feat: 新增 stardomain 沙箱子项目脚手架(Docker + Rust 过滤层)

提供统一沙箱运行时,支持 local/sandbox 两种模式切换。Rust 层负责命令和代码的策略过滤,
Docker 层负责实际的进程隔离。包含三种预设策略:agent_exec / tool_run / untrusted。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
2026-06-04 10:07:30 +00:00
parent 6932294ddd
commit 32bdbe77ff
13 changed files with 2021 additions and 0 deletions
+14
View File
@@ -0,0 +1,14 @@
[build-system]
requires = ["maturin>=1.0,<2.0"]
build-backend = "maturin"
[project]
name = "stardomain"
version = "0.1.0"
description = "Sandbox runtime for KiloStar — Docker-based isolation with Rust filtering layer."
requires-python = ">=3.11"
license = { text = "Apache-2.0" }
authors = [{ name = "zhaoxi826" }]
[tool.maturin]
features = ["pyo3/extension-module"]