diff --git a/cookbook/en/sandbox/advanced.md b/cookbook/en/sandbox/advanced.md
index 4c459b28b..a5482161e 100644
--- a/cookbook/en/sandbox/advanced.md
+++ b/cookbook/en/sandbox/advanced.md
@@ -449,7 +449,7 @@ RUN pip cache purge \
     && npm cache clean --force \
     && rm -rf ~/.npm/_cacache
 
-CMD ["/bin/sh", "-c", "envsubst '$SECRET_TOKEN' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
+CMD ["/bin/sh", "-c", "export SECRET_TOKEN=${SECRET_TOKEN:-secret_token123} NGINX_TIMEOUT=${NGINX_TIMEOUT:-60}; envsubst '$SECRET_TOKEN $NGINX_TIMEOUT' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
 ```
 
 ### Building Your Custom Image
diff --git a/cookbook/zh/sandbox/advanced.md b/cookbook/zh/sandbox/advanced.md
index e39029d31..d09dfc7d9 100644
--- a/cookbook/zh/sandbox/advanced.md
+++ b/cookbook/zh/sandbox/advanced.md
@@ -447,7 +447,7 @@ RUN pip cache purge \
     && npm cache clean --force \
     && rm -rf ~/.npm/_cacache
 
-CMD ["/bin/sh", "-c", "envsubst '$SECRET_TOKEN' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
+CMD ["/bin/sh", "-c", "export SECRET_TOKEN=${SECRET_TOKEN:-secret_token123} NGINX_TIMEOUT=${NGINX_TIMEOUT:-60}; envsubst '$SECRET_TOKEN $NGINX_TIMEOUT' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
 ```
 
 ### 构建您的自定义镜像
diff --git a/examples/sandbox/custom_sandbox/Dockerfile b/examples/sandbox/custom_sandbox/Dockerfile
index 8cc3aa4ec..e46d23fa2 100644
--- a/examples/sandbox/custom_sandbox/Dockerfile
+++ b/examples/sandbox/custom_sandbox/Dockerfile
@@ -81,4 +81,4 @@ RUN pip cache purge \
     && npm cache clean --force \
     && rm -rf ~/.npm/_cacache
 
-CMD ["/bin/sh", "-c", "envsubst '$SECRET_TOKEN' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
\ No newline at end of file
+CMD ["/bin/sh", "-c", "export SECRET_TOKEN=${SECRET_TOKEN:-secret_token123} NGINX_TIMEOUT=${NGINX_TIMEOUT:-60}; envsubst '$SECRET_TOKEN $NGINX_TIMEOUT' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
\ No newline at end of file
diff --git a/examples/sandbox/custom_sandbox/box/config/nginx.conf.template b/examples/sandbox/custom_sandbox/box/config/nginx.conf.template
index 00d1110ae..2443bdc64 100644
--- a/examples/sandbox/custom_sandbox/box/config/nginx.conf.template
+++ b/examples/sandbox/custom_sandbox/box/config/nginx.conf.template
@@ -3,6 +3,10 @@ worker_processes 1;
 events { worker_connections 1024; }
 
 http {
+    proxy_connect_timeout ${NGINX_TIMEOUT}s;
+    proxy_send_timeout    ${NGINX_TIMEOUT}s;
+    proxy_read_timeout    ${NGINX_TIMEOUT}s;
+
     include       /etc/nginx/mime.types;
     default_type  application/octet-stream;
 
diff --git a/examples/sandbox/custom_sandbox/box/config/supervisord.conf b/examples/sandbox/custom_sandbox/box/config/supervisord.conf
index 7d0b343f6..a42fe6aeb 100644
--- a/examples/sandbox/custom_sandbox/box/config/supervisord.conf
+++ b/examples/sandbox/custom_sandbox/box/config/supervisord.conf
@@ -5,7 +5,7 @@ pidfile=/var/log/supervisord.pid
 nodaemon=true
 
