E2B MCP for AI. Run agent code in secure, isolated sandboxes.

Q: Do I have to use killsandbox after I run a script?

Yes, you should always call killsandbox when the work is done. It releases the allocated resources and prevents accidental billing or resource exhaustion from abandoned environments.

Q: Can I check if my sandboxes are running with listsandboxes?

Absolutely. listsandboxes lets you see all active environments, giving you a clear overview of resource usage and status across your account.

Claude

ChatGPT

Cursor

Gemini

Windsurf

VS Code

JetBrains

Vercel

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

Connect to your AI in seconds.

E2B provides secure cloud sandboxes for running code, letting your agent execute Python, JavaScript, or shell commands in isolated Firecracker microVMs.

Spin up environments in milliseconds—it's perfect for safely testing untrusted logic without risking core infrastructure.

What your AI can do

Create sandbox

Starts an isolated Linux virtual machine environment using templates like 'python3', 'node', or 'base'.

Kill sandbox

Stops and permanently deletes a running sandbox, freeing up the allocated computing resources.

List sandboxes

Shows a list of all currently active sandboxes in your account, detailing their status and resource usage.

Launch isolated code runtimes

Starts a new micro-isolated Linux environment for running specific languages like Python or Node.js.

Monitor active environments

Retrieves a list of every sandbox currently running, showing its status and resource usage.

Cleanly terminate resources

Permanently deletes a specific sandbox environment to release associated compute cycles and storage space.

Ask an AI about this

Included with Plan

Waiting for input…

AI Agent

E2B: 3 Tools for Sandbox Management

Manage the full lifecycle of secure execution environments, from initial setup using create_sandbox to monitoring with list_sandboxes and cleanup with kill_sandbox.

Make your AI actually useful.

Add this MCP to Claude, Cursor, or Windsurf and your AI stops guessing. It gets real tools to look things up, take action, and handle the stuff you keep doing by hand.

Start using E2B on Vinkius

Create Sandbox

Starts an isolated Linux virtual machine environment using templates like 'python3', 'node', or 'base'.

Kill Sandbox

Stops and permanently deletes a running sandbox, freeing up the allocated computing...

List Sandboxes

Shows a list of all currently active sandboxes in your account, detailing their...

Security and governance baked right in.

Pick your AI client below to get set up. Just create a Vinkius account, subscribe, and you're instantly up and running. We handle the entire backend infrastructure, delivering out-of-the-box support for HTTPS Streamable, SSE, and OAuth2—zero messy routing required.

Claude AI

Open Claude Settings

Go to claude.ai, click your profile icon, then navigate to Customize → Connectors.

Add Custom Connector

Click the "+" button and select Add custom connector. Paste your Vinkius endpoint URL:

https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp

Replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com. For OAuth-protected servers, expand Advanced settings to add credentials.

Start a conversation

Open a new chat. The E2B integration is available immediately — no restart needed.

Antigravity

Configure Agent Environment

Open your Antigravity agent's workspace configuration or mcp-servers.json file.

Bind the Endpoint

Add the Vinkius endpoint URL to your agent's MCP connections list:

"mcp_servers": {
  "e2b": {
    "serverUrl": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
  }
}

Provide your secure token in place of [YOUR_TOKEN_HERE] to ensure your agent requests are authenticated.

Execute

Start your Antigravity session. The agent will autonomously discover and utilize the E2B tools with full Vinkius guardrails applied.

VS Code Copilot

⚡

One-Click Install (Recommended)

In your Vinkius Dashboard, simply click the Add to VS Code button for this server. We'll automatically configure your local workspace.

Or configure manually

Open MCP Settings

Open VS Code, press Ctrl/Cmd + Shift + P, and search for GitHub Copilot: MCP Servers.

Add Server Config

Add the Vinkius endpoint configuration to your mcp-servers.json file:

"e2b": {
  "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
}

Ensure you replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com.

