Proposal: Capsule as a secure code execution tool for untrusted python code

[mavdol]

Hi Dynamiq Team !

I was reading your documentation and saw the security measures you've implemented (restricted imports, built-ins, etc.). It's really great, and I think Capsule could help secure code execution even more.

Basically, it's a runtime that sandboxes AI agent tasks in WebAssembly. But it could be a great local alternative to run untrusted Python code.

It's useful in your case because:

• Each execution runs in its own memory space, with no host access
• It's fast – once warm, each run takes ~10ms
• It works everywhere (dev, prod, etc.) with no setup

There are different ways to implement it. We could create a custom integration for Dynamiq, similar to what we did for LangChain :

from langchain_capsule import CapsulePythonTool

code = """
def factorial(n):
    if n <= 1:
        return 1
    return n * factorial(n - 1)

factorial(6)
"""

tool = CapsulePythonTool()
result = tool.run(code)
print(result) # "720"

Or you could use direct run() calls. With this approach, the first run takes 2-3 seconds (cold start), then every subsequent run is also ~10ms. Here's the documentation showing how to call Capsule directly.

Here are the relevant links:

Main Capsule repo: github.com/mavdol/capsule
LangChain integration (to reference): github.com/mavdol/langchain-capsule

Hope this sparks some curiosity!