The Dagger team have released Container Use, an open-source tool designed to streamline how AI-based coding agents operate by giving each one its own containerized sandbox and Git worktree, enabling parallel, conflict-free workflows. Rather than manually juggling clones or git stash, developers can safely run multiple agents on the same codebase without interference, thanks to isolated development environments managed by Container Use.
When activated, for example, from within the Zed editor, Container Use automates the creation of new agent environments using lightweight containers (via Dagger) and Git worktrees. Each environment operates independently, yet developers can easily switch contexts using commands like container-use list, watch, log, or diff. The containers support interactive debugging, service tunneling, and terminal access, allowing full control over each agent task.
With the Zed editor, users can enable a dedicated “background” profile where Container Use manages agent tasks independently from interactive editing sessions. When needed, developers can jump into an agent’s terminal, review its command history, or intervene directly, all while maintaining the stability of their core project environment.
According to the Dagger team, traditional agent workflows often involve complex directory structures or meticulous staging to prevent conflicts, particularly in monorepos or multi-agent setups. Container Use aims to improve this process by pairing container isolation with Git worktree flexibility, offering real-time visibility, simple intervention points, and a developer-friendly interface.
It is important to note that Container Use is still considered to be in early development, and so there are known issues and further refinement to be made. One user raised a request on GitHub to allow executing container-use tools directly from the terminal, highlighting a gap in accessibility and debugging capabilities:
“When debugging why a tool is failing, I would find it useful to be able to call the same tool from a terminal.”
Several tools provide similar functionality by running AI-generated code in isolated containers or sandboxes, ensuring safe and parallel execution:
<SandboxAI is an open-source runtime designed to execute AI-generated Python code and shell commands inside isolated Docker-based sandboxes. It supports local execution via Docker and plans Kubernetes support. SandboxAI integrates with AI agent frameworks like CrewAI, enabling safe and scalable agent workflows.
Modal Sandboxes offer a scalable, serverless environment where devs can define sandboxed sessions in a single line of Python. These sandboxes launch on Modal’s container fabric supporting gVisor-based isolation, providing fast, secure, and autoscaling infrastructure ideal for AI code execution.
E2B is an open-source runtime tailored for AI agents, supporting fast sandbox launches (under 200ms), multi-language execution (Python, JavaScript, Ruby, C++), and usage of Firecracker microVMs for enhanced security. It also supports self-hosting for enterprises that require complete control.
Code Sandbox MCP offers a lightweight MCP server that runs AI agent code snippets inside containers. It supports Python and JavaScript execution locally, enabling tool-based agent integration while maintaining code privacy and isolation.
Also noteworthy is Uzi, a CLI tool that runs multiple AI coding agents in parallel by orchestrating isolated Git worktrees per agent using tmux. Though not container-based, its worktree-based isolation helps prevent interference between agents’ workflows in monorepo environments.
These tools underscore a growing trend: isolating AI agent tasks, either through containerization, virtualization, or file-system worktrees, enhances safety, scalability, and developer control. Whether using Docker, serverless sandboxes, microVMs, or Git isolation, these frameworks enable developers to leverage autonomous AI tools without compromising the integrity of their codebase or environment.
