Sandboxing untrusted code is crucial for safely running AI-generated code, customer scripts on multi-tenant platforms, and RL training pipelines. Various technologies, including Docker containers, microVMs, and WebAssembly modules, provide different levels of isolation for executing potentially harmful code.