Stats
Actions
Tags
From daytona-sandbox
Run and manage code in Daytona secure, elastic sandboxes — isolated cloud machines that boot in under 90ms. Use when the user wants to execute AI-generated or untrusted code in an isolated sandbox, spin up an ephemeral environment, create or destroy Daytona sandboxes, run shell commands or code remotely, clone a git repo into a sandbox, manage files inside a sandbox, run a dev server and get a public preview link, or use Daytona snapshots, volumes, or persistent exec sessions. Drives the Daytona Python SDK (preferred), the `daytona` CLI, or the daytona-mcp tools.
How this skill is triggered — by the user, by Claude, or both
Slash command
/daytona-sandbox:daytona-sandboxThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
A Daytona sandbox is an isolated, stateful cloud machine (its own kernel, filesystem,
A Daytona sandbox is an isolated, stateful cloud machine (its own kernel, filesystem, network, CPU/RAM/disk) that starts in milliseconds. It is the right place to run AI-generated or untrusted code, build and test a repo, or stand up a dev server behind a public preview URL — without touching the user's machine.
This Skill teaches the workflow and judgment for driving Daytona, not just the verbs.
Prefer the Python SDK — it is the complete superset of every operation and is the
current, supported surface. Fall back to the daytona CLI or the daytona-mcp tools
only when the SDK is unavailable.
Use it whenever the task involves running code somewhere safe and disposable:
If the user only wants code written (not run), you don't need a sandbox.
Daytona has two independent auth paths — you need exactly one:
DAYTONA_API_KEY. Create one in the
Daytona dashboard (https://app.daytona.io → API Keys). daytona login does NOT create this
key — login authenticates the CLI/MCP over OAuth, which is a separate path. Never print,
echo, or hardcode the key.
DAYTONA_API_URL (default https://app.daytona.io/api), DAYTONA_TARGET (e.g. us).daytona CLI (daytona login) or a connected daytona-mcp
server. These work without DAYTONA_API_KEY.Verify before creating anything:
python3 scripts/healthcheck.py
daytona CLI is authenticated → use the CLI
(daytona …) or the daytona-mcp tools instead (see "Which surface to drive").DAYTONA_API_KEY (dashboard → API Keys) or run daytona login, then stop.If import daytona fails, install it for the same interpreter you run the scripts with:
python -m pip install daytona. Gotcha: a bare pip can target a different interpreter than
python3 (common on Windows, where python3 may be the Microsoft Store shim), so the import
still fails — always use python -m pip, and run the scripts with that same python.
Always follow this shape. The single most important rule: a sandbox is a resource you own — clean it up.
from daytona import Daytona
daytona = Daytona() # reads DAYTONA_API_KEY from env
sandbox = daytona.create() # boots in well under a second
try:
resp = sandbox.process.exec("python3 --version")
print(resp.exit_code, resp.result)
finally:
sandbox.delete() # ALWAYS clean up (see lifecycle rules below)
For a ready-made, deterministic version of this loop, run the bundled script instead of regenerating the boilerplate (its code never enters your context — only its output does):
# Run a shell command in a fresh sandbox, then auto-destroy it:
python3 scripts/run_in_sandbox.py --command "python3 -c 'print(2+2)'"
# Run a Python snippet:
python3 scripts/run_in_sandbox.py --code "import sys; print(sys.version)"
# Clone a repo and run its tests, keeping the sandbox alive for inspection:
python3 scripts/run_in_sandbox.py --repo https://github.com/psf/requests --command "cd repo && pip install -e . && pytest -q" --keep
sandbox.delete()), even on error
(use try/finally). If you must leave it running, rely on auto_stop_interval (defaults to
15 min idle) and tell the user the sandbox ID so they can reuse or destroy it.sandbox object for the whole task.
Don't create a new sandbox per command.exec is stateless — cd does NOT persist between calls. Each process.exec(...) runs in
a fresh shell. Chain directory-sensitive steps in one command (cd /app && make) or use a
persistent session (process.create_session / execute_session_command) for long,
multi-step builds. See reference/exec.md./tmp or the working dir for scratch files unless the user specifies otherwise.Resources(cpu=, memory=, disk=) only when a build needs it. (Resources can't be combined with
a snapshot — see reference/sandboxes.md.)reference/sandboxes.md.reference/sandboxes.md.reference/sandboxes.mdcode_run), persistent sessions, environment variables, git:
reference/exec.mdreference/files.mdreference/preview.mdexamples/run-python.md, examples/clone-and-test.md| Situation | Use |
|---|---|
| Default — anywhere you can run Python | Python SDK (from daytona import Daytona) — full superset, current API |
| No Python, but a terminal is available | daytona CLI (daytona create, daytona exec, …) |
The daytona-mcp server is connected and you can't run code | MCP tools, fully qualified: daytona-mcp:create_sandbox, daytona-mcp:execute_command, daytona-mcp:preview_link, … |
The MCP exposes only 12 thin, stateless tools (create/destroy, exec, git clone, basic file ops,
preview). It has no sessions, code_run, snapshot/volume creation, start/stop/archive, or
list. For anything beyond the simplest one-shot flow, prefer the SDK. The full map of "what the
MCP covers vs. what only the SDK can do" is in reference/sdk-vs-mcp.md — read it before
deciding the MCP is enough.
env_vars at create time.network_block_all,
network_allow_list). See reference/sandboxes.md.DAYTONA_API_KEY or any token returned by get_preview_link.npx claudepluginhub jiviny/daytona-skill --plugin daytona-sandboxGuides creation, editing, and verification of skills for AI coding agents using test-driven development with subagent scenarios. Use when authoring or debugging skills.