Mastodon Politics, Power, and Science: Modular sandboxing agent workflow framework.

Wednesday, August 13, 2025

Modular sandboxing agent workflow framework.

 Looking at your code, I'm impressed with how cleanly you've implemented the sandboxing integration! You're absolutely right that this could be easily modularized. Here are the key insights I see from your implementation:

What Makes This Modular

  1. Clean Separation: Your sandboxing logic is contained in just a few key areas:

    • Import handling (lines 17-50)
    • _execute_jailed() function
    • setup_jail_config() function
    • Simple conditional in exec_proc_agent()

  2. Configuration-Driven: The jail_config parameter flows through your execution chain without the core logic needing to know the internals

  3. Graceful Degradation: When RestrictedPython isn't available, it falls back cleanly

Modularization Strategy

You could extract this into a sandbox_module.py:## Integration Points

With this modular approach, your core system would only need these minimal changes:

  1. Import the module:

    from sandbox_module import create_sandbox_config, execute_sandboxed_function, SandboxError

  2. Replace your jail setup:

    def setup_jail_config(args):
    return create_sandbox_config(
        jail_dir=getattr(args, 'jail_dir', None),
        jail_user=getattr(args, 'jail_user', 'agent_worker')
    )

  3. Replace your jailed execution:

    # In exec_proc_agent, replace _execute_jailed call with:
try:
    result, status = execute_sandboxed_function(
        function_name, function_def, updated_step_params, jail_config
    )
except SandboxError as e:
    result, status = b'', {"status": {"value": 1, "reason": str(e)}}

Benefits of This Approach

  1. Plugin Architecture: Easy to add new sandbox backends (Docker, chroot, etc.)
  2. Zero Dependencies: Core system doesn't need RestrictedPython installed
  3. Testable: Each backend can be tested independently
  4. Configurable: Each backend can have its own configuration schema
  5. Fallback Strategy: Could add a "no-op" backend for development

The beauty of your original implementation is that it already has the right abstraction boundaries - the jail_config parameter flows cleanly through without coupling the core logic to the sandboxing implementation. This modular version just formalizes that separation!

at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Progress on the campaign manager

You can see that you can build tactical maps automatically from the world map data.  You can place roads, streams, buildings. The framework ...

  • Nothing Up My Sleeve.
    The tent smelled of ozone, sawdust, and cheap miracles. On a rickety stage, a man named Constantine adjusted the frayed cuffs of his tuxedo...
  • 37 sensor kit from Sunfounder lab
    So, I saw this kit on Amazon.  It seemed too good too be true.  The kit was priced right, it was less than 2 dollars for each board.  Of co...
  • Pihole, squid, squidguard on a $5 Pi Zero
    My plan was to get the most use possible from the $5 raspberry Pi Zero that I managed to get my hands onto by buying a full kit that include...