GitHub Copilot Sandboxes Public Preview: Local & Cloud Isolation

TL;DR

• Copilot can now run in isolated sandboxes—locally on your machine or in GitHub-hosted cloud environments
• Local sandboxes use Microsoft MXC for consistent isolation across macOS, Linux, Windows; cloud sandboxes are ephemeral Linux VMs
• No breaking changes; local sandboxes included in standard Copilot seat; cloud sandboxes have separate pricing

New

• Local sandboxes — Run Copilot-initiated shell commands with restricted filesystem, network, and system access. Enable with /sandbox enable in any Copilot session. Built on Microsoft MXC technology and included in standard Copilot seats.
• Cloud sandboxes — Launch fully isolated, ephemeral Linux environments directly from Copilot with copilot --cloud. Inherits your org's existing Copilot cloud agent policies automatically.
• Enterprise policy controls — Centrally configure and enforce local sandbox policies through Microsoft Intune and other MDM platforms for standardized isolation across teams.
• Cross-device session continuity — Cloud sandboxes let you pick up Copilot sessions across devices without losing state, and run multiple tasks in parallel without consuming local resources.

Why This Matters

As Copilot evolves from an in-editor assistant into an agentic coding partner that executes commands and modifies files, security isolation becomes critical. These sandboxes give you control over what Copilot can access while enabling safer agentic workflows. This is especially important for enterprises adopting agent-based development patterns.

Update: See the official sandbox documentation for setup details and pricing for cloud sandboxes.

Source: GitHub Changelog