Awesome-Agent-Skills-for-Empirical-Research sandbox-execution-guide
Secure sandboxed code execution environments for reproducible research computing
install
source · Clone the upstream repo
git clone https://github.com/brycewang-stanford/Awesome-Agent-Skills-for-Empirical-Research
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/brycewang-stanford/Awesome-Agent-Skills-for-Empirical-Research "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/43-wentorai-research-plugins/skills/tools/code-exec/sandbox-execution-guide" ~/.claude/skills/brycewang-stanford-awesome-agent-skills-for-empirical-research-sandbox-execution && rm -rf "$T"
manifest:
skills/43-wentorai-research-plugins/skills/tools/code-exec/sandbox-execution-guide/SKILL.mdsource content
Sandbox Execution Guide
A skill for setting up and using sandboxed code execution environments for research computing. Covers containerized execution, security considerations, resource management, and integration with research workflows.
Why Sandboxed Execution?
Research code often requires:
- Isolation from the host system for security
- Reproducible environments across machines
- Resource limits to prevent runaway computations
- Multi-language support (Python, R, Julia, MATLAB)
Docker-Based Sandboxes
Creating a Research Container
# Dockerfile for a reproducible research environment FROM python:3.11-slim # System dependencies RUN apt-get update && apt-get install -y --no-install-recommends \ build-essential \ gfortran \ libopenblas-dev \ && rm -rf /var/lib/apt/lists/* # Create non-root user for security RUN useradd -m -s /bin/bash researcher USER researcher WORKDIR /home/researcher # Pin all dependencies COPY requirements.txt . RUN pip install --user --no-cache-dir -r requirements.txt # Copy project files COPY --chown=researcher:researcher . /home/researcher/project WORKDIR /home/researcher/project # Resource limits set at runtime, not build time CMD ["python", "main.py"]
Running with Resource Limits
# Run with CPU, memory, and time constraints docker run \ --cpus="2.0" \ --memory="4g" \ --memory-swap="4g" \ --pids-limit=100 \ --network=none \ --read-only \ --tmpfs /tmp:size=512m \ --timeout 3600 \ research-sandbox:latest python analysis.py # Mount data as read-only, output directory as writable docker run \ -v /data/raw:/data:ro \ -v /data/results:/output:rw \ --cpus="4.0" \ --memory="16g" \ research-sandbox:latest python pipeline.py
Python Sandbox with Resource Limits
Process-Level Isolation
import subprocess import resource import signal import tempfile import os def run_sandboxed(code: str, timeout: int = 60, max_memory_mb: int = 512) -> dict: """ Execute Python code in a sandboxed subprocess with resource limits. Args: code: Python code string to execute timeout: Maximum execution time in seconds max_memory_mb: Maximum memory in megabytes """ with tempfile.NamedTemporaryFile(mode='w', suffix='.py', delete=False) as f: f.write(code) script_path = f.name try: result = subprocess.run( ['python', '-u', script_path], capture_output=True, text=True, timeout=timeout, env={ 'PATH': '/usr/bin:/usr/local/bin', 'HOME': '/tmp', 'PYTHONDONTWRITEBYTECODE': '1' } ) return { 'stdout': result.stdout, 'stderr': result.stderr, 'returncode': result.returncode, 'timed_out': False } except subprocess.TimeoutExpired: return { 'stdout': '', 'stderr': f'Execution timed out after {timeout}s', 'returncode': -1, 'timed_out': True } finally: os.unlink(script_path) # Example usage result = run_sandboxed(""" import numpy as np data = np.random.randn(1000) print(f"Mean: {data.mean():.4f}") print(f"Std: {data.std():.4f}") """, timeout=30, max_memory_mb=256) print(result['stdout'])
Nix-Based Reproducible Environments
For maximum reproducibility, use Nix to pin every dependency including system libraries:
# shell.nix for a research project { pkgs ? import (fetchTarball { url = "https://github.com/NixOS/nixpkgs/archive/nixos-23.11.tar.gz"; }) {} }: pkgs.mkShell { buildInputs = with pkgs; [ python311 python311Packages.numpy python311Packages.scipy python311Packages.pandas python311Packages.matplotlib python311Packages.scikit-learn R rPackages.ggplot2 rPackages.dplyr ]; shellHook = '' echo "Research sandbox activated" echo "Python: $(python --version)" echo "R: $(R --version | head -1)" ''; }
# Enter the reproducible environment nix-shell shell.nix # Or use flakes for even better reproducibility nix develop
Security Best Practices
When running untrusted or third-party code:
- Network isolation: Use
in Docker to prevent data exfiltration--network=none - Filesystem restrictions: Mount data as read-only, limit writable paths
- Resource caps: Always set CPU, memory, and time limits
- User isolation: Run as non-root user inside the container
- Syscall filtering: Use seccomp profiles to restrict system calls
- Output sanitization: Validate and sanitize all output before processing
Integration with CI/CD
Automate research pipeline execution with GitHub Actions:
name: Research Pipeline on: push: paths: ['src/**', 'data/**'] jobs: run-analysis: runs-on: ubuntu-latest container: image: research-sandbox:latest options: --cpus 4 --memory 8g steps: - uses: actions/checkout@v4 - run: python src/01_preprocess.py - run: python src/02_analyze.py - run: python src/03_visualize.py - uses: actions/upload-artifact@v4 with: name: results path: output/
This ensures every commit triggers a fresh, sandboxed execution of the full pipeline, catching environment-dependent bugs and ensuring reproducibility.