Zerobox is a process sandboxing SDK and CLI that restricts AI coding assistants like OpenAI Codex from unauthorized file writes, network calls, or credential exposure. It uses a deny-by-default model where allowed paths, domains, and credential injections must be explicitly configured. The project provides multi-language SDKs (Rust, TypeScript, Python) to integrate sandboxing into AI agent workflows, and supports credential injection that only reveals secrets to approved destinations.