LangChain

Install Dependencies

Install the LangChain MCP adapters for your environment:

pip install langchain-mcp-adapters

Connect the Server

Use the SSEClient in LangChain to connect to the Vinkius managed endpoint:

from langchain_mcp_adapters.client import SSEClient

# Connect to Vinkius
client = SSEClient(url="https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp")
tools = client.get_tools()

CrewAI

Define the Tool

Load the Vinkius MCP tools into your CrewAI agents:

from crewai import Agent
from mcp_crewai import MCPTool

# Connect securely to Vinkius
vinkius_tools = MCPTool(url="https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp")

# Assign to Agent
researcher = Agent(
    role='Data Researcher',
    tools=vinkius_tools.get_all()
)

Execute Task

Run your CrewAI process. The agent will autonomously route tasks to the Vinkius managed server.

Choose How to Get Started

Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.

Build Your Own

Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.

Import from OpenAPI, Swagger, or YAML specs
Create Agent Skills with progressive disclosure
Deploy to edge with MCPFusion framework
Built in DLP, auth, and compliance on every call
Real time usage dashboard and cost metering
Publish to catalog or keep private

Start building

Make Your AI Do More

Start with E2B, then connect any of our 5,100+ other servers whenever your AI needs more. One click, no limits.

Use this MCP plus 5,100+ others, all in one place
Add new capabilities to your AI anytime you want
Every connection is secured and compliant automatically
Track usage and costs across all your servers
Works with Claude, ChatGPT, Cursor, and more
New servers added to the catalog every week

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by E2B. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

VINKIUS INFRASTRUCTURE

Cloud Hosted

Managed infra

V8 Isolated

Sandboxed per request

Zero-Trust Proxy

No stored credentials

DLP Enforced

Policy on every call

GDPR Compliant

EU data residency

Token Compression

~60% cost reduction

Your data is protected. See how we built it.

Works with Claude, ChatGPT, Cursor, and more

The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.

This connection provides 3 powerful capabilities that interface natively with Claude, ChatGPT, Cursor, and other compatible AI platforms. No middleware. No custom integration required.

The old way: manual setup and high risk.

Today, if your agent needs to run Python code or test a script, someone has to manually set up a virtual machine (VM) on a dedicated server. This involves logging into the command line, installing dependencies like pandas, and then running the script. It's slow, error-prone, and you always worry about forgetting to shut down that VM, which leads directly to wasted compute cycles and cost overruns.

With this MCP, your agent handles it all automatically. You just tell it what code to run, specify the template, and it spins up an isolated environment instantly. The output is clean, contained, and ready for the next step in the workflow.

Manage your entire sandbox lifecycle with `kill_sandbox`.

The biggest headache used to be resource cleanup. You'd run a script using `create_sandbox`, and even after the code finished, you were left with an active, running VM hanging around that cost money and cluttered your monitoring dashboard. Finding these 'ghost' sandboxes was tedious.

Now, when you are done, just use `kill_sandbox`. That single call guarantees termination—it shuts down the compute cycle *and* deletes the filesystem contents. It’s clean, reliable resource management.

Support 24/7 support@vinkius.com ↗

Security Vinkius Trust Center ↗

SLA Service Level Agreement ↗

Report Listing Send Report ↗

What your AI can actually do with this

When you build AI agents that need to run actual code—say, processing a file or making an API call with Python—you can't just let them run it directly on your main server. The risk is too high. This MCP lets your agent spin up completely isolated environments where all the action happens.

It’s like giving your AI client its own tiny, secure computer that only exists for the task at hand. Your agent can launch a sandbox with a specific setup, run the script, and then shut it down clean. You get full visibility into what's running using one set of tools, and you can terminate anything when you’re done.

Because this whole system is hosted on Vinkius, your agent connects once to manage these environments across any compatible AI client.

Built · Hosted · Managed by Vinkius E2B MCP - Secure Code Sandbox Execution

Server ID 019d758b-1ee8-73d2-bcb9-fc66121d9410

Vinkius Inspector

Compliance Grade A+

Score 100/100

Report View Report ↗

Here's how it actually works

The bottom line is that your AI client treats running code like a temporary job, not a permanent fixture on the server.

