OpenAI is expanding its Agents SDK with new features aimed at helping companies build AI agents that are safer to run, easier to deploy, and better suited for more complex enterprise work.
In its product announcement, OpenAI said the updated toolkit helps developers build agents that can inspect files, run commands, edit code, and work on long-horizon tasks within controlled sandbox environments.
OpenAI is adding more structure around how agents work
The core shift is not a new model, but more infrastructure around how agents operate in production.
OpenAI said developers need more than the best models and require systems that support how agents inspect files, run commands, write code, and keep working across many steps.
The company said the updated SDK now includes a more capable harness for the agent loop, with configurable memory, sandbox-aware orchestration, Codex-like filesystem tools, and standardized integrations for tools and workflows that are becoming common in frontier-agent systems.
TechCrunch highlighted the same point in more practical terms, saying the updated SDK introduces features intended to make agent development less risky and more useful for real business tasks.
Karan Sharma, who works on OpenAI’s product team, told TechCrunch that this launch, at its core, is about taking our existing Agents SDK and making it so it’s compatible with all of these sandbox providers.
He added that the goal is to help users build these long-horizon agents using OpenAI’s harness and their own infrastructure.
Native sandboxing is a major safety addition
One of the most important additions is native sandbox execution. OpenAI said the updated SDK supports sandbox execution natively, allowing agents to run in controlled computer environments with the files, tools, and dependencies they need for a task.
The company said this matters because many useful agents need a workspace where they can read and write files, install dependencies, run code, and use tools safely.
OpenAI also said developers can either bring their own sandbox or use built-in support for providers including Blaxel, Cloudflare, Daytona, E2B, Modal, Runloop, and Vercel.
The new sandboxing ability lets agents operate in controlled computer environments, which is especially important because running agents in a totally unsupervised way can be risky.
The report added that with sandbox integration, agents can work in a siloed capacity within a workspace, accessing files and code for specific operations while helping protect the system’s broader integrity.
OpenAI is also pushing a stronger enterprise security case
OpenAI’s announcement makes clear that security is central to the update. The company said agent systems should be designed assuming prompt-injection and exfiltration attempts, and argued that separating the harness from the compute layer helps keep credentials out of environments where model-generated code executes.
It also said that this architecture improves durability and scale, because agents can recover from failed containers and continue from checkpoints, while also routing subagents into isolated environments and parallelizing work across containers.
That enterprise angle also showed up in early customer feedback cited by OpenAI. Rachael Burns, staff engineer and AI tech lead at Oscar Health, said the updated Agents SDK made it production-viable to automate a critical clinical records workflow that previous approaches couldn’t handle reliably enough.
That kind of example suggests OpenAI is trying to position the SDK less as an experimental developer tool and more as infrastructure for regulated, high-stakes workflows.
Available now, with more features still coming
OpenAI said the new Agents SDK capabilities are generally available to all customers via the API and use standard API pricing, based on tokens and tool use.
The company also said the new harness and sandbox tools are launching first in Python, with TypeScript support planned for a future release. Additional features, including code mode and subagents, are also in development for both Python and TypeScript.
The same rollout plan, noting that OpenAI intends to keep expanding the SDK over time.
For OpenAI, the update is another sign that the AI race is shifting from chatbots toward tools that can actually execute work.
The company is betting that enterprises do not just want smarter agents — they want agents that can run inside safer boundaries, use files and tools more reliably, and stay manageable when deployed in production.
