that combines static analysis with dynamic test execution into a unified review.
What you'll learn
This course covers 5 sections that progressively build a CLI code review agent:
- Section 1: Sandbox Foundations - Create sandboxes, run commands, clone repos, and read files in isolated environments
- Section 2: Building the CLI - Set up a CLI project with commander, validate GitHub URLs, and wire up the Sandbox workflow
- Section 3: AI-Powered Analysis - Use AI Gateway to read code files, build analysis prompts, and generate security and quality reviews
- Section 4: Test Execution - Run test suites in the Sandbox, handle failures, and combine static and dynamic findings
- Section 5: Production Ready - Optimize with snapshots, add error handling, and polish the output
Prerequisites
- Comfortable with TypeScript and Node.js
- Basic familiarity with CLI tools
- Vercel account
Tech stack
@vercel/sandbox- Isolated microVMs for code execution- AI SDK with AI Gateway
- TypeScript
commander- CLI frameworkpnpm- Package managergit- Repository cloning
How this course works
- Build everything yourself: Type every line of code so you understand how everything works
- Real code execution: Every section runs actual commands in real sandboxes
- Progressive complexity: Each section adds one new capability
- Production patterns only: Everything you build is something you'd actually ship
Getting started
Ready to safely execute untrusted code? Start with Sandbox Foundations to learn the basics of isolated environments.
On this page