#!/usr/bin/env python3
"""Ephemeral, network-isolated, resource-capped container runner."""

import argparse
import os
import shutil
import subprocess
import sys


def _find_container_runtime():
    """Find podman or docker on PATH."""
    for binary in ("podman", "docker"):
        if shutil.which(binary):
            return binary
    raise RuntimeError("Neither podman nor docker found on PATH")


def sandbox_run(
    command: str,
    workspace: str | None = None,
    image: str = "debian:stable-slim",
    timeout: int = 60,
    network: str = "none",
    memory: str = "2g",
    pids: int = 512,
    cpus: float = 2.0,
) -> str:
    """Run command inside an ephemeral container."""
    runtime = _find_container_runtime()

    argv = [
        runtime,
        "run",
        "--rm",
        "--pull=missing",
        f"--network={network}",
        f"--memory={memory}",
        f"--pids-limit={pids}",
        f"--cpus={cpus}",
        "--cap-drop=ALL",
        "--security-opt=no-new-privileges",
    ]

    if workspace is not None:
        argv.extend(["-v", f"{workspace}:/workspace:rw", "-w", "/workspace"])

    argv.extend([image, "sh", "-c", command])

    proc = subprocess.Popen(
        argv,
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE,
        shell=False,
    )
    try:
        stdout_bytes, stderr_bytes = proc.communicate(timeout=timeout)
        exit_code = proc.returncode
    except subprocess.TimeoutExpired:
        proc.kill()
        proc.wait()
        stdout_bytes, stderr_bytes = proc.communicate()
        exit_code = 124

    stdout = stdout_bytes.decode("utf-8", errors="replace") if stdout_bytes else ""
    stderr = stderr_bytes.decode("utf-8", errors="replace") if stderr_bytes else ""

    output = f"exit={exit_code}\n--- stdout ---\n{stdout}--- stderr ---\n{stderr}"

    if len(output) > 50000:
        output = output[:50000] + "... [truncated]"

    return output


def main():
    parser = argparse.ArgumentParser(
        description="Run commands inside ephemeral containers",
        formatter_class=argparse.RawDescriptionHelpFormatter,
    )
    parser.add_argument("--image", default="debian:stable-slim")
    parser.add_argument("--timeout", type=int, default=60)
    parser.add_argument(
        "--network", choices=["none", "bridge"], default="none"
    )
    parser.add_argument("--memory", default="2g")
    parser.add_argument("--pids", type=int, default=512)
    parser.add_argument("--cpus", type=float, default=2.0)
    parser.add_argument(
        "--workspace", default=os.getcwd()
    )
    parser.add_argument(
        "--",
        dest="separator",
        action="store_true",
        help="Separator between flags and command",
    )
    parser.add_argument("command", nargs="+")

    args = parser.parse_args()

    cmd_str = " ".join(args.command)

    result = sandbox_run(
        command=cmd_str,
        workspace=args.workspace,
        image=args.image,
        timeout=args.timeout,
        network=args.network,
        memory=args.memory,
        pids=args.pids,
        cpus=args.cpus,
    )

    print(result)

    exit_match = result.split("\n")[0]
    exit_code = int(exit_match.split("=")[1])
    sys.exit(exit_code)


if __name__ == "__main__":
    main()

