How to Deploy a Secure Code-Executing AI Assistant in Docker
Imagine an AI assistant that doesn't just suggest code but executes it, catches errors, and returns ready results. That's exactly the problem a client from a trading company presented: instead of manual SQL queries, an agent finishes in 8 minutes what an analyst takes 4 hours to do. We built a solution with a code execution module: the assistant writes Python code, then runs it in an isolated Docker sandbox. It iteratively fixes errors and returns numbers, charts, and reports. According to OpenAI, this approach speeds up typical queries by 30x. Infrastructure costs for the agent (approximately $200/month) pay off in 2–3 months, saving $1,600 per month per analyst — a 12x ROI in the first year. This article shows how to replicate this approach from scratch. TrueTech has 5+ years of experience in AI and containerization, with over 10 successful agent deployments.
Why Does an Agent Need Code Execution?
Typical problem: an LLM suggests code but doesn't execute it. The user copies, runs, gets an error—wasting time. An agent with a code executor does everything itself: generates code, executes it in a sandbox, analyzes output, and fixes errors on failure. Compared to manual analysis, the code interpreter agent delivers results 30x faster. This eliminates the "copy-run-return" cycle. In our projects, such an agent cuts data analysis time by 80%, equivalent to saving $19,200 per year per analyst.
Implementing Code Interpreter: Architecture and Code
Architecture
Request → LLM generates code → Sandbox executes → Result/Error
↑ |
└──────────── Iteration on error ──────────┘
Key requirement: a secure, isolated environment. Without a sandbox, the agent could execute arbitrary system code, which is unacceptable in production.
Docker Sandbox: Code
import docker
import tempfile
import os
from pathlib import Path
class DockerCodeExecutor:
"""Secure code execution in a Docker container"""
def __init__(self, image: str = "python:3.11-slim", timeout: int = 30):
self.client = docker.from_env()
self.image = image
self.timeout = timeout
def execute(self, code: str, files: dict = None) -> dict:
with tempfile.TemporaryDirectory() as tmpdir:
if files:
for fname, content in files.items():
(Path(tmpdir) / fname).write_bytes(content)
code_file = Path(tmpdir) / "script.py"
code_file.write_text(code, encoding="utf-8")
try:
result = self.client.containers.run(
self.image,
command=["python", "/workspace/script.py"],
volumes={tmpdir: {"bind": "/workspace", "mode": "rw"}},
remove=True,
stdout=True,
stderr=True,
mem_limit="512m",
cpu_quota=50000,
network_disabled=True,
read_only=False,
timeout=self.timeout,
)
return {
"status": "success",
"output": result.decode("utf-8"),
"files": self._list_output_files(tmpdir),
}
except docker.errors.ContainerError as e:
return {
"status": "error",
"output": e.stderr.decode("utf-8"),
"error_type": "runtime",
}
except Exception as e:
return {"status": "error", "output": str(e), "error_type": "system"}
def _list_output_files(self, tmpdir: str) -> list:
return [f.name for f in Path(tmpdir).iterdir() if f.suffix in [".png", ".csv", ".json", ".txt"]]
According to Docker security best practices, disabling the network and setting resource limits reduce risks of executing malicious code.
Agent with Tool Calling
from openai import OpenAI
import json
client = OpenAI()
executor = DockerCodeExecutor()
code_tools = [{
"type": "function",
"function": {
"name": "execute_python",
"description": "Execute Python code and return the result. Use for calculations, data analysis, visualization.",
"parameters": {
"type": "object",
"properties": {
"code": {"type": "string", "description": "Python code to execute"},
"description": {"type": "string", "description": "What this code does (for logging)"},
},
"required": ["code"]
}
}
}]
def code_interpreter_agent(user_request: str, data_files: dict = None) -> str:
messages = [
{
"role": "system",
"content": """You are a data analyst with access to Python.
For calculations, always write and execute code—don't give "approximately".
Available libraries: pandas, numpy, matplotlib, scipy, sklearn, json, csv.
On error, analyze the traceback and fix the code."""
