Simon Willison's Weblog: vercel

New sandboxes from Cloudflare and Vercel

2025-06-26T01:41:32+00:00

Two interesting new products for running code in a sandbox today.

Cloudflare launched their Containers product in open beta, and added a new Sandbox library for Cloudflare Workers that can run commands in a "secure, container-based environment":

import { getSandbox } from "@cloudflare/sandbox";
const sandbox = getSandbox(env.Sandbox, "my-sandbox");
const output = sandbox.exec("ls", ["-la"]);

Vercel shipped a similar feature, introduced in Run untrusted code with Vercel Sandbox, which enables code that looks like this:

import { Sandbox } from "@vercel/sandbox";

const sandbox = await Sandbox.create();
await sandbox.writeFiles([
    { path: "script.js", stream: Buffer.from(result.text) },
  ]);
await sandbox.runCommand({
    cmd: "node",
    args: ["script.js"],
    stdout: process.stdout,
    stderr: process.stderr,
});

In both cases a major intended use-case is safely executing code that has been created by an LLM.

Tags: sandboxing, ai, cloudflare, generative-ai, llms, vercel

Quoting Jared Palmer

2025-02-07T06:39:38+00:00

Confession: we've been hiding parts of v0's responses from users since September. Since the launch of DeepSeek's web experience and its positive reception, we realize now that was a mistake. From now on, we're also showing v0's full output in every response. This is a much better UX because it feels faster and it teaches end users how to prompt more effectively.

— Jared Palmer, VP of AI at Vercel

Tags: ux, ai, prompt-engineering, generative-ai, llms, vercel, deepseek, ai-in-china, prompt-to-app

Leaked system prompts from Vercel v0

2024-11-25T21:17:44+00:00

Leaked system prompts from Vercel v0

v0 is Vercel's entry in the increasingly crowded LLM-assisted development market - chat with a bot and have that bot build a full application for you.

They've been iterating on it since launching in October last year, making it one of the most mature products in this space.

Somebody leaked the system prompts recently. Vercel CTO Malte Ubl said this:

When @v0 first came out we were paranoid about protecting the prompt with all kinds of pre and post processing complexity.

We completely pivoted to let it rip. A prompt without the evals, models, and especially UX is like getting a broken ASML machine without a manual

Tags: ai, prompt-engineering, prompt-injection, generative-ai, llms, ai-assisted-programming, vercel, evals, prompt-to-app

Skew protection in Vercel

2024-03-20T14:06:38+00:00

Skew protection in Vercel

Version skew is a name for the bug that occurs when your user loads a web application and then unintentionally keeps that browser tab open across a deployment of a new version of the app. If you’re unlucky this can lead to broken behaviour, where a client makes a call to a backend endpoint that has changed in an incompatible way.

Vercel have an ingenious solution to this problem. Their platform already makes it easy to deploy many different instances of an application. You can now turn on “skew protection” for a number of hours which will keep older versions of your backend deployed.

The application itself can then include its desired deployment ID in a x-deployment-id header, a __vdpl cookie or a ?dpl= query string parameter.

Via Vercel changes

Tags: frontend, zero-downtime, vercel