Skip to content

Add sandboxed code execution capability (currently none exists) #25

Description

@devarshishimpi

Is your feature request related to a problem?

Codra has no way to actually execute code, it only reads diffs and sends them to an LLM. There's no sandboxing, isolation, or subprocess execution anywhere in the codebase today. This blocks any future feature that needs to run something (lint/test verification, validating AI-suggested fixes, etc.).

Describe the solution you'd like

Add a pluggable execution provider that can run untrusted commands in a real sandbox, designed to stay free by default:

  • Default: delegate to GitHub Actions on the target repo (already installed via the GitHub App), real isolated execution on GitHub's free runner minutes, zero added cost to Codra's own infra.
  • Optional: in-Worker WASM sandbox for trivial, dependency-free scripts, staying entirely inside the free Cloudflare Workers runtime.
  • Leave room for operators to plug in a paid sandbox (Cloudflare Containers, E2B, etc.) if they want one, but never require it by default.

Architectural constraints

  • Codra runs entirely on Cloudflare Workers (V8 isolates), which have no subprocess/filesystem/shell APIs, execution can't happen in-process and must be delegated somewhere.
  • The natural "real" sandbox option, Cloudflare Containers/Sandbox SDK, requires a paid Workers plan, which conflicts with keeping a self-hosted Codra instance free.
  • Any execution surface must treat the command/input as untrusted, the sandbox boundary itself needs to be the actual security guarantee, not operator trust.

Metadata

Metadata

Labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions