Graphorin API reference v0.1.0
Graphorin API reference / @graphorin/security / / ResolvedSandboxPolicy
Interface: ResolvedSandboxPolicy
Defined in: packages/security/src/sandbox/sandbox.ts:76
Per-tool / per-skill sandbox policy. The dispatcher resolves the effective policy from the trust tier, the source, and any operator overrides; downstream code consumes the resolved object verbatim.
Stable
Properties
| Property | Modifier | Type | Description | Defined in |
|---|---|---|---|---|
forced | readonly | boolean | Whether the resolver mandated this policy regardless of operator preference. | packages/security/src/sandbox/sandbox.ts:87 |
kind | readonly | SandboxKind | - | packages/security/src/sandbox/sandbox.ts:77 |
maxMemoryMb | readonly | number | Memory ceiling in MB. | packages/security/src/sandbox/sandbox.ts:85 |
noFilesystem | readonly | boolean | Block filesystem access. | packages/security/src/sandbox/sandbox.ts:81 |
noNetwork | readonly | boolean | Block outbound network calls. | packages/security/src/sandbox/sandbox.ts:79 |
reason | readonly | string | Human-readable explanation surfaced through traces / WARN logs. | packages/security/src/sandbox/sandbox.ts:89 |
timeoutMs | readonly | number | Hard wall-clock timeout in milliseconds. | packages/security/src/sandbox/sandbox.ts:83 |