Sandboxing
Firecracker/gVisor container. No filesystem access outside workspace. No network beyond allowlist. CPU/memory caps.
Advertisement
Package restrictions
Preinstalled safe packages. Block pip install of arbitrary. Sanitized dependency list.
Advertisement
Time limits
Kill after 60s. Prevents runaway loops + cryptomining.