OpenAI Cookbook: Sandboxed Agents for Codebase Migration
Summary
- • OpenAI published an Agents SDK cookbook for running isolated, scoped code-migration agents
- • Architecture keeps orchestration in a trusted host process; shell commands and file edits run inside sandboxes
- • Example migrates two services from Chat Completions to Responses API via Docker, E2B, or Cloudflare
Details
OpenAI published a code-migration agent cookbook in the openai-cookbook repository
Located at openai-cookbook/examples/agents_sdk/sandboxed-code-migration. Targets the problem of risky monolithic migration PRs by splitting modernization work into scoped, auditable task units.
Host process retains secrets and audit log; sandboxes receive only scoped files and commands
This trust boundary means a misbehaving agent cannot access production credentials or broader infrastructure. The host collects each task's report and patch, writes to the audit log, and deletes the sandbox before starting the next task.
Example: two-service migration from Chat Completions API to Responses API
Each service runs in its own sandbox. The agent inspects files, edits application and test code, runs a compile check, reruns tests, and returns a patch bundle. The host receives the output and moves to the next service.
Docker runs locally; E2B and Cloudflare Workers are drop-in alternatives
Provider-specific code is isolated to sandbox creation only. The same SandboxAgent, tools, manifest, and prompt work unchanged across Docker, E2B, and Cloudflare, making infrastructure swaps low-friction.
Requirements: Python 3.10+, Docker, OpenAI API key, OpenAI Agents SDK with sandbox support
E2B and Cloudflare credentials are optional for hosted execution. Cookbook code available publicly in the openai-cookbook GitHub repository.
Product Launch = new cookbook release, Tech Info = architecture and implementation details, Infrastructure = deployment and provider options, Context = requirements and setup
What This Means
This cookbook gives engineering teams a concrete, provider-portable pattern for automating code modernization: agents do the mechanical work inside ephemeral, scoped sandboxes while the host process retains control of credentials, policy, and audit trails. The trust-boundary separation is directly applicable to any agentic workflow touching sensitive infrastructure — not just code migration. Teams evaluating agentic coding tools now have a reference architecture from OpenAI for how to scope, isolate, and audit agent actions at the task level.