feat: Add secure Python code execution with llm-sandbox support

[0xCUB3]

Flexible Python code execution validation system with three execution modes:

• Safe mode (default): Syntax validation only
• Unsafe execution: Direct subprocess execution with warnings
• Sandbox execution: Secure Docker-based execution via llm-sandbox

Elements

• Abstract backend architecture with pluggable execution strategies
• Import restrictions as an add'l security layer (AST-based analysis)
• Configurable timeouts for both unsafe and sandbox execution
• Safety warnings when using unsafe execution mode
• Fallbacks when llm-sandbox is not available

API

# Safe mode (default) - validation only
req = PythonExecutesWithoutError()

# Unsafe execution with warning
req = PythonExecutesWithoutError(allow_unsafe_execution=True, timeout=10)

# Secure sandbox execution
req = PythonExecutesWithoutError(use_sandbox=True, timeout=10)

# With import restrictions
req = PythonExecutesWithoutError(
    use_sandbox=True,
    allowed_imports=["os", "sys", "json"],
    timeout=10
)

Dependencies

• Adds llm-sandbox[docker]
• Requires Docker for sandbox functionality

Testing

# Run core tests (no Docker required)
python -m pytest test/stdlib_basics/test_reqlib_python.py -k "not sandbox"

# Run all tests including sandbox (requires Docker)
python -m pytest test/stdlib_basics/test_reqlib_python.py

No breaking changes. Existing code using PythonExecutesWithoutError() continues to work with safe validation mode.

TODO: Documentation, perhaps more rigorous testing on larger code chunks

[mergify]

Merge Protections

Your pull request matches the following merge protections and will not be merged until they are valid.

🟢 Enforce conventional commit

Wonderful, this rule succeeded.

Make sure that we follow https://www.conventionalcommits.org/en/v1.0.0/

• title ~= ^(fix|feat|docs|style|refactor|perf|test|build|ci|chore|revert|release)(?:\(.+\))?:

[jakelorocco]

Looks good! I left a few minor comments but the core of it looks nice. Please feel free to push back on anything you disagree with / let me know if you already talked to Nathan about any choices I've commented on.

Also, can you please rebase/merge main and resolve the uv.lock conflict as well?

[0xCUB3]

I pushed fixes for pre-commit errors relating to my code. There are still more errors but they seem to be unrelated to my changes. I would be happy to fix those too, but everything on my end should be good.

[jakelorocco]

I pushed fixes for pre-commit errors relating to my code. There are still more errors but they seem to be unrelated to my changes. I would be happy to fix those too, but everything on my end should be good.

@0xCUB3, yeah it looks like we likely haven't touched the folder your editing since we apparently forced those mypy changes in. Could you please just add # type: ignore to those lines? That way we can make sure your tests run on the github runner and merge your changes. Everything looks good to me!

[0xCUB3]

I pushed fixes for pre-commit errors relating to my code. There are still more errors but they seem to be unrelated to my changes. I would be happy to fix those too, but everything on my end should be good.

@0xCUB3, yeah it looks like we likely haven't touched the folder your editing since we apparently forced those mypy changes in. Could you please just add # type: ignore to those lines? That way we can make sure your tests run on the github runner and merge your changes. Everything looks good to me!

I added the ignores. The checks should hopefully pass now.

[0xCUB3]

Sorry about that... ran the linter again to fix the one remaining error.

[jakelorocco]

Looks like a test not related to your stuff failed. Let me take a look to make confirm, but we should be good to merge your PR.

[jakelorocco]

Okay, confirmed that it's a separate issue with an update to the litellm package we use. I will approve and merge this.