Execution Lifecycle
Every execution request follows a strict pipeline to ensure security and isolation.Pipeline Overview
In ephemeral mode, simple requests can skip file injection and execute inline (for example
python -c, node -e, bun -e, bash -c) when no stdin, files, outputPaths, or package installs are requested.Execution Modes
isol8 supports two execution modes, determined by your use case.| Mode | Behavior | Best For |
|---|---|---|
| Ephemeral (Default) | Creates a fresh container for every request. State is lost after execution. | stateless tasks, untrusted code, parallel workloads |
| Persistent | Reuses a single container across multiple requests. Files and state are preserved. | interactive sessions, multi-step workflows, notebooks |
Selecting a Mode
- CLI
- Library
- API
Use the
--persistent flag to enable persistent mode.In CLI persistent mode, the container is tied to the CLI process. To reuse a persistent container across multiple CLI commands, you would need to use the API or Library.
Inputs & Outputs
You can pass code, environment variables, and files into the sandbox.1. Source Code
The core of every request.- CLI
- Library
- API
Pass a file path, an inline string, or pipe from stdin.
1.1 Remote Code URLs
isol8 can fetch source code from a URL before execution. Remote URL execution is controlled by:- request fields:
codeUrl,codeHash,allowInsecureCodeUrl - CLI flags:
--url,--github,--gist,--hash,--allow-insecure-code-url - config policy:
remoteCode.*inisol8.config.json
- CLI
- Library
- API
URL fetching is disabled by default. Enable and tune
remoteCode policy in config first.
For full policy fields and security guidance, see Remote code URLs.2. Environment Variables
Inject configuration or secrets.- CLI
- Library
- API
The CLI only supports Secrets via
--secret. These are injected as environment variables but their values are masked in stdout/stderr.3. Files
Inject files before execution and retrieve them after.- CLI
- Library
- API
The CLI does not currently support generic file injection (
files) or retrieval (outputPaths). It can only capture stdout to a file using --out.Streaming Output
Real-time output is essential for long-running tasks or LLM code generation.- CLI
- Library
- API
Streaming is enabled by default. Use
--no-stream to wait for completion.Resource Limits & Safety
isol8 enforces strict limits to contain untrusted code.| Parameter | CLI Flag | Library Option | Default | Description |
|---|---|---|---|---|
| Timeout | --timeout | timeoutMs | 30s | Hard execution time limit. |
| Memory | --memory | memoryLimit | 512m | RAM limit for the container. |
| CPU | --cpu | cpuLimit | 1.0 | CPU shares (1.0 = 1 core). |
| Network | --net | network | none | none, host, or filtered. |
| Output | --max-output | maxOutputSize | 1MB | Max stdout/stderr size before truncation. |
Output Truncation
If a script produces excessive output, isol8 truncates it to prevent memory issues.result.truncatedwill betrue.- The output will end with a truncation message.
Secret Masking
If you providesecrets (via CLI --secret or Library config), isol8 scans stdout and stderr and replaces occurrences of secret values with ***.
Troubleshooting
Execution Timed Out
Execution Timed Out
The code ran longer than
timeoutMs.- Fix: Increase limit via
--timeoutor optimize the code. - Note: Infinite loops are a common cause.
Output Truncated
Output Truncated
The script printed more data than
maxOutputSize allowed.- Fix: Reduce logging or increase the limit via
--max-output.
File Not Found
File Not Found
Remember that the code runs in an isolated container.
- It cannot see files on your host machine unless you explicitly inject them (Library/API).
- CLI users should pipe data via stdin or use inline strings for simple inputs.
FAQ
Should I pass timeout in request or options?
Should I pass timeout in request or options?
Use
request.timeoutMs when you want a per-execution timeout. Use options.timeoutMs as a baseline engine default for a client/session.When should I use codeUrl instead of code?
When should I use codeUrl instead of code?
Use
codeUrl for pinned remote artifacts (for example immutable GitHub raw URLs). Keep code for direct inline or generated source. Never set both in one request.Why does persistent mode not carry over between separate CLI invocations?
Why does persistent mode not carry over between separate CLI invocations?
CLI runs are process-scoped. For durable cross-call state, use a stable
sessionId through the API or RemoteIsol8.