welsberr
ecba73903d
|
||
|---|---|---|
| .. | ||
| README.md | ||
| run_tool_request.py | ||
README.md
TOOL-EXEC-Lite (Monty)
This is the "lite" execution lane for ThreeGate.
Why Monty?
Monty is a minimal, secure Python-subset interpreter intended to run agent-written code without a full container/VM sandbox. It blocks filesystem/env/network access unless explicitly provided via "external functions".
Constraints (current stub)
- backend: monty
- language: python
- network: none
- external functions: none
- file inputs/outputs: not supported (stdio only)
- strict size/time limits (best-effort; hard limits are future work)
Install (developer environment)
Monty’s Python package is pydantic-monty:
pip install pydantic-monty
or
uv add pydantic-monty
Execution model (stub)
- Tool Request contains a
## Codesection with Python subset code. - Runner executes code with Monty and captures:
- return value (Monty output)
- stdout/stderr (captured by runner)
- Emits Tool Result markdown + stdout/stderr artifacts.
Roadmap (security-reviewed increments)
- Add resource limits via Monty trackers (time/memory/allocations/stack depth).
- Add allowlisted external functions (pure functions first: json/regex/hash).
- Add "iterative external calls" mode (MontySnapshot resume) with explicit operator gating.