---
id: capability.execution.sandbox-provision
name: Sandbox Provisioning
summary: Isolated execution environments for agentic development, e2e testing, and bounded automations — profile-based provision, TTL teardown, and State Hub lifecycle registration.
owner: sand-boxer
status: draft
domain: infotech
tags: [sandbox, isolation, provision, e2e, agentic, execution, profile]

maturity:
  discovery:
    current: D4
    target: D6
    confidence: high
    rationale: >
      Charter (INTENT.md), meta-framework spec (docs/meta-framework.md), and
      research synthesis define scope. First extension (ext.compose-ssh) in progress.
  availability:
    current: A2
    target: A5
    confidence: medium
    rationale: >
      CLI v0 and ext.compose-ssh scaffold land in SAND-WP-0002. SaaS extensions
      and payments deferred.

external_evidence:
  completeness:
    level: C2
    name: Partial
    confidence: medium
    basis: scope_vs_intent_and_consumer_expectations
    satisfied_expectations:
      - profile-based create/destroy via CLI
      - State Hub lifecycle events on transitions
    broken_expectations:
      - Real E2B/Modal adapters not yet built (saas-stub + credits v0 done)
      - wise-validator migration not complete
    out_of_scope_expectations:
      - agent harness and tool orchestration (glas-harness)
      - e2e test semantics (wise-validator)

consumption_modes:
  - CLI (sandboxer)
  - core library (Python)
  - HTTP API (planned)