diff --git a/sandbox.py b/sandbox.py
new file mode 100644
index 0000000..c33e53a
--- /dev/null
+++ b/sandbox.py
@@ -0,0 +1,123 @@
+#!/usr/bin/env python3
+"""Ephemeral, network-isolated, resource-capped container runner."""
+
+import argparse
+import os
+import shutil
+import subprocess
+import sys
+
+
+def _find_container_runtime():
+    """Find podman or docker on PATH."""
+    for binary in ("podman", "docker"):
+        if shutil.which(binary):
+            return binary
+    raise RuntimeError("Neither podman nor docker found on PATH")
+
+
+def sandbox_run(
+    command: str,
+    workspace: str | None = None,
+    image: str = "debian:stable-slim",
+    timeout: int = 60,
+    network: str = "none",
+    memory: str = "2g",
+    pids: int = 512,
+    cpus: float = 2.0,
+) -> str:
+    """Run command inside an ephemeral container."""
+    runtime = _find_container_runtime()
+
+    argv = [
+        runtime,
+        "run",
+        "--rm",
+        "--pull=missing",
+        f"--network={network}",
+        f"--memory={memory}",
+        f"--pids-limit={pids}",
+        f"--cpus={cpus}",
+        "--cap-drop=ALL",
+        "--security-opt=no-new-privileges",
+    ]
+
+    if workspace is not None:
+        argv.extend(["-v", f"{workspace}:/workspace:rw", "-w", "/workspace"])
+
+    argv.extend([image, "sh", "-c", command])
+
+    proc = subprocess.Popen(
+        argv,
+        stdout=subprocess.PIPE,
+        stderr=subprocess.PIPE,
+        shell=False,
+    )
+    try:
+        stdout_bytes, stderr_bytes = proc.communicate(timeout=timeout)
+        exit_code = proc.returncode
+    except subprocess.TimeoutExpired:
+        proc.kill()
+        proc.wait()
+        stdout_bytes, stderr_bytes = proc.communicate()
+        exit_code = 124
+
+    stdout = stdout_bytes.decode("utf-8", errors="replace") if stdout_bytes else ""
+    stderr = stderr_bytes.decode("utf-8", errors="replace") if stderr_bytes else ""
+
+    output = f"exit={exit_code}\n--- stdout ---\n{stdout}--- stderr ---\n{stderr}"
+
+    if len(output) > 50000:
+        output = output[:50000] + "... [truncated]"
+
+    return output
+
+
+def main():
+    parser = argparse.ArgumentParser(
+        description="Run commands inside ephemeral containers",
+        formatter_class=argparse.RawDescriptionHelpFormatter,
+    )
+    parser.add_argument("--image", default="debian:stable-slim")
+    parser.add_argument("--timeout", type=int, default=60)
+    parser.add_argument(
+        "--network", choices=["none", "bridge"], default="none"
+    )
+    parser.add_argument("--memory", default="2g")
+    parser.add_argument("--pids", type=int, default=512)
+    parser.add_argument("--cpus", type=float, default=2.0)
+    parser.add_argument(
+        "--workspace", default=os.getcwd()
+    )
+    parser.add_argument(
+        "--",
+        dest="separator",
+        action="store_true",
+        help="Separator between flags and command",
+    )
+    parser.add_argument("command", nargs="+")
+
+    args = parser.parse_args()
+
+    cmd_str = " ".join(args.command)
+
+    result = sandbox_run(
+        command=cmd_str,
+        workspace=args.workspace,
+        image=args.image,
+        timeout=args.timeout,
+        network=args.network,
+        memory=args.memory,
+        pids=args.pids,
+        cpus=args.cpus,
+    )
+
+    print(result)
+
+    exit_match = result.split("\n")[0]
+    exit_code = int(exit_match.split("=")[1])
+    sys.exit(exit_code)
+
+
+if __name__ == "__main__":
+    main()
\ No newline at end of file

============================= test session starts ==============================
platform darwin -- Python 3.14.4, pytest-9.0.3, pluggy-1.6.0 -- /opt/homebrew/opt/python@3.14/bin/python3.14
cachedir: .pytest_cache
rootdir: /Users/fole/Desktop/sandbox-eval-sandbox-minimax-2026-05-05-r3
collecting ... collected 9 items

_eval_tests/test_sandbox.py::test_simple_echo PASSED                     [ 11%]
_eval_tests/test_sandbox.py::test_output_format PASSED                   [ 22%]
_eval_tests/test_sandbox.py::test_exit_code_nonzero PASSED               [ 33%]
_eval_tests/test_sandbox.py::test_timeout PASSED                         [ 44%]
_eval_tests/test_sandbox.py::test_network_default_isolated PASSED        [ 55%]
_eval_tests/test_sandbox.py::test_network_bridge PASSED                  [ 66%]
_eval_tests/test_sandbox.py::test_workspace_mount PASSED                 [ 77%]
_eval_tests/test_sandbox.py::test_truncation PASSED                      [ 88%]
_eval_tests/test_sandbox.py::test_no_host_shell_injection PASSED         [100%]

============================== 9 passed in 4.25s ===============================