npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

neckbeard-agent

v0.0.8

Published

Deploy AI agents to E2B sandboxes

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

zacwellmerzacwellmer

Keywords

aiagentdeploye2bsandboxclaude

Readme

neckbeard

There's a weird thing that happens when you try to deploy an AI agent.

Most people think of agents as fancy API calls. You send a prompt, you get a response. But that's not what's actually happening. The agent is running code. It's executing bash commands, writing files, installing packages. It runs for minutes at a time, maintaining state between steps. It's a process, not a request.

This creates an obvious problem: do you really want that process running on your production server?

Anthropic's answer is no. Their hosting docs say you should run the entire agent inside a sandbox. Not just intercept the dangerous tool calls—put the whole thing in a container where it can't escape.

That sounds simple. It's not.

The Plumbing Problem

Sandboxes like E2B give you a fresh Linux container. Your agent code lives in your repo. Bridging these two worlds is surprisingly annoying.

First, you have to get your code into the sandbox. You could bake it into a custom template, but then you're rebuilding templates every time you change a line. You could git clone on boot, but that's slow and requires auth. You could bundle and upload at runtime, which works, but now you're writing bundler configs.

Then you have to pass input. How do you get the user's prompt into a process running inside a sandbox? CLI arguments require escaping and have length limits. Environment variables have size limits. Writing to a file works, but adds boilerplate.

The worst part is output. When you run sandbox.exec("node agent.js"), you get back everything the process printed. SDK logs, debug output, streaming tokens, and somewhere in there, your actual result. Good luck parsing that reliably.

So you end up writing results to a file, reading it back, parsing JSON, validating the shape, handling errors. Every team building sandboxed agents writes some version of this plumbing. It's tedious.

What This Does

Neckbeard handles all of that so you can just write your agent:

import { Agent } from 'neckbeard-agent';
import { query } from '@anthropic-ai/claude-agent-sdk';
import { z } from 'zod';

const agent = new Agent({
  template: 'code-interpreter-v1',
  inputSchema: z.object({ topic: z.string() }),
  outputSchema: z.object({
    title: z.string(),
    summary: z.string(),
    keyPoints: z.array(z.string()),
  }),
  envs: {
    ANTHROPIC_API_KEY: process.env.ANTHROPIC_API_KEY,
  },
  run: async (input) => {
    for await (const message of query({
      prompt: `Research "${input.topic}" and return JSON`,
      options: { maxTurns: 10 },
    })) {
      if (message.type === 'result') {
        return JSON.parse(message.result ?? '{}');
      }
    }
  },
});

const sandboxId = await agent.deploy();  // bundles, uploads to E2B, returns sandboxId
const result = await agent.run({ topic: 'TypeScript generics' });

deploy() bundles your code with esbuild and uploads it. run() writes input to a file, executes, reads the result back, and validates it against your schema. You don't think about file paths or stdout parsing.

Setup

npm install neckbeard-agent
export E2B_API_KEY=your-key
export ANTHROPIC_API_KEY=your-key  # Pass via envs config, not auto-forwarded

The Details

The constructor takes a few options:

new Agent({
  template: string,             // E2B template (e.g. 'code-interpreter-v1')
  inputSchema: ZodSchema,
  outputSchema: ZodSchema,
  run: (input, ctx) => Promise,
  maxDuration?: number,        // seconds, default 300
  dependencies?: {
    apt?: string[],
    commands?: string[],
  },
  files?: [{ url, path }],     // pre-download into sandbox
  claudeDir?: string,          // upload .claude/ skills directory
  envs?: Record<string, string | undefined>, // environment variables for sandbox
})

deploy() returns the sandbox ID, which you can save for reconnecting later:

const sandboxId = await agent.deploy();
// Later, reconnect to the same sandbox:
const result = await agent.run({ topic: 'hello' }, { sandboxId });

The files option downloads things into the sandbox before your agent runs—useful for models or config files. Relative paths resolve from /home/user/.

The claudeDir option uploads a local .claude/ directory to the sandbox, enabling Claude Agent SDK skills. Point it at a directory containing .claude/skills/*/SKILL.md files.

The envs option passes environment variables to the sandbox. These are available to your agent code via process.env and ctx.env. Undefined values are filtered out:

const agent = new Agent({
  template: 'code-interpreter-v1',
  envs: {
    ANTHROPIC_API_KEY: process.env.ANTHROPIC_API_KEY,
    MY_API_KEY: process.env.MY_API_KEY,
  },
  // ...
});

Some packages can't be bundled because they spawn child processes or have native modules. The Claude Agent SDK is like this. These get automatically marked as external and installed via npm in the sandbox.

The run function gets a context object with an executionId, an AbortSignal, environment variables, and a logger.

License

MIT