isolated-vm executor backend for @execbox/core.
Docs: https://execbox.aallam.com
- you explicitly want the
isolated-vmruntime instead of QuickJS - your environment can support the native addon install
- you are prepared to run Node 22+ with
--no-node-snapshot
If you want the simpler default backend, use @execbox/quickjs instead.
- Basic provider execution on
isolated-vm - QuickJS-based execbox examples for the shared API surface
- Worker-hosted QuickJS example for the alternate host mode
- Full examples index
npm install @execbox/core @execbox/isolated-vm- Node 22+ must run with
--no-node-snapshot - the optional
isolated-vmnative dependency must install successfully in the host environment - native-addon failures are surfaced when
IsolatedVmExecutoris constructed or used - advanced consumers can import the reusable runner from
@execbox/isolated-vm/runner
- Each execution gets a fresh
isolated-vmcontext with JSON-only tool and result boundaries. - In the default deployment model, provider definitions are controlled by the host application, while hostile users control guest code and tool inputs.
- This package is still in-process execution. It is not a substitute for a separate trust boundary such as a container or VM.
- Providers remain the real capability boundary. If a tool is dangerous, guest code can invoke it.
import { resolveProvider } from "@execbox/core";
import { IsolatedVmExecutor } from "@execbox/isolated-vm";
const provider = resolveProvider({
tools: {
echo: {
execute: async (input) => input,
},
},
});
const executor = new IsolatedVmExecutor();
const result = await executor.execute("await codemode.echo({ ok: true })", [
provider,
]);This package is verified through the workspace security flows:
npm run test:security
npm run test:isolated-vm
npm run verify:isolated-vmThe required CI lane runs the isolated-vm suite on Node 24 with --no-node-snapshot, which is the best local environment to match when validating native-runtime changes.
If process stability and trust separation matter more than in-process performance, prefer @execbox/quickjs with host: "process" or a remote transport boundary.