OpenAI adds sandboxing
OpenAI added sandboxed execution to its Agents SDK so enterprises can run automated workflows in constrained, auditable runtimes. Separate reporting says OpenAI also gated a recent cybersecurity model and flagged a security issue involving a third‑party tool, showing a cautious rollout approach for high‑risk capabilities. (artificialintelligence-news.com) (techbrew.com) (analyticsinsight.net)
A sandbox is a locked workroom for software, and OpenAI added one to its Agents Software Development Kit on April 15 so automated agents can handle files and commands inside tighter boundaries. (openai.com) OpenAI said the update adds “native sandbox execution” and a “model-native harness,” which is the control loop that lets an agent inspect files, run commands, edit code, and keep working across many steps. (openai.com) In OpenAI’s documentation, the sandbox is a container-based Unix-like environment with a filesystem, shell, installed packages, mounted data, exposed ports, snapshots, and resumable state. OpenAI said sandbox agents are available now in the Python Agents Software Development Kit. (developers.openai.com) OpenAI drew a line between the harness and compute: the harness keeps model calls, approvals, tracing, billing, audit logs, and recovery state, while the sandbox runs the model-directed work on files and commands. The company said that split lets enterprises keep sensitive control-plane systems in their own infrastructure. (developers.openai.com) The change lands as companies push agents beyond chat into longer workflows that touch internal documents, scripts, and generated reports. OpenAI said teams moving from prototypes to production have run into tradeoffs between flexible frameworks, provider-specific kits, and managed agent services. (openai.com) OpenAI paired that product release with a more restrictive move in security. On April 14, the company said it was expanding its Trusted Access for Cyber program to thousands of verified defenders and hundreds of teams, while limiting a new GPT-5.4-Cyber model to vetted users with identity checks. (openai.com) OpenAI said it has been adding cyber-specific safeguards since 2025 and framed the new release around “iterative deployment,” with stronger controls as models become more capable. The company also pointed to earlier programs including its 2023 Cybersecurity Grant Program and its 2026 Codex Security launch. (openai.com) A separate security incident added to that caution this week. OpenAI said on April 10 that a compromised version of the third-party developer library Axios had touched a GitHub Actions workflow used in its macOS app-signing process. (openai.com) OpenAI said it found no evidence that user data was accessed, its systems or intellectual property were compromised, or its software was altered. The company rotated macOS code-signing certificates and told macOS users to update ChatGPT Desktop, Codex, Codex-cli, and Atlas to the latest versions. (openai.com) Taken together, the past week shows OpenAI widening what its agents can do while tightening where that work runs, who gets access to higher-risk models, and how trusted software is signed. (openai.com)
