Struct RustSandboxExecutor 

pub struct RustSandboxExecutor { /* private fields */ }

The flagship Rust-authored code execution backend.

Compiles and executes authored Rust using a host-local process approach. Phase 1 is honest about isolation: it can enforce timeouts and output truncation, but cannot enforce network or filesystem restrictions.

Backend Capability Reporting

RustSandboxExecutor reports its capabilities truthfully through BackendCapabilities. The phase 1 implementation uses host-local process execution (rustc + spawned binary), so:

Capability	Enforced	Reason
Isolation class	HostLocal	Runs as a local process, not in a container
Network policy	No	Host-local processes inherit host network access
Filesystem policy	No	Host-local processes inherit host filesystem access
Environment policy	No	Host-local processes inherit host environment
Timeout	Yes	Enforced via tokio::time::timeout
Structured output	Yes	Harness extracts JSON from last stdout line
Process execution	No	User code cannot spawn child processes through the harness
Persistent workspace	No	Each execution uses a fresh temp directory
Interactive sessions	No	Single-shot execution only

Callers should use [validate_policy] to check whether a requested [SandboxPolicy] is compatible with these capabilities before execution. If a policy requests a control the backend cannot enforce (e.g., disabled network), validation fails with ExecutionError::UnsupportedPolicy.

Example

use adk_code::{CodeExecutor, RustSandboxExecutor, ExecutionIsolation};

let executor = RustSandboxExecutor::default();
assert_eq!(executor.name(), "rust-sandbox");
assert_eq!(executor.capabilities().isolation, ExecutionIsolation::HostLocal);
assert!(executor.capabilities().enforce_timeout);
assert!(!executor.capabilities().enforce_network_policy);

Implementations

impl RustSandboxExecutor

pub fn new(config: RustSandboxConfig) -> Self

Create a new executor with the given configuration.

Trait Implementations

impl Clone for RustSandboxExecutor

fn clone(&self) -> RustSandboxExecutor

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl CodeExecutor for RustSandboxExecutor

fn name(&self) -> &str

Human-readable backend name.

fn capabilities(&self) -> BackendCapabilities

The capabilities this backend can enforce.

fn supports_language(&self, lang: &ExecutionLanguage) -> bool

Whether this backend supports the given language.

fn execute<'life0, 'async_trait>( &'life0 self, request: ExecutionRequest, ) -> Pin<Box<dyn Future<Output = Result<ExecutionResult, ExecutionError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Execute a request and return a structured result.

fn start<'life0, 'async_trait>( &'life0 self, ) -> Pin<Box<dyn Future<Output = Result<(), ExecutionError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Start the execution environment (e.g., create and start a container).

fn stop<'life0, 'async_trait>( &'life0 self, ) -> Pin<Box<dyn Future<Output = Result<(), ExecutionError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Stop the execution environment and release resources.

fn restart<'life0, 'async_trait>( &'life0 self, ) -> Pin<Box<dyn Future<Output = Result<(), ExecutionError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Restart the execution environment.

fn is_running<'life0, 'async_trait>( &'life0 self, ) -> Pin<Box<dyn Future<Output = bool> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Whether the execution environment is currently running.

impl Debug for RustSandboxExecutor

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for RustSandboxExecutor

fn default() -> Self

Returns the “default value” for a type.