Skip to main content
Enclave is a secure execution environment for running untrusted JavaScript code. It provides a defense-in-depth security model that combines AST validation (via ast-guard), code transformation, and runtime sandboxing to safely execute model-generated code.

AST Validation

Block dangerous constructs before execution using ast-guard’s AgentScript preset

Code Transformation

Automatically transform code for safe execution with proxied functions and loop limits

Runtime Sandboxing

Execute in isolated Node.js vm context with controlled globals and resource limits

When to Use Enclave

Enclave is designed for scenarios where you need to execute JavaScript code from untrusted sources:
  • LLM-generated code - Execute code written by AI models safely
  • User-provided scripts - Run user scripts in a controlled environment
  • Plugin/extension systems - Allow third-party code to run securely
  • Workflow automation - Execute orchestration logic with tool access

Installation

Quick Start

Execution Results

Enclave returns a structured result with success/error status and execution stats:

Error Codes