Skip to main content
1

Install

The umbrella package re-exports every runtime target:
pnpm add secure-exec
Or install only the target you need:
# Node.js V8 isolate runtime
pnpm add @secure-exec/node

# Browser Web Worker runtime
pnpm add @secure-exec/browser

# Python (Pyodide) runtime
pnpm add @secure-exec/python
2

Create a runtime

A runtime needs a system driver (host capabilities) and a runtime driver (sandbox execution).
import {
  NodeRuntime,
  createNodeDriver,
  createNodeRuntimeDriverFactory,
} from "@secure-exec/node";

const runtime = new NodeRuntime({
  systemDriver: createNodeDriver(),
  runtimeDriverFactory: createNodeRuntimeDriverFactory(),
});
All exports are also available from "secure-exec" for backward compatibility.
3

Run code

Use exec() to run code for side effects. Console output streams through the onStdio hook.
const logs: string[] = [];

const result = await runtime.exec(
  "const value = 'hello from secure-exec'; console.log(value)",
  {
    onStdio: (event) => logs.push(`[${event.channel}] ${event.message}`),
  }
);

console.log(logs.join("\n"));
// [stdout] hello from secure-exec
4

Return a value

Use run() to execute code and get an exported value back.
const result = await runtime.run<{ default: number }>(
  "export default 2 + 2"
);
console.log(result.exports?.default); // 4
5

Clean up

runtime.dispose();

Next steps

SDK Overview

Full tour of the API surface and core concepts.

Permissions

Control filesystem, network, and process access.

Security Model

Trust boundaries, timing hardening, and resource limits.