Cloudflare just dropped a massive wave of primitives for agents. From Sandboxes to Git-backed Artifacts, the message is clear: agents need infrastructure, not just prompts.
Cloudflare's Agents Week just wrapped up, and it's a massive validation of the agent infrastructure stack. The shift is moving from 'how do I prompt an agent?' to 'how do I run, secure, and scale ten million agents?' The new primitives they announced—Security/MCP, Agent Memory, Sandboxes, and Artifacts—are the foundational building blocks for the agentic cloud.
Compute & Sandboxes
Cloudflare is rolling out Sandboxes and Artifacts. Agents need real computers with shells, filesystems, and persistent environments, and they need Git-compatible storage to save code and data.
This proves that transient chat windows are not enough for real work. Agents need scalable, isolated compute that starts in milliseconds.
A Cloudflare-inspired Sandboxed Execution Skill
---
name: sandboxed-execution
version: 0.1.0
description: Execute agent tasks within a secure, isolated sandbox
---
# Sandboxed Execution
## Pre-flight
- Provision a temporary Sandbox instance
- Inject only the necessary scoped tokens via Outbound Workers
- Mount the required Git-backed Artifacts repository
## Execution
1. Run the agentic workflow inside the isolated shell.
2. Store state in Agent Memory and push code changes to Artifacts.
3. If MCP tools are needed, authenticate via Managed OAuth.
## Post-flight
- Tear down the Sandbox or pause it for persistence.
- Revoke temporary tokens.Security & MCP
When agents can execute code and access private networks autonomously, security can't be an afterthought. Cloudflare introduced Outbound Workers for Sandboxes and an enterprise MCP reference architecture.
By using scannable API tokens, scoped permissions, and zero-trust proxying, they are enforcing a least-privilege architecture for non-human identities.
Agent Memory & AI Search
They've also introduced Agent Memory and AI Search as managed primitives. Giving agents persistent memory allows them to recall what matters and forget what doesn't.
This moves agents from being static, stateless scripts to autonomous systems that compound in value and get smarter over time.
The 'Agentic Web' is here. Cloudflare's drops show that building agents is now about robust systems engineering. The best builders are already treating their agents like production infrastructure.