I’d like to use the sandbox as a true micro-VM, not only to isolate the agent, but also as a development environment. For example, once the agent finishes its task, I want to run a docker compose-based setup to test the changes.

The sandbox already has everything built and ready, so ideally I should be able to exec into it and start the environment directly and test it. However, I don’t currently have access to it. I also can’t simply run the built artifacts from the Linux container in the macOS terminal - they have to be rebuilt first, which is quite frustrating.

Additionally, it would be great to be able to connect to the agent remotely, for example via a web-based interface such as https://opencode.ai/docs/web/.

The lack of port forwarding is a known limitation at the moment. But this is a community forum where Docker staff members are not regularly expected, so if you have ideas for required features, you can share them in the roadmap:

If you do, it would be great if you could also share the link of the new ticket here so other users can find it and join the conversation to support your feature idea.

@rimelek, thanks for clarifying this.
here is the link to the issue: Please make it possible to expose sandbox ports · Issue #891 · docker/roadmap · GitHub

The issue has been moved from docker/roadmap to docker/desktop-feedback, here is the new link:

• https://github.com/docker/desktop-feedback/issues/126

Also, while there is no proper solution, I made a temporary workaround:

• GitHub - DenysGonchar/ssh-over-tls: a workaround for docker sandbox port exposure · GitHub

Very good. Thank you for the feedback and your workaround. I tried something like that and failed, but it was before I figured out the network policies.