@kaged/sandbox
CageCompiler, SandboxRunner, and SandboxHandle for subprocess isolation via bubblewrap with cgroups, network gatekeeper, and seccomp plans
8
source files
5
test files
~2.2k
lines
✓ 5 pass
tests
pass
typecheck
clean
lint
Test results 5
buildSystemdPrefix > produces systemd-run with --scope and --slice
[0.190ms]
SandboxRunner: caged path compilation > enabled policy with net.allow emits gatekeeper_degraded
[0ms]
SandboxRunner: caged path compilation > compile error on path escape throws SandboxSpawnError
[1.31ms]
SandboxRunner: walltime in disabled path > walltime from enabled policy is applied even when noSandbox
[1.00s]
SandboxRunner: shutdown > shutdown is safe to call
[0.470ms]
Mentioned in
| Type | Document |
|---|---|
| adr | ADR-0009: Sandbox technology is bubblewrap; network allowlist is kaged-managed |
| adr | ADR-0012: Agentic substrate is Mastra v1.x |
| spec | Spec: Agent Tooling |
| spec | Spec: Agent Harness |
| spec | Spec: Daemon |
| spec | Spec: Plugin Host |
| spec | Spec: Project DSL |
| spec | Spec: Sandbox |
| spec | Spec: Session Manager |
| spec | Spec: Task Runner |