Inspect AI extension for policy-enforced sandbox environments

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Dedulus from gravatar.com Dedulus
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Requires: Python >=3.11
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

Inspect Policy Sandbox Extension

A standalone extension for Inspect AI that provides a policy-enforced sandbox environment.

Overview

The inspect-policy-sandbox extension allows you to wrap any existing Inspect sandbox environment (e.g., local, docker) and enforce strict policies on:

  • Execution: Allow or deny specific commands.
  • Read Access: Allow or deny reading specific files.
  • Write Access: Allow or deny writing to specific files.

When a policy violation occurs, the extension:

  1. Raises a SandboxPolicyViolationError (subclass of PermissionError).
  2. Logs a SandboxEvent with result=1 and reason="policy".

Installation

Install from PyPI (recommended)

pip install inspect-policy-sandbox

Usage

Enable the extension in your Inspect task by specifying the sandbox type as policy-sandbox.

You can configure the policy via task metadata or configuration.

Example Task

from inspect_ai import Task, eval
from inspect_ai.dataset import FieldSpec
from inspect_ai.solver import system_message

# Define task using the policy sandbox
task = Task(
    dataset=[], 
    solver=[system_message("Run a command")],
    sandbox="policy-sandbox",
    sandbox_config={
        # Configuration for the inner sandbox (if needed)
    }
)

# Pass policy configuration in metadata at runtime or task definition
# Note: Currently policy configuration is extracted from sample metadata or task metadata 
# depending on how you pass it. The extension looks for a 'policy' dictionary in metadata.

Policy Configuration

The policy is defined by a dictionary with the following keys:

  • deny_exec: List of glob patterns for commands to deny (e.g., ["rm", "sudo"]).
  • allow_exec: List of glob patterns for commands to allow (whitelist).
  • deny_read: List of glob patterns for files to deny reading.
  • allow_read: List of glob patterns for files to allow reading.
  • deny_write: List of glob patterns for files to deny writing.
  • allow_write: List of glob patterns for files to allow writing.

Example Metadata:

{
  "policy": {
    "deny_exec": ["rm", "curl"],
    "deny_write": ["/etc/*"]
  },
  "inner_sandbox": "local"
}

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Dedulus from gravatar.com Dedulus
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Requires: Python >=3.11
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

This version

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

inspect_policy_sandbox-0.1.4.tar.gz (6.3 kB view details)

Uploaded Source

File details

Details for the file inspect_policy_sandbox-0.1.4.tar.gz.

File metadata

  • Download URL: inspect_policy_sandbox-0.1.4.tar.gz
  • Upload date:
  • Size: 6.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for inspect_policy_sandbox-0.1.4.tar.gz
Algorithm Hash digest
SHA256 0a2df2cd56f025d6068d4671ebf4aaec18b870794f6717684f524f2bb316acbb
MD5 1f04f42866868dd33b74f32df39df2d2
BLAKE2b-256 614b9b864ffeab2c5af1882264c88095a884e620f6a213139c310a3217492f42

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page