Description
Agent code execution runs in unrestricted environment. Agents can access file system, environment variables, network. Malicious agents execute arbitrary code on server.
Expected Behavior
Sandbox agent execution using containers or restricted Python environments. Limit filesystem, network, system calls.
Actual Behavior
File: src/execution/executor.py
Executes agent code directly: exec(agent_code)
GSSoC Points Estimate: Level 3 (Security/Sandbox)
Suggested Labels
- gssoc:approved
- type:bug
- severity:critical
- area:security
Description
Agent code execution runs in unrestricted environment. Agents can access file system, environment variables, network. Malicious agents execute arbitrary code on server.
Expected Behavior
Sandbox agent execution using containers or restricted Python environments. Limit filesystem, network, system calls.
Actual Behavior
File: src/execution/executor.py
Executes agent code directly: exec(agent_code)
GSSoC Points Estimate: Level 3 (Security/Sandbox)
Suggested Labels