exec_sandbox
Isolates command execution using sandbox engine (commonly bwrap).
What it mitigates
- Host-level side effects from tool execution
- Lateral access to non-workspace files
- Unsafe process behavior in command tools
Recommended defaults
| Profile | required |
|---|---|
local | true |
standard | false |
unbounded | optional / omitted |
Minimal config
moduleConfig:
exec_sandbox:
engine: bwrap
required: false
Set required: true for environments with strict containment requirements.
Operational checks
- Validate engine availability with
npx agentradius doctor. - If required and unavailable, execution should fail closed.
- Keep this module before egress or output policy modules when possible.