Daytona Sandbox Tools
Description
The Daytona sandbox tools give CrewAI agents access to isolated, ephemeral compute environments powered by Daytona. Three tools are available so you can give an agent exactly the capabilities it needs:DaytonaExecTool— run any shell command inside a sandbox.DaytonaPythonTool— execute a block of Python source code inside a sandbox.DaytonaFileTool— read, write, append, list, delete, and inspect files inside a sandbox; also supportsmove,find(content grep),search(filename glob),chmod(permissions),replace(bulk find-and-replace), andexists.
Installation
DAYTONA_API_URL and DAYTONA_TARGET are also respected if set.
Sandbox Lifecycle
All three tools inherit lifecycle controls fromDaytonaBaseTool:
Ephemeral mode is the safe default: nothing leaks if the agent forgets to clean up. Use persistent mode when you want filesystem state or installed packages to carry across multiple tool calls — this is typical when pairing
DaytonaFileTool with DaytonaExecTool.
Examples
One-shot Python execution (ephemeral)
Code
Multi-step shell session (persistent)
Code
By default, each tool with
persistent=True lazily creates its own sandbox on first use. The pattern above shares a single sandbox across multiple tools by reading the first tool’s active_sandbox_id after a .run() call and passing it to the others via sandbox_id=.... With persistent=False (the default), every .run() call gets a fresh sandbox that’s deleted at the end of that call.Attach to an existing sandbox
Code
Custom sandbox parameters
Pass Daytona’sCreateSandboxFromSnapshotParams kwargs via create_params:
Code
Searching, moving, and modifying files
Code
Agent integration
Code
Parameters
Shared (DaytonaBaseTool)
All three tools accept these parameters at initialization:
DaytonaExecTool
DaytonaPythonTool
DaytonaFileTool
For
chmod, pass at least one of mode, owner, or group — any field left as None is left unchanged on the target.