Secure sandbox for code execution with remote module loading

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for phanes-25 from gravatar.com phanes-25

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Phanes
  • Tags sandbox , security , remote , module , loader
  • Requires: Python >=3.8
Classifiers
Report project as malware

Project description

py-sandbox

The Courier - Secure code execution and remote module loading for Φ-linux

PyPI Python

Overview

py-sandbox is a dual-purpose package:

  1. Public Feature: Safe execution of untrusted Python code in isolated sandboxes
  2. Private Feature: Remote module loading with automatic fallback for Φ-linux infrastructure

Installation

pip install py-sandbox

Quick Start

Sandbox Execution (Public)

from py_sandbox import run, check

# Execute untrusted code safely
result = run('x = 2 + 2')
print(result)  # {'x': 4, 'success': True}

# Check code safety before execution
is_safe = check('import os; os.system("rm -rf /")')
print(is_safe)  # False

Remote Module Loading (Courier)

from py_sandbox import remote

# Configure primary endpoint
remote.configure(
    endpoint='https://your-endpoint.com/modules',
    api_key='your-api-key'
)

# Load module with automatic fallback
result = remote.load('heartbeat')
print(result)
# {'status': 'alive', 'timestamp': '...', 'source': 'n8n'}

Architecture

┌─────────────────────────────────────────────────┐
│              remote.load('module')                │
└───────────────────────┬─────────────────────────┘
                        │
          ┌─────────────┴─────────────┐
          │                           │
          ▼                           ▼
┌─────────────────┐         ┌─────────────────┐
│    PRIMARY      │         │    FALLBACK     │
│  HTTP Endpoint  │───▶     │  PyPI Package   │
│  (n8n/custom)   │ fails   │  (always up)    │
└─────────────────┘         └─────────────────┘
   ↓ Live updates             ↓ Stable version
   ↓ API key auth             ↓ Auto-install
   ↓ Custom modules           ↓ Cached locally

Modules

sandbox.py

Safe code execution with restricted builtins:

from py_sandbox import run

# Allowed: basic operations, math, string manipulation
result = run('''
import math
area = math.pi * 5**2
''')

# Blocked: file access, network, system commands
result = run('import os')  # Raises ImportError

cache.py

Local caching with TTL support:

from py_sandbox import cache

cache.set('key', 'value', ttl=3600)
value = cache.get('key')
cache.delete('key')
cache.clear()
stats = cache.stats()

verify.py

Integrity verification:

from py_sandbox import verify

hash_value = verify.sha256('content')
is_valid = verify.check('content', expected_hash)
signature = verify.sign('content', 'secret')

remote.py (The Courier)

Remote module loading with fallback:

from py_sandbox import remote

# Configure
remote.configure(
    endpoint='https://your-server.com/modules',
    api_key='secret-key',
    timeout=30,
    use_cache=True,
    cache_ttl=3600,
    fallback_package='phi-linux-modules'
)

# Load with auto-fallback
result = remote.load('heartbeat', use_fallback=True)

# Check status
status = remote.status()
print(status)
# {
#   'primary': {'ok': True, 'status_code': 200},
#   'fallback': {'ok': True, 'installed': True}
# }

# Multiple endpoints
result = remote.fallback('module', [
    ('https://primary.com', 'key1'),
    ('https://backup.com', 'key2'),
])

Environment Variables

Variable Description Default
PY_SANDBOX_ENDPOINT Primary HTTP endpoint (none)
PY_SANDBOX_KEY API key for authentication (none)
PY_SANDBOX_FALLBACK PyPI fallback package phi-linux-modules

Security

Sandbox Isolation

  • Restricted builtins (no open, exec, eval, etc.)
  • Import blocking for dangerous modules (os, sys, subprocess)
  • Timeout protection against infinite loops
  • Memory limits via execution constraints

Remote Loading

  • Bearer token authentication
  • Optional SHA256 hash verification
  • TLS/HTTPS transport encryption
  • Automatic fallback to known-good PyPI packages

Container Constraints

Designed for environments with restricted network access:

Resource Status
pypi.org ✅ Whitelisted
files.pythonhosted.org ✅ Whitelisted
github.com/* ❌ Blocked
Custom domains ❌ Blocked (proxy required)

Development

# Clone
git clone https://github.com/phanes19122025-cmyk/phi-linux.git
cd phi-linux/claude_container/py_sandbox

# Install in dev mode
pip install -e .

# Run tests
python -m pytest

Publishing to PyPI

Manual

python -m build
twine upload dist/*

Automatic (GitHub Actions)

Tag a release to trigger auto-publish:

git tag v0.2.1
git push --tags
# GitHub Actions builds and uploads to PyPI

Related Packages

  • phi-linux-modules: PyPI fallback package with embedded modules
  • @phi/modules: npm emergency fallback (experimental)

License

MIT

Φ-linux Courier System | Built for resilience

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for phanes-25 from gravatar.com phanes-25

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Phanes
  • Tags sandbox , security , remote , module , loader
  • Requires: Python >=3.8
Classifiers

Release history Release notifications | RSS feed

0.2.6

This version

0.2.5

0.2.0

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

py_sandbox-0.2.5.tar.gz (11.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

py_sandbox-0.2.5-py3-none-any.whl (11.1 kB view details)

Uploaded Python 3

File details

Details for the file py_sandbox-0.2.5.tar.gz.

File metadata

  • Download URL: py_sandbox-0.2.5.tar.gz
  • Upload date:
  • Size: 11.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for py_sandbox-0.2.5.tar.gz
Algorithm Hash digest
SHA256 71f4ec501c9612524daae0ca7313e16370d81814484c701c40b8580eda0349a2
MD5 0ea2e2ac6928972c73ead1b9c99e68cb
BLAKE2b-256 ee928575c6cf49db13f7e8753174ddb35fa2ce4dfb5b6722cb96bf1c38615ee5

See more details on using hashes here.

Provenance

The following attestation bundles were made for py_sandbox-0.2.5.tar.gz:

Publisher: publish-pypi.yml on phanes19122025-cmyk/phi-linux

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file py_sandbox-0.2.5-py3-none-any.whl.

File metadata

  • Download URL: py_sandbox-0.2.5-py3-none-any.whl
  • Upload date:
  • Size: 11.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for py_sandbox-0.2.5-py3-none-any.whl
Algorithm Hash digest
SHA256 7ac1150d934cf1a61931111a3cdbbca202f9451a376147b0cfe6481cb22c5829
MD5 4b8984271603a8525c4cfc1f9e741277
BLAKE2b-256 391cdbe0863df940d438744b19f756d4ee8e8f9a24829ea80e08c7678de6ead7

See more details on using hashes here.

Provenance

The following attestation bundles were made for py_sandbox-0.2.5-py3-none-any.whl:

Publisher: publish-pypi.yml on phanes19122025-cmyk/phi-linux

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page