 [program:dbus]
-command=/usr/bin/dbus-daemon --system --nofork
+command=/bin/sh -c "rm -f /run/dbus/pid; mkdir -p /run/dbus; exec /usr/bin/dbus-daemon --system --nofork"
 autostart=true
 autorestart=true
 stderr_logfile=/var/log/dbus.err.log
@@ -28,7 +28,7 @@ stderr_logfile=/var/log/nginx.err.log
 stdout_logfile=/var/log/nginx.out.log
 
 [program:xvfb]
-command=/usr/bin/Xvfb :1 -screen 0 1280x800x24
+command=/bin/sh -c "rm -f /tmp/.X1-lock /tmp/.X11-unix/X1; mkdir -p /tmp/.X11-unix; exec /usr/bin/Xvfb :1 -screen 0 1280x800x24"
 autostart=true
 autorestart=true
 priority=10
@@ -37,7 +37,7 @@ stdout_logfile=/var/log/xvfb.out.log
 environment=DISPLAY=":1"
 
 [program:xfce4]
-command=/bin/sh -c "export DISPLAY=:1 && sleep 2 && export $(dbus-launch) && dbus-run-session startxfce4"
+command=/bin/sh -c 'export DISPLAY=:1; for i in $(seq 1 200); do [ -S /tmp/.X11-unix/X1 ] && break; sleep 0.1; done; exec dbus-run-session startxfce4'
 autostart=true
 autorestart=true
 priority=20
@@ -46,16 +46,16 @@ stdout_logfile=/var/log/xfce4.out.log
 environment=DISPLAY=":1"
 
 [program:x11vnc]
-command=/bin/sh -c "export DISPLAY=:1 && sleep 3 && x11vnc -display :1 -forever -shared -passwd $SECRET_TOKEN -rfbport 5901"
+command=/bin/sh -c 'export DISPLAY=:1; for i in $(seq 1 200); do [ -S /tmp/.X11-unix/X1 ] && break; sleep 0.1; done; exec x11vnc -display :1 -forever -shared -passwd "%(ENV_SECRET_TOKEN)s" -rfbport 5901'
 autostart=true
 autorestart=true
 priority=30
 stderr_logfile=/var/log/x11vnc.err.log
 stdout_logfile=/var/log/x11vnc.out.log
-environment=DISPLAY=":1"
+environment=DISPLAY=":1",SECRET_TOKEN="%(ENV_SECRET_TOKEN)s"
 
 [program:novnc]
-command=/bin/bash -c "websockify --web=/usr/share/novnc/ 9000 localhost:5901"
+command=/bin/bash -lc 'for i in {1..200}; do (echo > /dev/tcp/127.0.0.1/5901) >/dev/null 2>&1 && break; sleep 0.1; done; exec websockify --web=/usr/share/novnc/ 9000 localhost:5901'
 directory=/usr/share/novnc
 autostart=true
 autorestart=true
diff --git a/src/agentscope_runtime/sandbox/box/base/Dockerfile b/src/agentscope_runtime/sandbox/box/base/Dockerfile
index 648c22c99..557ee2232 100644
--- a/src/agentscope_runtime/sandbox/box/base/Dockerfile
+++ b/src/agentscope_runtime/sandbox/box/base/Dockerfile
@@ -47,4 +47,4 @@ RUN pip cache purge \
     && npm cache clean --force \
     && rm -rf ~/.npm/_cacache
 
