Skip to main content
SmolVM gives your AI agents a safe place to run code. Instead of executing LLM-generated commands directly on your machine, SmolVM spins up an isolated microVM in milliseconds, runs the code inside it, and tears it down when finished.
Install the agent framework extras before following these examples:
This adds PydanticAI, OpenAI Agents SDK, LangChain, and Playwright as dependencies. See installation for details.

Agentor

Agentor is Celesto’s own agent framework. It has built-in SmolVM support through SmolVMRuntime, so your agent’s shell commands run inside a sandbox automatically.
See the full working example in main.py.

PydanticAI

Register SmolVM as a PydanticAI tool. Each call spins up a fresh VM, runs the command, and tears it down automatically.
See the full working example in examples/agent_tools/pydanticai_tool.py.

Reusable sandbox across turns

If your agent needs to maintain state between tool calls, keep the VM alive across invocations:
See the full working example in examples/agent_tools/pydanticai_reusable_tool.py.

OpenAI Agents SDK

Use SmolVM as a function tool in the OpenAI Agents SDK:
See the full working example in examples/agent_tools/openai_agents_tool.py.

Use SmolVM as a SandboxAgent provider

If you want OpenAI’s SandboxAgent to treat SmolVM as its full working computer (not just a one-shot tool), use the ready-made provider in the Celesto SDK. It plugs into Runner and SandboxRunConfig directly, and ships alongside a hosted Celesto option you can swap in without changing your agent code. See OpenAI Agents SDK sandboxes for the full guide.

LangChain

Wrap SmolVM as a LangChain tool:
See the full working example in examples/agent_tools/langchain_tool.py.

Browser and desktop sandboxes

SmolVM can give your agent a browser or a full desktop inside a disposable sandbox. Use browser mode for websites and Playwright automation. Use desktop mode when the agent needs a visible screen that a computer-use driver can control. VNC means Virtual Network Computing, a standard way to view and control a remote screen.
browser_agent.py
See the full working example in examples/browser_sandbox.py.

Browser and desktop modes

cdp_url is the browser automation address used by Playwright and other Chrome DevTools Protocol clients. viewer_url opens in your browser so you can watch the screen. display_url is the VNC address for desktop viewers and computer-use agents.

Computer-use with OpenAI

Combine a visible browser or desktop sandbox with OpenAI’s computer-use API for autonomous browsing and desktop workflows. The model sees screenshots and sends back click, type, and scroll instructions.
computer_use_browser.py
See the full working example in examples/agent_tools/computer_use_browser.py for a complete computer-use loop with action handling and domain allowlisting.

Generic tool pattern

If you use a framework not listed above, the core pattern is the same:
Register this function as a tool in whatever framework you use.
Last modified on June 12, 2026