Subscribe to this MCP on Vinkius and provide your E2B API key credentials.

Your agent calls the create_sandbox tool, specifying the desired template (Python, Node, etc.).

The sandbox launches in milliseconds. Your agent uses this isolated environment for execution, then calls kill_sandbox to clean up.

What Changes When You Connect

Guaranteed isolation: Code runs in dedicated Firecracker microVMs. This means a failure or crash in one sandbox doesn't affect your core system—it just dies in its own little container.

Speedy setup: You spin up new environments in around 150 milliseconds. It’s fast enough that running code feels like part of the natural conversation flow, not an external delay.

Full resource control: Use list_sandboxes to check what's active and kill_sandbox when you're done. You never leave orphaned environments running and eating up credits.

Reproducibility for data work: Data science teams can run the exact same analysis script multiple times, knowing each run started from a pristine, isolated environment.

Multi-language support: Need to run Python and Node? Just create different sandboxes with specific templates. It handles all three major languages securely.

See it in action

01 01

Testing a data script

A data scientist wants the agent to process a CSV file using pandas. They first use create_sandbox with the 'python3' template, run the analysis, and then immediately call kill_sandbox. This ensures zero lingering resources and 100% clean reporting.

02 02

Monitoring agent activity

The ops engineer needs to see if their team has left several test sandboxes running overnight. They use list_sandboxes to quickly audit all active environments before billing cycle ends, catching resource leaks immediately.

03 03

Building an interactive coding platform

An EdTech developer needs students to write and run JavaScript code without any risk. The agent uses create_sandbox with the 'node' template; when done, it relies on clear instructions to use kill_sandbox.

04 04

Debugging complex workflows

The developer runs a multi-step workflow and suspects resource leakage. They use list_sandboxes multiple times throughout the test run, confirming that every sandbox they intended to shut down was properly terminated by calling kill_sandbox.

The honest tradeoffs

Ignoring cleanup

Anti-pattern

Running a complex script using create_sandbox and then forgetting to stop the environment. This leaves an active, consuming sandbox running indefinitely until manually found.

The Fix

Always pair create_sandbox with a subsequent call to kill_sandbox once the code has finished executing. Don't wait for memory warnings; terminate it explicitly.

Over-reliance on one language

Anti-pattern

Assuming that because you ran Python, your agent can also run shell commands or Node.js without changing templates.

The Fix

If the code requires a different runtime (e.g., JavaScript), use create_sandbox again, making sure to select the appropriate template like 'node' for maximum compatibility.

Assuming resources are free

Anti-pattern

Calling list_sandboxes and assuming that just because it shows a status of 'stopped' means no compute cycles were used. Some environments still consume background resources.

The Fix

If you don't need the sandbox anymore, use kill_sandbox. It guarantees the full release of both the virtual machine and its associated filesystem data.

When It Fits, When It Doesn't

Use this MCP if your primary requirement is executing untrusted code or complex logic in a fully contained environment. If you only need to read static data, call an external API for structured records, or process text without running commands, then this MCP adds unnecessary complexity and cost. This toolset excels when the result of your agent's work is the output of a script run—you must use create_sandbox for that. Don't try to replicate complex scripting logic with simple messaging tools; you need the full sandbox lifecycle control provided by these three tools.

Questions you might have

How fast is it to create a sandbox using create_sandbox? +

Sandboxes start up quickly; they launch in about 150 milliseconds. This speed makes them ideal for real-time agent interactions where latency matters.

Do I have to use kill_sandbox after I run a script? +

Yes, you should always call kill_sandbox when the work is done. It releases the allocated resources and prevents accidental billing or resource exhaustion from abandoned environments.

What templates are available for create_sandbox? +

The service supports several predefined templates, including 'base' (the default), 'python3', and 'node'. You pick the template that matches the language you need to run code in.

