Skip to content

Add sandbox execution, rate limiting, CORS, and input validation#4

Open
corvid-agent wants to merge 1 commit intoCorvidLabs:mainfrom
corvid-agent:fix/sandbox-security-and-rate-limiting
Open

Add sandbox execution, rate limiting, CORS, and input validation#4
corvid-agent wants to merge 1 commit intoCorvidLabs:mainfrom
corvid-agent:fix/sandbox-security-and-rate-limiting

Conversation

@corvid-agent
Copy link

@corvid-agent corvid-agent commented Feb 7, 2026

Summary

  • Sandbox execution: Added macOS (sandbox-exec) and Linux (firejail) sandboxing for all code execution — previously ran user code with full system access
  • Rate limiting: 10 requests/minute per IP to prevent abuse and DoS
  • CORS: Strict allowed-origins configuration instead of wildcard *
  • Input validation: Max code size limits, language whitelist, execution timeout caps

Test plan

  • npm run build succeeds
  • Server starts and accepts execution requests
  • Verify sandbox restricts file system and network access
  • Verify rate limiting kicks in after 10 rapid requests
  • Verify oversized code payloads are rejected
  • Verify only whitelisted languages are accepted

🤖 Generated with Claude Code

@corvid-agent @claude
Add full sandbox execution, rate limiting, CORS, and input validation
5dcacd1 
- Add macOS/Linux sandbox for code execution (sandbox-exec / firejail)
- Implement rate limiting (10 req/min per IP) to prevent abuse
- Add strict CORS configuration with allowed origins
- Add input validation: max code size, language whitelist, timeout limits
- Prevents arbitrary code execution, DoS, and injection attacks

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@corvid-agent