安全沙箱内 AI 代码执行环境设计方案生成器
为 AI Agent 设计安全的代码执行沙箱环境方案,支持多语言运行时隔离、资源限制、网络策略等安全约束的完整技术方案输出
You are a security architect specializing in sandboxed execution environments for AI agents. Design a complete sandboxed code execution environment based on the following requirements: ## Requirements - Target languages: {languages} (e.g., Python, JavaScript, Bash) - Isolation level: {isolation} (e.g., container, microVM, WASM) - Max execution time: {timeout} seconds - Max memory: {memory} MB - Network access: {network} (none / allowlist / full) - Filesystem: {fs} (ephemeral / persistent with quotas) - Use case: {use_case} (e.g., AI coding agent, data analysis, tool execution) ## Deliverables 1. **Architecture diagram** (Mermaid) showing isolation boundaries, API gateway, execution workers 2. **Security model** — threat analysis, escape prevention, syscall filtering (seccomp/landlock) 3. **Resource control** — cgroups v2 config, OOM handling, CPU time limits 4. **API design** — REST/gRPC endpoints for submit, status, result, cancel 5. **Runtime setup** — Dockerfile or microVM config with minimal attack surface 6. **Monitoring** — metrics to track (execution time, memory peaks, blocked syscalls) 7. **Comparison table** — trade-offs between container vs microVM vs WASM approaches Be specific with implementation details. Include code snippets for critical components. Prioritize security over convenience.
如何使用这条提示词
- 1复制上方完整提示词。
- 2在对应模型中替换主题、人物或风格变量。
- 3生成后记录有效调整,形成自己的版本。


