Expand description
Input sanitization and structured execution for Lua.
Provides Rust-implemented sanitization primitives exposed to Lua,
powered by the shell_sanitize crate. Lua script authors use
these to validate arguments before passing them to execution APIs.
§Lua API
| Function | Preset | Use case |
|---|---|---|
orcs.sanitize_arg(s) | command_arg | model name, session_id, flags |
orcs.sanitize_path(s) | file_path | relative paths within sandbox |
orcs.sanitize_strict(s) | strict | values reaching a shell |
Each returns {ok, value, error, violations}.
§Structured Execution
| Function | Description |
|---|---|
orcs.exec_argv(program, args [, opts]) | Shell-free execution via Command::new |
exec_argv bypasses the shell entirely. Arguments are passed directly
to the OS exec layer, making shell injection structurally impossible.
§Example
local check = orcs.sanitize_arg(opts.model)
if not check.ok then return { ok = false, error = check.error } end
local result = orcs.llm(prompt, {
model = check.value,
})Functions§
- exec_
argv_ impl - Builds and executes a
Commandfrom program + args + opts. - register_
exec_ argv_ deny - Registers
orcs.exec_argv(base version, deny-by-default). - register_
sanitize_ functions - Registers sanitization functions into the
orcsLua table.