Metadata-Version: 2.4
Name: amla-sandbox
Version: 0.2.6
Summary: Capability-based sandboxed runtime for AI agents
Project-URL: Homepage, https://github.com/amlalabs/amla-sandbox
Project-URL: Repository, https://github.com/amlalabs/amla-sandbox
Project-URL: Issues, https://github.com/amlalabs/amla-sandbox/issues
Author-email: Amla Labs <souvik@amlalabs.com>
License: MIT License
        
        Copyright (c) 2025 Amla Labs
        
        Permission is hereby granted, free of charge, to any person obtaining a copy
        of this software and associated documentation files (the "Software"), to deal
        in the Software without restriction, including without limitation the rights
        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
        copies of the Software, and to permit persons to whom the Software is
        furnished to do so, subject to the following conditions:
        
        The above copyright notice and this permission notice shall be included in all
        copies or substantial portions of the Software.
        
        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
        SOFTWARE.
        
        ---
        
        Dual-license notice
        
        This wheel ships two separately licensed components. The MIT license above
        applies ONLY to the Python source code in this package (everything under
        `src/amla_sandbox/` except the `_wasm/` directory).
        
        The bundled WebAssembly runtime binary
        (`src/amla_sandbox/_wasm/amla_sandbox.wasm`) is NOT covered by the MIT
        license above. It is built from the Rust source of the `amla-sandbox` crate
        and is licensed under:
        
            AGPL-3.0-or-later OR BUSL-1.1
        
        (licensee's choice between the two). The corresponding Rust source, build
        recipe, and full license texts are published at:
        
            https://github.com/amlalabs/amla-sandbox-core
        
        If you redistribute this wheel, both license obligations apply: MIT for the
        Python wrapper and AGPL-3.0-or-later (or BUSL-1.1) for the WASM artifact.
License-File: LICENSE
Keywords: agents,ai,capabilities,sandbox,security,wasm
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.11
Requires-Dist: cryptography>=43.0.0
Requires-Dist: wasmtime>=29.0.0
Provides-Extra: all
Requires-Dist: langchain-anthropic>=0.3.0; extra == 'all'
Requires-Dist: langchain-core>=0.3.0; extra == 'all'
Requires-Dist: langchain-openai>=0.3.0; extra == 'all'
Requires-Dist: langchain>=0.3.0; extra == 'all'
Requires-Dist: langgraph-codeact>=0.0.1; extra == 'all'
Requires-Dist: langgraph>=0.2.0; extra == 'all'
Requires-Dist: python-dotenv>=1.0.0; extra == 'all'
Provides-Extra: codeact
Requires-Dist: langchain-anthropic>=0.3.0; extra == 'codeact'
Requires-Dist: langchain>=0.3.0; extra == 'codeact'
Requires-Dist: langgraph-codeact>=0.0.1; extra == 'codeact'
Provides-Extra: dev
Requires-Dist: pyright>=1.1.390; extra == 'dev'
Requires-Dist: pytest-asyncio>=0.24.0; extra == 'dev'
Requires-Dist: pytest>=8.0.0; extra == 'dev'
Requires-Dist: ruff>=0.8.0; extra == 'dev'
Provides-Extra: langgraph
Requires-Dist: langchain-anthropic>=0.3.0; extra == 'langgraph'
Requires-Dist: langchain-core>=0.3.0; extra == 'langgraph'
Requires-Dist: langchain-openai>=0.3.0; extra == 'langgraph'
Requires-Dist: langchain>=0.3.0; extra == 'langgraph'
Requires-Dist: langgraph>=0.2.0; extra == 'langgraph'
Requires-Dist: python-dotenv>=1.0.0; extra == 'langgraph'
Description-Content-Type: text/markdown

# amla-sandbox

This repository is the release source for the
[amla-sandbox](https://pypi.org/project/amla-sandbox/) Python package.
Development happens in
[the amlalabs monorepo](https://github.com/amlalabs/monorepo); this repo is
updated on release. The Rust runtime that compiles to `amla_sandbox.wasm`
lives in
[amla-sandbox-core](https://github.com/amlalabs/amla-sandbox-core); the exact
release tag this Python package was built against is recorded in
`.mirror-deps.json`.

amla-sandbox is a WASM sandbox with capability enforcement for AI agent code.
Agents can only call tools you explicitly provide, with constraints you
define. Sandboxed virtual filesystem. No network. No shell escape.

## Install

```sh
pip install amla-sandbox
```

No Docker. No VM. One binary, works everywhere.

## Quick start

```python
from amla_sandbox import create_sandbox_tool

sandbox = create_sandbox_tool()

# JavaScript
sandbox.run("console.log('hello'.toUpperCase())", language="javascript")
# Shell
sandbox.run("echo 'hello' | tr 'a-z' 'A-Z'", language="shell")

# With tools
def get_weather(city: str) -> dict:
    return {"city": city, "temp": 72}

sandbox = create_sandbox_tool(tools=[get_weather])
sandbox.run(
    "const w = await get_weather({city: 'SF'}); console.log(w);",
    language="javascript",
)
```

With capability constraints:

```python
from amla_sandbox import Sandbox, ToolCallCap, ConstraintSet, Param

sandbox = Sandbox(
    capabilities=[
        ToolCallCap(
            method_pattern="stripe/charges/*",
            constraints=ConstraintSet([
                Param("amount") <= 10000,
                Param("currency").is_in(["USD", "EUR"]),
            ]),
            max_calls=100,
        ),
    ],
    tool_handler=my_handler,
)
```

See the [PyPI page](https://pypi.org/project/amla-sandbox/) and the
`examples/` directory for the full API surface, framework integrations, and
the constraint DSL.

## Security model

The sandbox runs inside WebAssembly with WASI for a minimal syscall surface.
On top of WASM isolation, every tool call goes through capability validation;
access is explicitly granted, not implicitly available. See the
[Quick start](#quick-start) above and the upstream PyPI README for the full
explanation and tradeoffs.

## Building from source

For most users, installing from PyPI is recommended; the wheel includes the
prebuilt WASM binary. If you want to build the wheel yourself:

```sh
uv build
```

To regenerate the WASM artifact bundled inside the wheel, build it from
[amla-sandbox-core](https://github.com/amlalabs/amla-sandbox-core) at the tag
pinned in `.mirror-deps.json`, then drop the result at
`src/amla_sandbox/_wasm/amla_sandbox.wasm` before running `uv build`.

## Contributing

See [CONTRIBUTING.md](./CONTRIBUTING.md). Pull requests against this mirror
will be clobbered on next release; please target the monorepo or open an issue
here.

## License

Python package code is MIT licensed. The bundled Rust WASM runtime is
AGPL-3.0-or-later OR BUSL-1.1.
