🚀 Socket Launch Week Day 4:Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection.Learn more
Sign In

@mastra/blaxel

Package Overview
Dependencies
Maintainers
1
Versions
194
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install
Package version was removed
This package version has been unpublished, mostly likely due to security reasons
This package has malicious versions linked to the ongoing "Mastra AI framework compromise" supply chain attack.

Affected versions:

0.4.2
View campaign page

@mastra/blaxel

Blaxel cloud sandbox provider for Mastra workspaces

unpublished
Source
npmnpm
Version
0.4.2
Version published
Weekly downloads
1.8K
-38.72%
Maintainers
1
Weekly downloads
 
Created
Source

@mastra/blaxel

Blaxel cloud sandbox provider for Mastra workspaces. Provides secure, isolated code execution environments with support for mounting cloud storage (S3, GCS) via FUSE.

Installation

npm install @mastra/blaxel

Usage

import { Agent } from '@mastra/core/agent';
import { Workspace } from '@mastra/core/workspace';
import { BlaxelSandbox } from '@mastra/blaxel';

const workspace = new Workspace({
  sandbox: new BlaxelSandbox({
    timeout: '5m', // sandbox TTL (default: 5 minutes)
    memory: 4096, // memory in MB (default: 4096)
    region: 'auto', // region selection (default: BL_REGION or auto)
  }),
});

const agent = new Agent({
  name: 'my-agent',
  model: 'anthropic/claude-opus-4-5',
  workspace,
});

Configuration Options

OptionTypeDefaultDescription
idstringauto-generatedUnique identifier for the sandbox instance
imagestring'blaxel/ts-app:latest'Docker image to use
memorynumber4096Memory allocation in MB
timeoutstring'5m'Sandbox TTL as a duration string (e.g. '5m', '1h')
regionstringBL_REGION or 'auto'Blaxel region where the sandbox should be created
envRecord<string, string>Environment variables to set in the sandbox
labelsRecord<string, string>Custom labels for the sandbox
runtimesSandboxRuntime[]['node', 'python', 'bash']Supported runtimes
portsArray<{ name?, target, protocol? }>Ports to expose from the sandbox

Mounting Cloud Storage

Blaxel sandboxes can mount S3 or GCS filesystems, making cloud storage accessible as a local directory inside the sandbox.

S3

import { Workspace } from '@mastra/core/workspace';
import { S3Filesystem } from '@mastra/s3';
import { BlaxelSandbox } from '@mastra/blaxel';

const workspace = new Workspace({
  mounts: {
    '/data': new S3Filesystem({
      bucket: 'my-bucket',
      region: 'us-east-1',
      accessKeyId: process.env.AWS_ACCESS_KEY_ID,
      secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY,
    }),
  },
  sandbox: new BlaxelSandbox(),
});

GCS

import { Workspace } from '@mastra/core/workspace';
import { GCSFilesystem } from '@mastra/gcs';
import { BlaxelSandbox } from '@mastra/blaxel';

const workspace = new Workspace({
  mounts: {
    '/data': new GCSFilesystem({
      bucket: 'my-bucket',
      serviceAccountKey: process.env.GCS_SERVICE_ACCOUNT_KEY,
    }),
  },
  sandbox: new BlaxelSandbox(),
});

Custom Images

For advanced use cases, you can specify a custom Docker image:

const workspace = new Workspace({
  sandbox: new BlaxelSandbox({
    image: 'my-custom-image:latest',
  }),
});

Documentation

For more information, see the Mastra Workspaces documentation.

FAQs

Package last updated on 17 Jun 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing Repository Access Permissions and Custom Roles

Product

Introducing Repository Access Permissions and Custom Roles

Socket now supports Custom Roles and Repository Access Permissions so organizations can control who can access specific repositories and actions.

By Joe Werle  -  Jun 19, 2026