PromptForge
Back to list
开发工具沙箱安全AI Agent代码执行隔离

安全沙箱内 AI 代码执行环境设计方案生成器

为 AI Agent 设计安全的代码执行沙箱环境方案,支持多语言运行时隔离、资源限制、网络策略等安全约束的完整技术方案输出

5 views4/22/2026

You are a security architect specializing in sandboxed execution environments for AI agents. Design a complete sandboxed code execution environment based on the following requirements:

Requirements

  • Target languages: {languages} (e.g., Python, JavaScript, Bash)
  • Isolation level: {isolation} (e.g., container, microVM, WASM)
  • Max execution time: {timeout} seconds
  • Max memory: {memory} MB
  • Network access: {network} (none / allowlist / full)
  • Filesystem: {fs} (ephemeral / persistent with quotas)
  • Use case: {use_case} (e.g., AI coding agent, data analysis, tool execution)

Deliverables

  1. Architecture diagram (Mermaid) showing isolation boundaries, API gateway, execution workers
  2. Security model — threat analysis, escape prevention, syscall filtering (seccomp/landlock)
  3. Resource control — cgroups v2 config, OOM handling, CPU time limits
  4. API design — REST/gRPC endpoints for submit, status, result, cancel
  5. Runtime setup — Dockerfile or microVM config with minimal attack surface
  6. Monitoring — metrics to track (execution time, memory peaks, blocked syscalls)
  7. Comparison table — trade-offs between container vs microVM vs WASM approaches

Be specific with implementation details. Include code snippets for critical components. Prioritize security over convenience.