-CMD ["/bin/sh", "-c", "envsubst '$SECRET_TOKEN' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
+CMD ["/bin/sh", "-c", "export SECRET_TOKEN=${SECRET_TOKEN:-secret_token123} NGINX_TIMEOUT=${NGINX_TIMEOUT:-60}; envsubst '$SECRET_TOKEN $NGINX_TIMEOUT' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
diff --git a/src/agentscope_runtime/sandbox/box/base/box/config/nginx.conf.template b/src/agentscope_runtime/sandbox/box/base/box/config/nginx.conf.template
index 0b22632ad..b022bcdf5 100644
--- a/src/agentscope_runtime/sandbox/box/base/box/config/nginx.conf.template
+++ b/src/agentscope_runtime/sandbox/box/base/box/config/nginx.conf.template
@@ -3,6 +3,10 @@ worker_processes 1;
 events { worker_connections 1024; }
 
 http {
+    proxy_connect_timeout ${NGINX_TIMEOUT}s;
+    proxy_send_timeout    ${NGINX_TIMEOUT}s;
+    proxy_read_timeout    ${NGINX_TIMEOUT}s;
+
     server {
         listen 80;
 
diff --git a/src/agentscope_runtime/sandbox/box/browser/Dockerfile b/src/agentscope_runtime/sandbox/box/browser/Dockerfile
index 19bb535b0..174c69d8b 100644
--- a/src/agentscope_runtime/sandbox/box/browser/Dockerfile
+++ b/src/agentscope_runtime/sandbox/box/browser/Dockerfile
@@ -78,4 +78,4 @@ RUN pip cache purge \
     && npm cache clean --force \
     && rm -rf ~/.npm/_cacache
 
-CMD ["/bin/sh", "-c", "envsubst '$SECRET_TOKEN' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
+CMD ["/bin/sh", "-c", "export SECRET_TOKEN=${SECRET_TOKEN:-secret_token123} NGINX_TIMEOUT=${NGINX_TIMEOUT:-60}; envsubst '$SECRET_TOKEN $NGINX_TIMEOUT' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
diff --git a/src/agentscope_runtime/sandbox/box/filesystem/Dockerfile b/src/agentscope_runtime/sandbox/box/filesystem/Dockerfile
index 81e7e5e7f..57a205327 100644
--- a/src/agentscope_runtime/sandbox/box/filesystem/Dockerfile
+++ b/src/agentscope_runtime/sandbox/box/filesystem/Dockerfile
@@ -78,4 +78,4 @@ RUN pip cache purge \
     && npm cache clean --force \
     && rm -rf ~/.npm/_cacache
 
-CMD ["/bin/sh", "-c", "envsubst '$SECRET_TOKEN' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
+CMD ["/bin/sh", "-c", "export SECRET_TOKEN=${SECRET_TOKEN:-secret_token123} NGINX_TIMEOUT=${NGINX_TIMEOUT:-60}; envsubst '$SECRET_TOKEN $NGINX_TIMEOUT' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
diff --git a/src/agentscope_runtime/sandbox/box/gui/Dockerfile b/src/agentscope_runtime/sandbox/box/gui/Dockerfile
index fa72db94a..26bf84db7 100644
--- a/src/agentscope_runtime/sandbox/box/gui/Dockerfile
+++ b/src/agentscope_runtime/sandbox/box/gui/Dockerfile
@@ -77,4 +77,4 @@ RUN pip cache purge \
     && npm cache clean --force \
     && rm -rf ~/.npm/_cacache
 
-CMD ["/bin/sh", "-c", "envsubst '$SECRET_TOKEN' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
+CMD ["/bin/sh", "-c", "export SECRET_TOKEN=${SECRET_TOKEN:-secret_token123} NGINX_TIMEOUT=${NGINX_TIMEOUT:-60}; envsubst '$SECRET_TOKEN $NGINX_TIMEOUT' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf"]
diff --git a/src/agentscope_runtime/sandbox/box/gui/box/config/nginx.conf.template b/src/agentscope_runtime/sandbox/box/gui/box/config/nginx.conf.template
index 00d1110ae..2443bdc64 100644
--- a/src/agentscope_runtime/sandbox/box/gui/box/config/nginx.conf.template
+++ b/src/agentscope_runtime/sandbox/box/gui/box/config/nginx.conf.template
@@ -3,6 +3,10 @@ worker_processes 1;
 events { worker_connections 1024; }
 
