Vibe.Eval.Sandbox (vibe v0.2.0)

Sandboxed Elixir evaluation via Dune for untrusted input.

Used by the web console eval widget and Telegram gateway where code comes from external users, not the agent. Restricts execution to safe modules/functions with memory and reduction limits.

Requires the optional dune dependency. Returns {:error, :unavailable} when Dune is not installed.

Custom allowlist

The default allowlist permits standard library functions plus read-only Vibe introspection APIs. Configure additional modules:

config :vibe, :sandbox_allowlist, MyApp.CustomAllowlist

Summary

Types

result()

Functions

available?()

eval(code, opts \\ [])

Types

result()

@type result() ::
  {:ok, %{value: term(), inspected: String.t(), stdio: String.t()}}
  | {:error, String.t()}
  | {:error, :unavailable}

Functions

available?()

@spec available?() :: boolean()

eval(code, opts \\ [])

@spec eval(
  String.t(),
  keyword()
) :: result()