Metadata-Version: 2.4
Name: sandtrap
Version: 0.1.0
Summary: Lightweight in-process Python sandbox using AST rewriting.
Author: ashenfad
License-Expression: MIT
Project-URL: Homepage, https://github.com/ashenfad/sandtrap
Project-URL: Bug Tracker, https://github.com/ashenfad/sandtrap/issues
Project-URL: Documentation, https://github.com/ashenfad/sandtrap#readme
Project-URL: Source, https://github.com/ashenfad/sandtrap
Keywords: sandbox,security,ast,python,runtime
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Programming Language :: Python :: 3.14
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Typing :: Typed
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: monkeyfs
Provides-Extra: dev
Requires-Dist: ruff; extra == "dev"
Requires-Dist: pre-commit; extra == "dev"
Requires-Dist: pytest; extra == "dev"
Provides-Extra: test
Requires-Dist: pytest; extra == "test"
Requires-Dist: pytest-asyncio; extra == "test"
Requires-Dist: pytest-timeout; extra == "test"
Dynamic: license-file

# sandtrap ⛳

A lightweight in-process Python sandbox using AST rewriting and compiled bytecode execution. Whitelist-based policies control attribute access, imports, and resource usage. Designed as a walled garden for cooperative code (e.g. agent-generated scripts), not for adversarial inputs.

## Install

```
pip install sandtrap
```

## Quick start

```python
from sandtrap import Policy, Sandbox

policy = Policy(timeout=5.0, tick_limit=100_000)

with Sandbox(policy) as sandbox:
    result = sandbox.exec("""
total = sum(range(10))
print(f"total = {total}")
""")

print(result.stdout)       # "total = 45\n"
print(result.namespace)    # {"total": 45}
print(result.error)        # None
print(result.ticks)        # 3 (fn calls: range + sum + print)
```

## Documentation

- [Policy & Registration](docs/policy.md) -- configuring what sandboxed code can access
- [Sandbox Execution](docs/sandbox.md) -- running code, results, error handling
- [Filesystem & Network](docs/filesystem.md) -- VFS interception, network denial, VFS imports
- [Serialization](docs/serialization.md) -- pickling functions, classes, and state across turns
- [Security Model](docs/security.md) -- how the sandbox works, what it blocks, threat model

## License

MIT
