npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@parassharmaa/agent-sandbox

v0.4.1

Published

Sandboxed execution environment for AI agents via WASM

Downloads

484

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

parassharmaaparassharmaa

Keywords

agentsandboxwasmwasisecurityexecution

Readme

@parassharmaa/agent-sandbox

Node.js bindings for agent-sandbox — a secure, WASM-based sandbox for AI agents with 40+ built-in CLI tools and a JavaScript runtime.

Installation

npm install @parassharmaa/agent-sandbox

Prebuilt binaries are available for:

  • macOS (arm64, x64)
  • Linux (x64 gnu, arm64 gnu)
  • Windows (x64 msvc)

Usage

import { Sandbox } from "@parassharmaa/agent-sandbox";

// Create a sandbox with a working directory
const sandbox = new Sandbox({ workDir: "/path/to/workdir" });

// Execute commands (files are accessible under /work/)
const result = await sandbox.exec("grep", ["TODO", "/work/main.rs"]);
console.log(result.stdout.toString()); // stdout/stderr are Buffers
console.log(result.exitCode);          // 0 on success

// Read and write files (paths relative to workDir)
const content = await sandbox.readFile("config.json");
await sandbox.writeFile("output.txt", Buffer.from("hello"));

// List directory contents
const entries = await sandbox.listDir(".");
// [{ name: "file.txt", isFile: true, isDir: false, size: 42 }, ...]

// Track filesystem changes since sandbox creation
const changes = await sandbox.diff();
// [{ path: "output.txt", kind: "created" }, ...]

// Clean up
await sandbox.destroy();

JavaScript Runtime

Execute JavaScript code inside the WASM sandbox using the built-in Boa engine:

// Inline evaluation
const result = await sandbox.exec("node", ["-e", "console.log('hello from JS')"]);

// Evaluate and print result
const calc = await sandbox.exec("node", ["-p", "2 + 3 * 4"]);
console.log(calc.stdout.toString().trim()); // "14"

// Run a script file
await sandbox.writeFile("script.js", Buffer.from(`
  const data = [1, 2, 3, 4, 5];
  const sum = data.reduce((a, b) => a + b, 0);
  console.log(JSON.stringify({ sum, avg: sum / data.length }));
`));
await sandbox.exec("node", ["/work/script.js"]);

// Convenience method — execJs(code) wraps exec("node", ["-e", code])
const jsResult = await sandbox.execJs("console.log('quick and easy')");

Supports ES2023+ features (arrow functions, destructuring, template literals, Promises, JSON, Math, RegExp, Array methods, etc.). No network access or Node.js built-in modules — runs in pure WASM isolation.

Configuration Options

const sandbox = new Sandbox({
  workDir: "/path/to/workdir",      // Required: host directory mounted at /work
  mounts: [{                         // Optional: additional mount points
    hostPath: "/data",
    guestPath: "/mnt/data",
    writable: false,
  }],
  envVars: { API_KEY: "value" },     // Optional: environment variables
  timeoutMs: 30000,                  // Optional: execution timeout (ms)
  memoryLimitBytes: 256 * 1024 * 1024, // Optional: memory limit
  fuelLimit: 1_000_000_000,         // Optional: WASM fuel limit
});

List Available Tools

const tools = Sandbox.availableTools();
// ["cat", "grep", "find", "sed", "jq", "git", "node", "tar", ...]

Security

  • Commands run inside a WASM sandbox — no access to host filesystem outside the work directory
  • Path traversal attacks are blocked
  • Environment variables are isolated from the host
  • Each sandbox instance is fully isolated from others
  • JS runtime runs inside WASM — no network, no host access

License

MIT