brycewang-stanford/sandbox-execution-guide
skills/43-wentorai-research-plugins/skills/tools/code-exec/sandbox-execution-guide/SKILL.md
Secure sandboxed code execution environments for reproducible research computing
$ install --global
skillsauthnpx skillsauth add brycewang-stanford/Awesome-Agent-Skills-for-Empirical-Research sandbox-execution-guideInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 20, 2026, 4:22 AM6.0s1 file scanned
SKILL.md
- name:
- sandbox-execution-guide
- description:
- Secure sandboxed code execution environments for reproducible research computing
- emoji:
- 🛡️
- category:
- tools
- subcategory:
- code-exec
- keywords:
- ["sandbox execution", "code runner", "literate programming", "containerization", "reproducible computing"]
- source:
- wentor
Sandbox Execution Guide
A skill for setting up and using sandboxed code execution environments for research computing. Covers containerized execution, security considerations, resource management, and integration with research workflows.
Why Sandboxed Execution?
Research code often requires:
- Isolation from the host system for security
- Reproducible environments across machines
- Resource limits to prevent runaway computations
- Multi-language support (Python, R, Julia, MATLAB)
Docker-Based Sandboxes
Creating a Research Container
# Dockerfile for a reproducible research environment
FROM python:3.11-slim
# System dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
gfortran \
libopenblas-dev \
&& rm -rf /var/lib/apt/lists/*
# Create non-root user for security
RUN useradd -m -s /bin/bash researcher
USER researcher
WORKDIR /home/researcher
# Pin all dependencies
COPY requirements.txt .
RUN pip install --user --no-cache-dir -r requirements.txt
# Copy project files
COPY --chown=researcher:researcher . /home/researcher/project
WORKDIR /home/researcher/project
# Resource limits set at runtime, not build time
CMD ["python", "main.py"]
Running with Resource Limits
# Run with CPU, memory, and time constraints
docker run \
--cpus="2.0" \
--memory="4g" \
--memory-swap="4g" \
--pids-limit=100 \
--network=none \
--read-only \
--tmpfs /tmp:size=512m \
--timeout 3600 \
research-sandbox:latest python analysis.py
# Mount data as read-only, output directory as writable
docker run \
-v /data/raw:/data:ro \
-v /data/results:/output:rw \
--cpus="4.0" \
--memory="16g" \
research-sandbox:latest python pipeline.py
Python Sandbox with Resource Limits
Process-Level Isolation
import subprocess
import resource
import signal
import tempfile
import os
def run_sandboxed(code: str, timeout: int = 60,
max_memory_mb: int = 512) -> dict:
"""
Execute Python code in a sandboxed subprocess with resource limits.
Args:
code: Python code string to execute
timeout: Maximum execution time in seconds
max_memory_mb: Maximum memory in megabytes
"""
with tempfile.NamedTemporaryFile(mode='w', suffix='.py', delete=False) as f:
f.write(code)
script_path = f.name
try:
result = subprocess.run(
['python', '-u', script_path],
capture_output=True,
text=True,
timeout=timeout,
env={
'PATH': '/usr/bin:/usr/local/bin',
'HOME': '/tmp',
'PYTHONDONTWRITEBYTECODE': '1'
}
)
return {
'stdout': result.stdout,
'stderr': result.stderr,
'returncode': result.returncode,
'timed_out': False
}
except subprocess.TimeoutExpired:
return {
'stdout': '',
'stderr': f'Execution timed out after {timeout}s',
'returncode': -1,
'timed_out': True
}
finally:
os.unlink(script_path)
# Example usage
result = run_sandboxed("""
import numpy as np
data = np.random.randn(1000)
print(f"Mean: {data.mean():.4f}")
print(f"Std: {data.std():.4f}")
""", timeout=30, max_memory_mb=256)
print(result['stdout'])
Nix-Based Reproducible Environments
For maximum reproducibility, use Nix to pin every dependency including system libraries:
# shell.nix for a research project
{ pkgs ? import (fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/nixos-23.11.tar.gz";
}) {} }:
pkgs.mkShell {
buildInputs = with pkgs; [
python311
python311Packages.numpy
python311Packages.scipy
python311Packages.pandas
python311Packages.matplotlib
python311Packages.scikit-learn
R
rPackages.ggplot2
rPackages.dplyr
];
shellHook = ''
echo "Research sandbox activated"
echo "Python: $(python --version)"
echo "R: $(R --version | head -1)"
'';
}
# Enter the reproducible environment
nix-shell shell.nix
# Or use flakes for even better reproducibility
nix develop
Security Best Practices
When running untrusted or third-party code:
- Network isolation: Use
--network=nonein Docker to prevent data exfiltration - Filesystem restrictions: Mount data as read-only, limit writable paths
- Resource caps: Always set CPU, memory, and time limits
- User isolation: Run as non-root user inside the container
- Syscall filtering: Use seccomp profiles to restrict system calls
- Output sanitization: Validate and sanitize all output before processing
Integration with CI/CD
Automate research pipeline execution with GitHub Actions:
name: Research Pipeline
on:
push:
paths: ['src/**', 'data/**']
jobs:
run-analysis:
runs-on: ubuntu-latest
container:
image: research-sandbox:latest
options: --cpus 4 --memory 8g
steps:
- uses: actions/checkout@v4
- run: python src/01_preprocess.py
- run: python src/02_analyze.py
- run: python src/03_visualize.py
- uses: actions/upload-artifact@v4
with:
name: results
path: output/
This ensures every commit triggers a fresh, sandboxed execution of the full pipeline, catching environment-dependent bugs and ensuring reproducibility.
Related Skills
brycewang-stanford/stata
tools
VerifiedTrustedCommunity
Show mcp-stata identity, connected tools, and status. Use when the user asks if mcp-stata is available, asks about access to the toolkit, or asks what Stata tools are connected.
1,789SKILL.mdUpdated Jun 10, 2026
brycewang-stanford/stata-toolkit
tools
VerifiedTrustedCommunity
Activate when users mention Stata commands, .do files, regressions, econometrics, stored results, graphs, dataset inspection, replication, or Stata errors. Route the task through mcp-stata tools and the specialized research skills instead of treating it as plain text coding.
1,789SKILL.mdUpdated Jun 10, 2026
brycewang-stanford/stata-table-builder
development
VerifiedTrustedCommunity
Build and review paper-ready regression, balance, and summary tables from Stata outputs. Use when the user needs a clean table for a draft, appendix, or coauthor share-out.
1,789SKILL.mdUpdated Jun 10, 2026
brycewang-stanford/stata-setup
tools
VerifiedTrustedCommunity
Install, configure, update, or verify mcp-stata across Claude Code, Codex, Gemini CLI, Cursor, Windsurf, and VS Code. Activate when users ask to set up the Stata toolkit or troubleshoot the installation.
1,789SKILL.mdUpdated Jun 10, 2026