Run agent-generated code in an isolated sandbox with resource limits, policy enforcement, and monitoring. Currently simulated (tracks resources without OS-level isolation), with architecture ready for real process-based sandboxing.
Part of the Plato ecosystem.
- Configurable resource limits — max memory (MB), max CPU time (ms), max output (bytes)
- Policy enforcement — filesystem, network, subprocess, command allowlists
- Resource monitoring — track memory peak, CPU time, output size during execution
- Isolation levels — Simulated (current), Process, Thread (architecture-ready)
- Violation reporting — detailed limit violations with actual vs. allowed values
use plato_sandbox::*;
let config = SandboxConfig::new(256, 10_000); // 256MB, 10s CPU
let mut sandbox = Sandbox::new(config);
sandbox.set_policy(SandboxPolicy::restrictive()); // no fs, no net, no subprocess
// Check policy before execution
assert!(!sandbox.check_policy("network"));
// Execute code
let result = sandbox.execute("print('hello')", "python")?;
println!("Output: {}", result.output);
println!("Duration: {}ms", result.duration_ms);let policy = SandboxPolicy {
allow_filesystem: true,
allow_network: false,
allow_subprocess: false,
allowed_commands: vec!["python".into(), "node".into()],
};Guards agent code execution. Before any agent-generated code runs, the sandbox checks plato-policy, enforces resource limits, and reports results. Used by plato-shell when agents need to compute.
[dependencies]
plato-sandbox = "0.1"MIT