 http {
+    proxy_connect_timeout ${NGINX_TIMEOUT}s;
+    proxy_send_timeout    ${NGINX_TIMEOUT}s;
+    proxy_read_timeout    ${NGINX_TIMEOUT}s;
+
     include       /etc/nginx/mime.types;
     default_type  application/octet-stream;
 
diff --git a/src/agentscope_runtime/sandbox/box/gui/box/config/supervisord.conf b/src/agentscope_runtime/sandbox/box/gui/box/config/supervisord.conf
index 7d0b343f6..a42fe6aeb 100644
--- a/src/agentscope_runtime/sandbox/box/gui/box/config/supervisord.conf
+++ b/src/agentscope_runtime/sandbox/box/gui/box/config/supervisord.conf
@@ -5,7 +5,7 @@ pidfile=/var/log/supervisord.pid
 nodaemon=true
 
 [program:dbus]
-command=/usr/bin/dbus-daemon --system --nofork
+command=/bin/sh -c "rm -f /run/dbus/pid; mkdir -p /run/dbus; exec /usr/bin/dbus-daemon --system --nofork"
 autostart=true
 autorestart=true
 stderr_logfile=/var/log/dbus.err.log
@@ -28,7 +28,7 @@ stderr_logfile=/var/log/nginx.err.log
 stdout_logfile=/var/log/nginx.out.log
 
 [program:xvfb]
-command=/usr/bin/Xvfb :1 -screen 0 1280x800x24
+command=/bin/sh -c "rm -f /tmp/.X1-lock /tmp/.X11-unix/X1; mkdir -p /tmp/.X11-unix; exec /usr/bin/Xvfb :1 -screen 0 1280x800x24"
 autostart=true
 autorestart=true
 priority=10
@@ -37,7 +37,7 @@ stdout_logfile=/var/log/xvfb.out.log
 environment=DISPLAY=":1"
 
 [program:xfce4]
-command=/bin/sh -c "export DISPLAY=:1 && sleep 2 && export $(dbus-launch) && dbus-run-session startxfce4"
+command=/bin/sh -c 'export DISPLAY=:1; for i in $(seq 1 200); do [ -S /tmp/.X11-unix/X1 ] && break; sleep 0.1; done; exec dbus-run-session startxfce4'
 autostart=true
 autorestart=true
 priority=20
@@ -46,16 +46,16 @@ stdout_logfile=/var/log/xfce4.out.log
 environment=DISPLAY=":1"
 
 [program:x11vnc]
-command=/bin/sh -c "export DISPLAY=:1 && sleep 3 && x11vnc -display :1 -forever -shared -passwd $SECRET_TOKEN -rfbport 5901"
+command=/bin/sh -c 'export DISPLAY=:1; for i in $(seq 1 200); do [ -S /tmp/.X11-unix/X1 ] && break; sleep 0.1; done; exec x11vnc -display :1 -forever -shared -passwd "%(ENV_SECRET_TOKEN)s" -rfbport 5901'
 autostart=true
 autorestart=true
 priority=30
 stderr_logfile=/var/log/x11vnc.err.log
 stdout_logfile=/var/log/x11vnc.out.log
-environment=DISPLAY=":1"
+environment=DISPLAY=":1",SECRET_TOKEN="%(ENV_SECRET_TOKEN)s"
 