Can I check if my sandboxes are running with list_sandboxes? +

Absolutely. list_sandboxes lets you see all active environments, giving you a clear overview of resource usage and status across your account.

How does using `create_sandbox` ensure that code running in one sandbox cannot affect others? +

It uses Firecracker microVMs for strong isolation. This architecture gives every sandbox its own kernel and filesystem, guaranteeing that even if a script crashes or runs malicious code, it stays contained within that specific environment.

If I forget to call `kill_sandbox`, will it impact my billing? +

While resources are designed to be managed, leaving sandboxes running increases resource consumption and associated costs. Always calling kill_sandbox immediately after your task finishes is the best way to stop accruing charges.

Can I set a custom execution time limit when using the `create_sandbox` tool? +

Yes, you can adjust the timeout parameter. Although the default is 300 seconds, specifying a shorter or longer timeout ensures the sandbox matches your script's expected runtime and prevents unnecessary resource retention.

What detailed metrics does `list_sandboxes` provide besides status? +

It gives you more than just active status. You can see the template used for each environment, along with details on its current resource usage and when it was last started, which is critical for monitoring.

How secure are E2B sandboxes? +

E2B sandboxes run as dedicated Firecracker microVMs — the same technology used by AWS Lambda and Fargate. Each sandbox has its own Linux kernel, filesystem, and network stack, providing hardware-level isolation. Code running in a sandbox cannot access your host system, other sandboxes, or any external resources unless explicitly configured.

What programming languages are supported? +

E2B supports Python, JavaScript/TypeScript, R, Java, and Bash out of the box. You can also create custom sandbox templates with any pre-installed tools, libraries, or system dependencies. The base template provides a full Ubuntu Linux environment where you can install anything via apt or pip.

How does E2B pricing work? +

E2B uses usage-based pricing billed per second of compute time. The free Hobby plan includes a one-time $100 credit (no credit card required), up to 20 concurrent sandboxes, and 1-hour maximum session length. The Pro plan starts at $150/month with 24-hour sessions and higher concurrency limits.

View all recipes →

MCP Servers for Side-by-Side AI Model Evaluation

You read 15 model cards to pick a model, run zero benchmarks, and hope the one with the most likes is actually the best for your use case , because setting up evaluation infrastructure takes longer than building the product

Hugging Face E2b Google Sheets

View all recipes

Connect to your AI in seconds.

Create sandbox

Kill sandbox

List sandboxes

E2B: 3 Tools for Sandbox Management

Make your AI actually useful.

Create Sandbox

Kill Sandbox

List Sandboxes

Security and governance baked right in.

Claude AI

Open Claude Settings

Add Custom Connector

Start a conversation

Claude Code

Open your terminal

Add the MCP Server

Start coding

Cursor

One-Click Install (Recommended)

Open Cursor Settings

Add New Server

Use in Composer

Antigravity

Configure Agent Environment

Bind the Endpoint

Execute

VS Code Copilot

One-Click Install (Recommended)

Open MCP Settings

Add Server Config

Windsurf

One-Click Install (Recommended)

Open Windsurf Settings

Add Server Endpoint

LangChain

Install Dependencies

Connect the Server

CrewAI

Define the Tool

Execute Task

Choose How to Get Started

Build Your Own

Make Your AI Do More

Works with Claude, ChatGPT, Cursor, and more

The old way: manual setup and high risk.

Manage your entire sandbox lifecycle with `kill_sandbox`.

What your AI can actually do with this

Here's how it actually works

Who is this actually for?

What Changes When You Connect

See it in action

Testing a data script

Monitoring agent activity

Building an interactive coding platform

Debugging complex workflows

The honest tradeoffs

Ignoring cleanup

Over-reliance on one language

Assuming resources are free

When It Fits, When It Doesn't

Questions you might have

Powerful workflows you can unlock today

MCP Servers for Side-by-Side AI Model Evaluation