Logic Apps agents execute code in Hyper-V sandboxes
Azure Logic Apps now runs agent-generated Python, JavaScript, C#, and PowerShell in isolated containers, eliminating the need to call external Functions for mid-workflow data transformation.
May 28, 2026
Summary
Integration workflows can now inline code generation and execution within the same security boundary, reducing latency and external API calls. Hallucinated destructive code cannot escape the sandbox, shifting risk from deployment to execution.
Why it matters
Integration workflows can now inline code generation and execution within the same security boundary, reducing latency and external API calls. Hallucinated destructive code cannot escape the sandbox, shifting risk from deployment to execution.
Implementation verdict
Replaces Azure Function invocations for lightweight transformations in agent loops. Requires Azure Container Apps session pool and public preview opt-in. Ready now if you're already on Logic Apps Agent Loop; overhead is provisioning ACA infrastructure.
Sources
- 1.Each code interpreter session runs in its own Hyper-V boundary, a hardware-level isolation primitive that Microsoft also uses for its own untrusted workloads.
- 2.an LLM can receive a natural-language instruction, generate code to fulfill it, execute that code in a secure sandbox, and return the results, all within a single governed workflow
- 3.Logic Apps Agent Loop is best suited when your scenario requires orchestrating across multiple enterprise systems, ERP, CRM, databases, APIs, with built-in governance, retry logic, and audit trails.
- 4.Logic Apps code interpreters are available now in public preview
Dev Signal
Get briefs like this in your inbox — free, 3x a week.
100+ sources compressed into one 4-minute read. Ranked, cited, implementation-ready.