Bring Sandboxes
to AutoGen
Learn how to connect Daytona (Dev Workspaces) to AutoGen and start using 28 AI agent tools in minutes. Fully managed, enterprise secure, and ready to use without writing a single line of code.
GDPR Free for SubscribersCompatible with every major AI agent and IDE
Gemini
What is the Daytona (Dev Workspaces) MCP Server?
Connect your Daytona account to any AI agent to orchestrate cloud-based development environments through natural language. Daytona provides standardized, ephemeral sandboxes that can be provisioned and managed on demand.
What you can do
- Sandbox Orchestration — List, create, start, stop, and delete sandboxes with specific CPU, memory, and disk configurations.
- Snapshot Management — Create and manage snapshots to preserve environment states or activate them for new sandboxes using
create_snapshotandactivate_snapshot. - API Key Control — Manage your authentication keys directly, including listing and creating new access tokens via
list_api_keysandcreate_api_key. - Resource Scaling — Dynamically resize sandbox resources (vCPU, RAM, Disk) to match your workload requirements using
resize_sandbox. - Volume & Storage — Inspect and manage persistent volumes and snapshots for your dev environments.
How it works
- Subscribe to this server
- Enter your Daytona API Key
- Start managing your dev infrastructure from Claude, Cursor, or any MCP client
Who is this for?
- DevOps Engineers — Automate the lifecycle of test environments and sandboxes.
- Software Developers — Spin up fresh coding environments without leaving the chat or IDE.
- QA Teams — Quickly recover sandboxes from error states or fork existing environments for debugging.
Built-in capabilities (28)
Activate a snapshot
Archive a sandbox
Create a new Daytona API key
Create a new Daytona sandbox
Create a new snapshot
Create a new volume
Deactivate a snapshot
Delete an API key by name
Delete a sandbox
Delete a snapshot
Delete a volume
Fork an existing sandbox
Get details of a specific API key by name
Get details of the currently authenticated API key
Get details of a specific sandbox
Get a signed preview URL for a specific port on a sandbox
Get details of a specific snapshot
Get details of a specific volume by ID
Get details of a specific volume by name
List Daytona API keys
List all Daytona sandboxes
List all Daytona sandboxes (paginated)
List all Daytona snapshots
List all Daytona volumes
Recover a sandbox from an error state
Resize sandbox resources
Start a stopped sandbox
Stop a running sandbox
Why AutoGen?
AutoGen enables multi-agent conversations where agents negotiate, delegate, and collaboratively use Daytona (Dev Workspaces) tools. Connect 28 tools through Vinkius and assign role-based access. a data analyst queries while a reviewer validates, with optional human-in-the-loop approval for sensitive operations.
- —
Multi-agent conversations: multiple AutoGen agents discuss, delegate, and collaboratively use Daytona (Dev Workspaces) tools to solve complex tasks
- —
Role-based architecture lets you assign Daytona (Dev Workspaces) tool access to specific agents. a data analyst queries while a reviewer validates
- —
Human-in-the-loop support: agents can pause for human approval before executing sensitive Daytona (Dev Workspaces) tool calls
- —
Code execution sandbox: AutoGen agents can write and run code that processes Daytona (Dev Workspaces) tool responses in an isolated environment
Daytona (Dev Workspaces) in AutoGen
Daytona (Dev Workspaces) and 4,000+ other MCP servers. One platform. One governance layer.
Teams that connect Daytona (Dev Workspaces) to AutoGen through Vinkius don't need to source, host, or maintain individual MCP servers. Every tool call runs inside a hardened runtime with credential isolation, DLP, and a signed audit chain.
Raw MCP | Vinkius | |
|---|---|---|
| Server catalog | Find and host yourself | 4,000+ managed |
| Infrastructure | Self-hosted | Sandboxed V8 isolates |
| Credential handling | Plaintext in config | Vault + runtime injection |
| Data loss prevention | None | Configurable DLP policies |
| Kill switch | None | Global instant shutdown |
| Financial circuit breakers | None | Per-server limits + alerts |
| Audit trail | None | Ed25519 signed logs |
| SIEM log streaming | None | Splunk, Datadog, Webhook |
| Honeytokens | None | Canary alerts on leak |
| Custom domains | Not applicable | DNS challenge verified |
| GDPR compliance | Manual effort | Automated purge + export |
Why teams choose Vinkius for Daytona (Dev Workspaces) in AutoGen
The Daytona (Dev Workspaces) MCP Server runs on Vinkius-managed infrastructure inside AWS — a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts. All 28 tools execute in hardened sandboxes optimized for native MCP execution.
Your AI agents in AutoGen only access the data you authorize, with DLP that blocks sensitive information from ever reaching the model, kill switch for instant shutdown, and up to 60% token savings. Enterprise-grade infrastructure, zero maintenance.
* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure
How Vinkius secures
Daytona (Dev Workspaces) for AutoGen
Every tool call from AutoGen to the Daytona (Dev Workspaces) MCP Server is protected by DLP redaction, cryptographic audit chains, V8 sandbox isolation, kill switch, and financial circuit breakers.
Frequently asked questions
Can I change the resources of an existing sandbox?
Yes, you can use the resize_sandbox tool to update the CPU, memory, or disk size of a specific sandbox by providing its ID or name.
How do I create a new environment with a specific Docker image?
Use the create_sandbox tool and provide the image parameter with the desired Docker or OCI image name.
What should I do if a sandbox is in an error state?
You can use the recover_sandbox tool to attempt to restore a sandbox from an error state back to a functional one.
How does AutoGen connect to MCP servers?
Create an MCP tool adapter and assign it to one or more agents in the group chat. AutoGen agents can then call Daytona (Dev Workspaces) tools during their conversation turns.
Can different agents have different MCP tool access?
Yes. AutoGen's role-based architecture lets you assign specific MCP tools to specific agents, so a querying agent has different capabilities than a reviewing agent.
Does AutoGen support human approval for tool calls?
Yes. Configure human-in-the-loop mode so agents pause and request approval before executing sensitive MCP tool calls.
McpWorkbench not found
Install: pip install "autogen-ext[mcp]"
Explore More MCP Servers
View all →
GitGuardian
49 toolsAutomate secret detection and incident response via GitGuardian — manage secret incidents, deploy honeytokens, and audit workspace security directly from your AI agent.
LlamaIndex (AI Data Framework & RAG)
6 toolsQuery and manage RAG pipelines via LlamaIndex — execute natural language searches, audit indexed files, and monitor data pipelines.
Recharge
11 toolsAutomate subscription commerce via Recharge — manage subscriptions, customers, and orders directly from any AI agent.
Elastic Security
10 toolsManage SIEM and SOC operations via Elastic Security — monitor detection rules, search security alerts (Signals), handle whitelisting, and audit threat coverage directly from any AI agent.