{"id":46192307,"url":"https://github.com/onyx-dot-app/python-sandbox","last_synced_at":"2026-03-03T01:03:41.895Z","repository":{"id":324633337,"uuid":"1066013670","full_name":"onyx-dot-app/python-sandbox","owner":"onyx-dot-app","description":"Secure and lightweight Python code execution environment for LLMs","archived":false,"fork":false,"pushed_at":"2026-02-19T20:20:08.000Z","size":2887,"stargazers_count":12,"open_issues_count":0,"forks_count":3,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-19T23:30:19.282Z","etag":null,"topics":["ai-agents","code-execution","code-interpreter","gpt","python","sandbox"],"latest_commit_sha":null,"homepage":"https://www.onyx.app/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/onyx-dot-app.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2025-09-28T21:53:59.000Z","updated_at":"2026-02-19T20:20:11.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/onyx-dot-app/python-sandbox","commit_stats":null,"previous_names":["onyx-dot-app/code-interpreter","onyx-dot-app/python-sandbox"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/onyx-dot-app/python-sandbox","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/onyx-dot-app%2Fpython-sandbox","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/onyx-dot-app%2Fpython-sandbox/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/onyx-dot-app%2Fpython-sandbox/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/onyx-dot-app%2Fpython-sandbox/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/onyx-dot-app","download_url":"https://codeload.github.com/onyx-dot-app/python-sandbox/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/onyx-dot-app%2Fpython-sandbox/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30028230,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-03T00:31:48.536Z","status":"ssl_error","status_checked_at":"2026-03-03T00:30:56.176Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agents","code-execution","code-interpreter","gpt","python","sandbox"],"created_at":"2026-03-03T01:03:40.660Z","updated_at":"2026-03-03T01:03:41.886Z","avatar_url":"https://github.com/onyx-dot-app.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Python Sandbox\n\nA secure code interpreter for executing untrusted Python code in isolated Docker containers. This service provides a REST API for running code with strict resource limits, timeout controls, and file handling capabilities.\n\nEverything runs locally and the execution environment comes pre-packaged with a list of common Python libraries.\n\nThis project aims to be the easiest, lightest weight way to add secure Python execution to your AI agent.\n\n![Code Interpreter](code_interpreter_exp.png)\n\n## How it works\n\nThe security first architecture and an overview of the implementation can be found [here](HOW_IT_WORKS.md).\n\n## Quick Start\n\n\u003e Note: This repo powers the Code Interpreter feature in [Onyx](https://github.com/onyx-dot-app/onyx).\nCheck out the implementation [here](https://github.com/onyx-dot-app/onyx/tree/main/backend/onyx/tools/tool_implementations/python) as a reference for using it in your app.\n\n### Docker Deployment\n\n#### Option 1: Docker-out-of-Docker (Recommended)\n\nThis is the recommended approach for most use cases. This shares the host's Docker daemon for better performance to spin up and manage the ephemeral code execution containers.\n\n```bash\ndocker run --rm -it \\\n  --user root \\\n  -p 8000:8000 \\\n  -v /var/run/docker.sock:/var/run/docker.sock \\\n  onyxdotapp/code-interpreter\n```\n\n**When to use:**\n- You have access to the host Docker socket\n- You want better performance and faster startup times\n- You're running in a trusted environment\n\n**Note:** Requires `--user root` to access the Docker socket. The executor image will be pulled at runtime if not already present on the host.\n\n#### Option 2: Docker-in-Docker\n\nUse this when you need complete isolation or can't access the host Docker socket. This runs a separate Docker daemon in a container to manage the code execution containers.\n\n```bash\ndocker run --rm -it \\\n  --privileged \\\n  -p 8000:8000 \\\n  onyxdotapp/code-interpreter\n```\n\n**When to use:**\n- You need complete isolation between the service and host\n- You can't or don't want to mount the host Docker socket\n- You're running in a restricted environment\n\n**Important notes:**\n- Requires `--privileged` flag\n- The Docker daemon will automatically start inside the container (takes a few seconds)\n- On first run, the executor image will be pulled during server startup (~30-60 seconds)\n- Subsequent runs will reuse the cached image (instant startup)\n- The server will not accept requests until the executor image is available\n\n### Kubernetes Deployment\n\nSee [here](kubernetes/code-interpreter/README.md) for Helm and K8s deployment instructions\n\n## API Usage\n\nNOTE: for full API docs, start the service up and visit `/docs`. \n\n### Execute Python Code\n\n```bash\nPOST /v1/execute\n```\n\n**Request:**\n```json\n{\n  \"code\": \"print('Hello, World!')\\n2 + 2\",\n  \"stdin\": null,\n  \"timeout_ms\": 2000,\n  \"last_line_interactive\": true,\n  \"files\": []\n}\n```\n\n**Response:**\n```json\n{\n  \"stdout\": \"Hello, World!\\n4\\n\",\n  \"stderr\": \"\",\n  \"exit_code\": 0,\n  \"timed_out\": false,\n  \"duration_ms\": 145,\n  \"files\": []\n}\n```\n\n### File Management\n\nUpload a file for use in code execution:\n\n```bash\nPOST /v1/files\nContent-Type: multipart/form-data\n\n# Upload file\ncurl -X POST http://localhost:8000/v1/files \\\n  -F \"file=@data.csv\"\n```\n\nUse uploaded files in execution:\n\n```json\n{\n  \"code\": \"import pandas as pd\\ndf = pd.read_csv('data.csv')\\nprint(df.head())\",\n  \"files\": [\n    {\n      \"path\": \"data.csv\",\n      \"file_id\": \"uuid-from-upload-response\"\n    }\n  ]\n}\n```\n\nRetrieve generated files:\n\n```bash\nGET /v1/files/{file_id}\n```\n\nList all files:\n\n```bash\nGET /v1/files\n```\n\nDelete a file:\n\n```bash\nDELETE /v1/files/{file_id}\n```\n\n## Configuration\n\nConfigure the service via environment variables:\n\n- `HOST`: Server host (default: `0.0.0.0`)\n- `PORT`: Server port (default: `8000`)\n- `MAX_EXEC_TIMEOUT_MS`: Maximum execution timeout in milliseconds (default: `10000`)\n- `CPU_TIME_LIMIT_SEC`: CPU time limit per execution (default: `5`)\n- `MEMORY_LIMIT_MB`: Memory limit per execution (default: `128`)\n- `MAX_OUTPUT_BYTES`: Maximum output size (default: `1048576` = 1MB)\n- `MAX_FILE_SIZE_MB`: Maximum file upload size (default: `10`)\n- `FILE_STORAGE_DIR`: Directory for file storage (default: `/tmp/code-interpreter-files`)\n\n## Security\n\n- All code execution happens in isolated environments\n- Strict resource limits prevent resource exhaustion\n- No direct filesystem access to host system\n- Configurable timeouts prevent infinite loops\n- Output size limits prevent memory attacks\n- File uploads are validated and size-limited\n\n## License\n\nMIT License - see [LICENSE](LICENSE) file for details.\n\nCopyright (c) 2025-present DanswerAI, Inc.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fonyx-dot-app%2Fpython-sandbox","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fonyx-dot-app%2Fpython-sandbox","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fonyx-dot-app%2Fpython-sandbox/lists"}