Raxol.REPL.Sandbox (Raxol v2.3.0)

View Source

AST-based safety checker for REPL code evaluation.

Scans Elixir code for potentially dangerous operations before evaluation. Three strictness levels:

  • :none -- allow everything (local terminal use)

  • :standard -- deny destructive system/file/network ops (default)

  • :strict -- whitelist-only (SSH/web use)

    iex> Sandbox.check("Enum.map([1,2], & &1 * 2)") :ok

    iex> match?({:error, _}, Sandbox.check(~s[System.cmd("rm", ["-rf", "/"])])) true

Summary

Types

level()

Functions

check(code, level \\ :standard)

Checks code for safety violations at the given strictness level.

Types

level()

@type level() :: :none | :standard | :strict

Functions

check(code, level \\ :standard)

@spec check(String.t(), level()) :: :ok | {:error, [String.t()]}

Checks code for safety violations at the given strictness level.

Returns :ok if safe, or {:error, [violation_message]} if violations found.