The sandbox gives a Neo Agent a temporary, isolated Linux environment for the run: a shell, plus simple file read and write. Use it for data wrangling that doesn’t fit a fixed tool — parsing an export, running a quick script, transforming a file, assembling a report — without giving the agent access to anything outside the sandbox.Documentation Index
Fetch the complete documentation index at: https://docs.neoagent.io/llms.txt
Use this file to discover all available pages before exploring further.
Turn this on with the Sandbox switch in the agent’s settings (
Agent Settings → Sandbox). It enables three tools together: Sandbox Bash, Sandbox Read File, and Sandbox Write File. The sandbox is created fresh for the run and discarded afterwards — nothing persists between runs.What It Does
| Tool | What it does | Tier |
|---|---|---|
| Sandbox Bash | Run a shell command in the sandbox and read its output | Standard |
| Sandbox Read File | Read a file from the sandbox | Basic |
| Sandbox Write File | Write a file in the sandbox | Basic |
- Parse or reshape a CSV/JSON export the agent fetched from another tool
- Run a one-off calculation or text transformation
- Build an intermediate file the agent then attaches via Generate Artifact
Safety
| Control | Behavior |
|---|---|
| Isolated and ephemeral | The sandbox can’t reach your PSA, RMM, M365, or Neo’s internals — it only sees what the agent puts in it. It’s destroyed at the end of the run. |
| Off by default | Nothing runs in a sandbox unless you enable the Sandbox setting on the agent. |
| Test mode | When test mode is on, sandbox commands that would have external side effects are not executed. |
How to Configure
Enable Sandbox
Flip the Sandbox switch. The three sandbox tools become available to the agent for that workflow.