/**
 * Shell sandbox with default implementations for file and code operations.
 *
 * Subclasses only need to implement {@link PosixShellSandbox.executeStreaming} —
 * all other operations are implemented by running shell commands through it.
 * Use this for remote environments where only shell access is available
 * (Docker containers, SSH connections, cloud runtimes).
 */
import { Sandbox } from './base.js';
import type { ExecuteOptions } from './base.js';
import type { ExecutionResult, FileInfo, StreamChunk } from './types.js';
/**
 * Validate environment variable names against {@link ENV_KEY_PATTERN}.
 * @throws If any key is not a valid POSIX environment variable name.
 */
export declare function validateEnvKeys(env: Record<string, string>): void;
/**
 * Build a shell `export KEY=VALUE && ...` prefix for a command, or `''` when there are none.
 * Keys are validated; values are {@link shellQuote}d. Used by shell-string backends (e.g. SSH);
 * backends that set env via native flags (e.g. Docker's `-e`) call {@link validateEnvKeys} directly.
 *
 * Uses `export` rather than an `env KEY=VALUE` command wrapper so the variables are set in the
 * shell itself and inherited by every stage of a pipeline. `executeCode` runs `base64 ... | <lang>`,
 * and an `env` wrapper would only bind the left side of the pipe, never reaching the interpreter.
 * The trailing `&&` keeps the surrounding `cd ... && <prefix><command>` chain fail-fast.
 */
export declare function buildShellEnvPrefix(env?: Record<string, string>): string;
/**
 * Abstract sandbox that provides shell-based defaults for file and code operations.
 * Assumes a POSIX-compatible shell (sh/bash) on the target.
 *
 * Subclasses only need to implement {@link executeStreaming}. The remaining
 * operations — `executeCodeStreaming`, `readFile`, `writeFile`, `removeFile`,
 * and `listFiles` — are implemented via shell commands piped through
 * `executeStreaming`.
 *
 * Subclasses may override any method with a native implementation for
 * better performance or to handle edge cases (e.g., binary-safe file
 * transfer via Docker stdin pipes, or native API calls for cloud backends).
 *
 * Subclasses must apply `options.env` in `executeStreaming` or it has no effect:
 * backends that build a shell-command string prepend {@link buildShellEnvPrefix};
 * backends that set env via process flags (e.g. Docker's `-e`) call
 * {@link validateEnvKeys} and pass the values directly.
 */
export declare abstract class PosixShellSandbox extends Sandbox {
    executeCodeStreaming(code: string, language: string, options?: ExecuteOptions): AsyncGenerator<StreamChunk | ExecutionResult, void, undefined>;
    readFile(path: string): Promise<Uint8Array>;
    writeFile(path: string, content: Uint8Array): Promise<void>;
    removeFile(path: string): Promise<void>;
    listFiles(path: string): Promise<FileInfo[]>;
}
//# sourceMappingURL=posix-shell.d.ts.map