Skip to main content
Nullspace does not require a long-lived local tunnel before you can work with a sandbox. Most CLI commands connect directly to the hosted API using a sandbox ID.

Inspect A Sandbox

nullspace sandbox get sb_123
nullspace sandbox metrics sb_123 --json
If you do not know the ID, list sandboxes first: 
nullspace sandbox list --state running
Commands that operate on a paused auto-resumable sandbox may wake it before continuing. Use nullspace sandbox get sb_123 for inspection when you only need metadata and do not want to depend on command execution.

Run A Command

nullspace sandbox exec sb_123 --shell "uname -a && pwd"
For long-running commands, start a background process and reconnect through the process commands: 
nullspace sandbox exec sb_123 --shell "python3 -m http.server 8080" --background
nullspace sandbox process list sb_123
nullspace sandbox process logs sb_123 1234
nullspace sandbox process attach sb_123 1234

Open An Interactive Terminal

Use PTY sessions when you need an interactive shell: 
nullspace sandbox pty create sb_123 --cols 120 --rows 30
nullspace sandbox pty list sb_123
nullspace sandbox pty connect sb_123 --session-id ses_123
Use the session_id from sandbox pty create with --session-id. Numeric pid reconnect remains available for legacy scripts. You can resize or kill a session later: 
nullspace sandbox pty resize sb_123 ses_123 --cols 160 --rows 40
nullspace sandbox pty kill sb_123 ses_123

Expose A Service

Start a service inside the sandbox, then request a signed URL: 
nullspace sandbox exec sb_123 --shell "cd /workspace && python3 -m http.server 8080" --background
nullspace sandbox url sb_123 8080
nullspace sandbox url sb_123 8080 --websocket
For host-level connection metadata: 
nullspace sandbox host sb_123 8080 --json

SSH

Use the SSH guide when your tool expects an OpenSSH transport instead of CLI commands: 
nullspace ssh sb_123
nullspace ssh sb_123 -- python --version
nullspace sandbox ssh-access sb_123 --print-command
See SSH Access for certificate-backed relay access and the legacy signed WebSocket proxy fallback.