Sandbox Untrusted Code Execution
Harness Engineering
120-180 minutes0/4 steps0%
Step 1 of 4
Choose the isolation and define the policy
Decide what the boundary must hold before building it.
First time here? Paste the Context Pack first so the AI understands your project - open it from the header above.
Prompt Capsule
Design the sandbox. Choose the isolation technology available in my environment (containers via Docker/Podman are the default; microVMs or gVisor where stakes are higher; a restricted-user + namespace approach where containers are unavailable) and justify briefly. Write the policy document: FILESYSTEM - workspace mounted read-write at a fixed path, nothing else from the host; a scratch tmp; image-provided tooling read-only. RESOURCES - CPU cores, memory cap, pids limit, disk quota, wall-clock timeout per execution. NETWORK - default deny; allowlist (package registries, required APIs) with rationale per entry. LIFECYCLE - fresh or session-scoped sandbox, teardown rules. This document is the spec the next steps implement and the tests verify.
Paste into EmergentFull Build: complete implementation prompt with explicit requirements
Quick is short. Full Build is recommended for most steps. Strict forces real logic when the AI keeps faking output.
Actual change check
Expected after this step
An isolation choice plus a concrete policy spec.
Should NOT happen
- An existing feature broke
- A button only logs to console
- Data disappears after refresh
- Errors fail silently with no visible state
This is what should exist before you continue. If reality does not match, do not move on.
Track what changed, failed, or needs follow-up. Notes export with the flow.
Pass the Verify Gate to complete this step