A travel planning agent built with Microsoft Agent Framework and Azure OpenAI. What makes it interesting is how tools run code safely — the agent sends LLM-generated Python to an Azure Container Apps Dynamic Session Pool, a sandboxed code interpreter that executes untrusted code in an isolated container, completely separate from the agent process.
When an AI agent needs to run code — fetch live weather data, generate charts, do math — you have two options: run it in your process (risky) or run it in a sandbox (safe). This project demonstrates both side by side. The ACA Dynamic Session agent sends LLM-generated code to a managed sandbox with network egress, file I/O, and pre-installed packages — but zero access to your host.
The key moment happens here, in chart_sandbox_aca.py:
exec_result = execute_in_sandbox(
code=sandbox_code,
session_id=session_id,
pool_management_endpoint=pool_management_endpoint,
auth_header=auth_header,
timeout=60,
)The agent asks Azure OpenAI to generate matplotlib charting code, then ships it to a Session Pool for execution. The sandbox runs the code, saves a PNG, and the agent downloads it back. If anything fails, it falls back to local execution gracefully.
| Component | Purpose |
|---|---|
| Microsoft Agent Framework | Agent runtime with middleware, telemetry, and DevUI |
| Azure OpenAI (GPT-4o) | LLM for conversation and code generation |
| ACA Session Pools | Sandboxed Python code interpreter (PythonLTS, Dynamic) |
| Azure Container Apps | Hosts the agent as a container |
| Application Insights | Observability — invoke_agent, chat, execute_tool spans |
The agent ships with two variants you can switch between in the DevUI dropdown:
- Tools run in ACA Dynamic Session (default) — tools execute in a secure sandbox
- Tools run along main Agent — tools execute locally in the agent process
Prompt 1 — Say hello and let it learn your preferences:
Hey
The agent greets you and asks what kind of trip you're looking for.
Prompt 2 — Ask for weather-based travel advice:
I'm contemplating between Miami and Tokyo in May depending on weather.
The agent calls the research_weather tool to fetch 14-day forecasts for both cities, then presents a side-by-side comparison with temperatures, precipitation, and rainy days. It suggests creating a visual chart.
Prompt 3 — Request the chart:
yes, please plot the chart
The agent generates matplotlib code via Azure OpenAI, executes it in the ACA Session Pool sandbox, downloads the resulting PNG, and displays a dark-themed dual-subplot chart comparing temperature trends and precipitation bars for both cities.
- Python 3.11+
- Azure Developer CLI (azd)
- An Azure subscription
- An Azure OpenAI resource with a GPT-4o deployment
- Clone and install dependencies
git clone <repo-url>
cd AF.AMR.VibeCoded
python -m venv .venv
.venv\Scripts\activate
pip install --pre -r requirements.txt- Configure environment
Copy .env.example to .env and fill in your values:
# Azure OpenAI (required)
AZURE_OPENAI_ENDPOINT=https://your-instance.openai.azure.com/
AZURE_OPENAI_API_KEY=your_api_key
AZURE_OPENAI_API_VERSION=preview
AZURE_OPENAI_DEPLOYMENT_NAME=gpt-4o
# ACA Session Pool (required for sandbox agent, optional for local agent)
ACA_POOL_MANAGEMENT_ENDPOINT=https://your-region.dynamicsessions.io/subscriptions/.../sessionPools/your-pool
# Application Insights (optional)
APPLICATIONINSIGHTS_CONNECTION_STRING=InstrumentationKey=...- Run the application
python main.py- Open DevUI at
http://localhost:80, select an agent from the dropdown, and start chatting.
The project includes full infrastructure-as-code via Bicep. A single command provisions everything — Azure OpenAI, Container Apps, Session Pool with egress enabled, Container Registry, Application Insights, and managed identity with the correct role assignments.
azd auth login
azd init
azd upThis will:
- Build the Docker image
- Create a resource group with all Azure resources
- Push the image to Azure Container Registry
- Deploy to Azure Container Apps
- Configure the Session Pool with
EgressEnablednetwork access - Wire up all environment variables and managed identity credentials
├── main.py # Entry point — creates agents, starts DevUI
├── agents/
│ └── travel_agent.py # Agent name, description, and system instructions
├── tools/
│ ├── aca_auth.py # ACA Session Pool auth and execution helpers
│ ├── chart_sandbox_aca.py # LLM-generated chart code → ACA sandbox
│ ├── chart_sandbox_local.py # Local chart generation fallback
│ ├── chart_server.py # Chart URL helpers (served by main app)
│ ├── weather_sandbox_aca.py # Weather research in ACA sandbox
│ ├── weather_sandbox_local.py # Local weather research (Open-Meteo API)
│ └── travel_tools.py # Tool factory — routes to local or ACA
├── infra/
│ ├── main.bicep # Orchestrator — all Azure resources
│ ├── main.parameters.json
│ └── core/ # Bicep modules (host, ai, security, monitor)
├── azure.yaml # azd project definition
├── Dockerfile # Python 3.11 container
└── requirements.txt
- Microsoft Agent Framework
- Azure Container Apps Dynamic Sessions
- Azure Container Apps Session Pools — Code Interpreter
- Azure Developer CLI (azd)
- Azure OpenAI Service
MIT License — Sample/Demo Application