CodeExecutionBackend
Defined in: tools/builtin/builtin.types.ts:128
The code-execution capability seam — implement this against a sandbox.
Remarks
The richer sibling of ShellBackend: instead of one shell command it
runs a snippet in a named language, but the danger and the boundary are the
same. Wire it to e.g. a Deno permission sandbox (deno-backends.ts), a
container, or a hosted execution service.
SECURITY: this runs arbitrary, model-written code. Unlike ShellBackend,
the expectation is that the backend sandboxes it — but the core cannot
enforce that, so isolation remains the backend's responsibility. Route the
resulting tool through the permission gate (../../permissions) before granting
it to a model you do not fully trust.
See
- CodeExecutionRequest
- CodeExecutionResult
- codeExecutionTool which wraps this seam in a model-facing tool.
Methods
exec()
exec(request, ctx): Promise<CodeExecutionResult>;Defined in: tools/builtin/builtin.types.ts:136
Run a code snippet and capture its output.
Parameters
| Parameter | Type | Description |
|---|---|---|
request | CodeExecutionRequest | The language and source to run. |
ctx | ToolContext | Per-call context; ctx.signal may be used to abort the run. |
Returns
Promise<CodeExecutionResult>
The run's stdout, stderr, and exit code.