I’ve been working on a small project that demonstrates how to connect an agent to a secure code-execution environment using LangGraph, Claude Sonnet 4.5, and Koyeb’s new Sandboxes feature. The goal was to explore how agents can execute real Python code instead of relying solely on direct tool calls.
What the Project Does
-
Implements a LangGraph ReAct-style agent
-
The agent has one bound tool: a Python code executor
-
The executor runs inside an isolated Koyeb Sandbox
-
Sandboxes are provisioned and managed using the koyeb-sdk Python client
-
The agent writes Python code dynamically, sends it to the sandbox, executes it, and returns the result
-
The sandbox lifecycle is fully automated: create → run code → clean up
Why This Matters
Direct tool calls require models to load all tool definitions into context, and all results must flow back through the LLM. This becomes inefficient as the number of tools grows or when dealing with large outputs.
Code execution avoids these issues:
-
Only the tool the agent writes code for needs to be loaded
-
Large data stays inside the sandbox instead of flowing through the model
-
Control flow (loops, filtering, batching, retries) is handled in code, not through multiple model calls
-
Sandboxes provide a secure, isolated runtime to execute arbitrary code generated by the model
-
Token usage and latency are significantly reduced
This follows the direction outlined in Anthropic’s article on code execution with MCP:
https://www.anthropic.com/engineering/code-execution-with-mcp
Link to the github repo: GitHub - moncifem/Agent-Sandbox-Koyeb: LangGraph React agent with sandbox tool isolation through koyeb