Closed mfornos closed 3 months ago
Just to keep a log, alts for untrusted code execution:
After careful evaluation, running agent scripts in a Node.js vm context adds negative value to our current needs for the following reasons:
node:vm
does not provide true security isolation, making sandboxing ineffective.Therefore, we will not implement this approach in our case and context. :no_good:
For reference on a similar approach in the context of HTTP handlers: Vercel Edge Runtime
Load and run agents using
node:vm
, ideally make it easy to add new environments. Common host services: out streams, shared streams, ingress, persistence, inter-agent comm. Presets for exposed dependencies like@polkadot/api
.