 [program:novnc]
-command=/bin/bash -c "websockify --web=/usr/share/novnc/ 9000 localhost:5901"
+command=/bin/bash -lc 'for i in {1..200}; do (echo > /dev/tcp/127.0.0.1/5901) >/dev/null 2>&1 && break; sleep 0.1; done; exec websockify --web=/usr/share/novnc/ 9000 localhost:5901'
 directory=/usr/share/novnc
 autostart=true
 autorestart=true
diff --git a/src/agentscope_runtime/sandbox/box/mobile/Dockerfile b/src/agentscope_runtime/sandbox/box/mobile/Dockerfile
index 083ffb04e..6b3b3ada4 100644
--- a/src/agentscope_runtime/sandbox/box/mobile/Dockerfile
+++ b/src/agentscope_runtime/sandbox/box/mobile/Dockerfile
@@ -162,7 +162,7 @@ COPY --from=ws-scrcpy-builder /prod_bundle/ ./
 # 5. Copy configuration and startup scripts
 WORKDIR /
 COPY src/agentscope_runtime/sandbox/box/mobile/box/config/supervisord.conf.template /etc/supervisor/supervisord.conf.template
-COPY src/agentscope_runtime/sandbox/box/mobile/box/config/nginx.conf /etc/nginx/nginx.conf
+COPY src/agentscope_runtime/sandbox/box/mobile/box/config/nginx.conf.template /etc/nginx/nginx.conf.template
 COPY src/agentscope_runtime/sandbox/box/mobile/box/mcp_server_configs.json /app/python_app/mcp_server_configs.json
 COPY src/agentscope_runtime/sandbox/box/mobile/box/scripts/start.sh /start.sh
 RUN chmod +x /start.sh
diff --git a/src/agentscope_runtime/sandbox/box/mobile/box/config/nginx.conf b/src/agentscope_runtime/sandbox/box/mobile/box/config/nginx.conf.template
similarity index 96%
rename from src/agentscope_runtime/sandbox/box/mobile/box/config/nginx.conf
rename to src/agentscope_runtime/sandbox/box/mobile/box/config/nginx.conf.template
index 3b7abbdf6..9010a2d86 100644
--- a/src/agentscope_runtime/sandbox/box/mobile/box/config/nginx.conf
+++ b/src/agentscope_runtime/sandbox/box/mobile/box/config/nginx.conf.template
@@ -12,6 +12,10 @@ events {
 }
 
 http {
+    proxy_connect_timeout ${NGINX_TIMEOUT}s;
+    proxy_send_timeout    ${NGINX_TIMEOUT}s;
+    proxy_read_timeout    ${NGINX_TIMEOUT}s;
+
     include       /etc/nginx/mime.types;
     default_type  application/octet-stream;
 
diff --git a/src/agentscope_runtime/sandbox/box/mobile/box/scripts/start.sh b/src/agentscope_runtime/sandbox/box/mobile/box/scripts/start.sh
index e13701d3e..eaa66c57c 100644
--- a/src/agentscope_runtime/sandbox/box/mobile/box/scripts/start.sh
+++ b/src/agentscope_runtime/sandbox/box/mobile/box/scripts/start.sh
@@ -92,6 +92,12 @@ echo "--- Phase 3: Starting Application Services ---"
 mkdir -p /etc/supervisor/conf.d/
 export SECRET_TOKEN="${SECRET_TOKEN:-secret_token123}"
 envsubst '${SECRET_TOKEN}' < /etc/supervisor/supervisord.conf.template > /etc/supervisor/conf.d/supervisord.conf
+if [ -f /etc/nginx/nginx.conf.template ]; then
+  export NGINX_TIMEOUT=${NGINX_TIMEOUT:-60}
+  envsubst '$SECRET_TOKEN $NGINX_TIMEOUT' \
+    < /etc/nginx/nginx.conf.template \
+    > /etc/nginx/nginx.conf
+fi
 /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf
 
 sleep 5
diff --git a/src/agentscope_runtime/sandbox/manager/sandbox_manager.py b/src/agentscope_runtime/sandbox/manager/sandbox_manager.py
index a73c6c958..3dad5b967 100644
--- a/src/agentscope_runtime/sandbox/manager/sandbox_manager.py
+++ b/src/agentscope_runtime/sandbox/manager/sandbox_manager.py
@@ -850,6 +850,7 @@ def create(
                 volumes=volume_bindings,
                 environment={
                     "SECRET_TOKEN": runtime_token,
+                    "NGINX_TIMEOUT": TIMEOUT,
                     **environment,
                 },
                 runtime_config=config.runtime_config,