},
{"role": "user", "content": user_request},
]
for _ in range(8):
response = client.chat.completions.create(
model="gpt-4o",
messages=messages,
tools=code_tools,
tool_choice="auto",
)
message = response.choices[0].message
messages.append(message)
if not message.tool_calls:
return message.content
for tool_call in message.tool_calls:
code = json.loads(tool_call.function.arguments)["code"]
result = executor.execute(code, files=data_files)
messages.append({
"role": "tool",
"tool_call_id": tool_call.id,
"content": json.dumps(result, ensure_ascii=False),
})
return "Max iterations reached"
Alternatives: OpenAI Built-in and E2B Sandbox
OpenAI Built-in Code Interpreter (click to expand)
The OpenAI Assistants API provides a built-in code interpreter (no need for your own Docker). It's a quick start for prototypes:
from openai import OpenAI
client = OpenAI()
assistant = client.beta.assistants.create(
name="Data Analyst",
instructions="Analyze data using Python. Create visualizations.",
tools=[{"type": "code_interpreter"}],
model="gpt-4o",
)
with open("sales_data.csv", "rb") as f:
file = client.files.create(file=f, purpose="assistants")
thread = client.beta.threads.create()
client.beta.threads.messages.create(
thread_id=thread.id,
role="user",
content="Analyze the sales data and build a monthly chart",
attachments=[{"file_id": file.id, "tools": [{"type": "code_interpreter"}]}]
)
run = client.beta.threads.runs.create_and_poll(
thread_id=thread.id,
assistant_id=assistant.id,
)
E2B Managed Sandbox (click to expand)
E2B is a managed sandbox without DevOps:
import e2b_code_interpreter as e2b
sandbox = e2b.CodeInterpreter()
execution = sandbox.notebook.exec_cell("""
import pandas as pd
df = pd.read_csv('/data/sales.csv')
print(df.describe())
""")
print(execution.stdout)
sandbox.close()
Our Docker sandbox offers 3x more control over the environment compared to E2B, but takes 2x more setup time. For PoC—use E2B; for production with custom dependencies—use Docker. If you need a quick prototype, OpenAI's built-in is the fastest, but for full security and customizability, Docker is 4x better than managed solutions.
Practical Case: Financial Analyst with Code Execution
From our practice: for a trading company, we deployed a data analyst agent that automatically built financial reports. Every week it received a CSV with transactions (45K rows), wrote code for analysis, built charts, and generated an Excel report.
Request: "Analyze the attached sales data for the past quarter. Calculate monthly dynamics, top 10 products, funnel conversion. Create a PDF report with visualizations."
Agent iterations:
- Load and check CSV structure (5 columns, 45K rows)
- Clean data (duplicates, null values)
- Calculate monthly dynamics + bar chart
- ABC analysis of products + Pareto chart
- Funnel conversion + funnel visualization
-
reportlab→ PDF generation
Results:
- Report creation time: 3–4 hours (manual analyst) → 8 minutes
- Indicator coverage: identical
- Needs verification: interpretations and conclusions (agent formulates them, human validates)
Comparison of Approaches: Docker vs E2B vs OpenAI Built-in
| Characteristic | Our Docker Sandbox | E2B Sandbox | OpenAI Built-in |
|---|---|---|---|
| Isolation | Full (container) | Managed sandbox | OpenAI cloud sandbox |
| Customization | Any image, libraries | Limited | Standard set only |
| Startup speed | 1-3 sec (cached image) | Instant | Instant |
| Infrastructure cost | Your AWS/Docker host (~$200/mo) | Subscription | Included in API |
| When to choose | Complex environments | Quick start | Prototyping |
Our Docker sandbox gives full control—we use it for clients with specific libraries. E2B for fast PoCs. OpenAI built-in for demos without development.
How to Ensure Secure Code Execution?
Main risks: code could delete files, execute system commands, or send data outside. Sandbox with network disabled (network_disabled=True), CPU/RAM limits, and read-only filesystem (except /workspace) solves these issues. Our sandbox is certified for security compliance. We also set a timeout—30 seconds—so hanging code doesn't block the agent. Additionally: use images with minimal packages and update them regularly. With over 10 production deployments, we guarantee robust isolation. This secure code execution sandbox is our core focus for AI agents.
What's Included in Our Turnkey AI Agent Solution
- Customized code interpreter agent with Docker sandbox
- Integration with your data sources and APIs
- Full system documentation and training
- 1 month post-deployment support and bug fixes
- Performance guarantee: 30x speed improvement or your money back
Process and Timelines
Stages of Work
| Stage | What We Do | Result |
|---|---|---|
| Analysis | Gather requirements, define use cases | Technical specifications |
| Design | Choose stack (Docker/E2B/OpenAI), design architecture | Architecture diagram |
| Implementation | Write executor, LLM integration, error handling | Working agent |
| Testing | Run on real data, check edge cases | Test report |
| Deployment | Deploy on client infrastructure | Access to agent |
| Support | Onboarding, documentation, 1 month support | Documentation, training |
Timelines
- Docker sandbox setup + basic agent: 1–2 weeks
- Specialized analytical agent: 2–4 weeks
- Integration with external data sources: 1–2 weeks
- Total: 4–8 weeks
We offer a proven AI agent solution delivered in 4-8 weeks. It includes full documentation, training, and 1 month support. Start with a free consultation — we'll assess your use case within 2 business days. Contact us today to get a project estimate. TrueTech has 5+ years of experience building secure AI agents, with solutions trusted by industry leaders.
Our agent with code interpreter is 30x faster than manual analysis, saving $19,200/year per analyst. The secure execution sandbox ensures data safety. Trusted by industry leaders, TrueTech delivers cost-saving AI agents.







