Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.agentfront.dev/llms.txt

Use this file to discover all available pages before exploring further.

This guide walks you through building your first secure code execution environment with Enclave. By the end, you’ll have a working sandbox that safely executes untrusted JavaScript with tool access.

Prerequisites

  • Node.js 22 or later
  • npm, pnpm, or yarn

Step 1: Install Packages

npm install @enclave-vm/core ast-guard

Step 2: Create Your First Sandbox

Create a new file sandbox.ts: 
import { Enclave } from '@enclave-vm/core';

// Define your tools
const tools = {
  'math:add': async (a: number, b: number) => a + b,
  'math:multiply': async (a: number, b: number) => a * b,
  'users:list': async () => [
    { id: 1, name: 'Alice', active: true },
    { id: 2, name: 'Bob', active: false },
    { id: 3, name: 'Charlie', active: true },
  ],
};

// Create the enclave
const enclave = new Enclave({
  securityLevel: 'SECURE',
  timeout: 5000,
  maxToolCalls: 10,
  toolHandler: async (toolName, args) => {
    const tool = tools[toolName as keyof typeof tools];
    if (!tool) {
      throw new Error(`Unknown tool: ${toolName}`);
    }
    return tool(...(args as any[]));
  },
});

// Run some code
async function main() {
  const code = `
    // Get users and filter active ones
    const users = await callTool('users:list');
    const activeUsers = users.filter(u => u.active);

    // Calculate something
    const sum = await callTool('math:add', 10, 20);

    return {
      activeCount: activeUsers.length,
      sum,
      names: activeUsers.map(u => u.name),
    };
  `;

  const result = await enclave.run(code);

  if (result.success) {
    console.log('Result:', result.value);
    console.log('Stats:', result.stats);
  } else {
    console.error('Error:', result.error);
  }

  enclave.dispose();
}

main();

Step 3: Run It

npx tsx sandbox.ts
You should see: 
Result: { activeCount: 2, sum: 30, names: ['Alice', 'Charlie'] }
Stats: { duration: 12, toolCallCount: 2, iterationCount: 4 }

What Just Happened?

  1. AST Validation - Before executing, Enclave validated the code using ast-guard to block dangerous constructs like eval, process, and prototype manipulation.
  2. Code Transformation - The code was wrapped in a safe execution context with rate-limited loops and proxied tool calls.
  3. Sandboxed Execution - The code ran in an isolated Node.js vm context with no access to the host environment.
  4. Tool Calls - The script called your tools through a controlled interface, letting you audit and control all external interactions.

Security Levels

Enclave provides preset security levels. The most common:
LevelUse CaseRestrictions
STRICTUntrusted AI/user codeMaximum restrictions
SECURESemi-trusted automationBalanced security
STANDARDInternal toolsBasic guardrails
// For untrusted code, use STRICT
const strictEnclave = new Enclave({
  securityLevel: 'STRICT',
  toolHandler: async (name, args) => { /* ... */ },
});

What’s Blocked?

AgentScript (the language subset Enclave uses) blocks:
  • eval, Function, setTimeout, setInterval
  • process, require, import
  • window, global, globalThis
  • __proto__, constructor, prototype
  • User-defined functions (prevents recursion bombs)
  • while and do-while loops (prevents infinite loops)
See AgentScript for the full language definition.

Next Steps

Concepts

Understand the architecture and security model

@enclave-vm/core

Deep dive into configuration and features

Guides

Build a complete AI agent with tools

Examples

Copy-paste examples for common use cases