/** * Sandbox Executor - Safe command execution with restrictions */ export type SandboxMode = 'disabled' | 'basic' | 'strict' | 'network-isolated'; export interface SandboxConfig { mode: SandboxMode; allowedCommands?: string[]; blockedCommands?: string[]; blockedPaths?: string[]; timeout?: number; maxOutputSize?: number; cwd?: string; env?: Record; } export interface ExecutionResult { success: boolean; stdout: string; stderr: string; exitCode: number; duration: number; truncated?: boolean; } /** * Default blocked commands (dangerous operations) */ export declare const DEFAULT_BLOCKED_COMMANDS: string[]; /** * Default blocked paths */ export declare const DEFAULT_BLOCKED_PATHS: string[]; /** * Command validator */ export declare class CommandValidator { private blockedCommands; private blockedPaths; private allowedCommands?; constructor(config?: Partial); /** * Validate a command */ validate(command: string): { valid: boolean; reason?: string; }; } /** * Sandbox Executor class */ export declare class SandboxExecutor { private config; private validator; constructor(config?: Partial); /** * Execute a command in the sandbox */ execute(command: string): Promise; /** * Spawn the command */ private spawn; /** * Build environment variables based on sandbox mode */ private buildEnv; /** * Check if a command would be allowed */ wouldAllow(command: string): { allowed: boolean; reason?: string; }; /** * Get current sandbox mode */ getMode(): SandboxMode; /** * Update sandbox mode */ setMode(mode: SandboxMode): void; } /** * Create a sandbox executor */ export declare function createSandboxExecutor(config?: Partial): SandboxExecutor; /** * Quick execute with default sandbox */ export declare function sandboxExec(command: string, config?: Partial): Promise;