Skip to main content
Enclave is a secure execution environment for running untrusted JavaScript code. It provides a defense-in-depth security model that combines AST validation (via ast-guard), code transformation, and runtime sandboxing to safely execute model-generated code.

AST Validation

Block dangerous constructs before execution using ast-guard’s AgentScript preset

Code Transformation

Automatically transform code for safe execution with proxied functions and loop limits

Runtime Sandboxing

Execute in isolated Node.js vm context with controlled globals and resource limits

When to Use Enclave

Enclave is designed for scenarios where you need to execute JavaScript code from untrusted sources:
  • LLM-generated code - Execute code written by AI models safely
  • User-provided scripts - Run user scripts in a controlled environment
  • Plugin/extension systems - Allow third-party code to run securely
  • Workflow automation - Execute orchestration logic with tool access

Installation

npm install @enclave-vm/core

Quick Start

import { Enclave } from '@enclave-vm/core';

// Create an enclave with a tool handler
const enclave = new Enclave({
  timeout: 5000, // 5 second timeout
  maxToolCalls: 50, // Max 50 tool calls
  maxIterations: 10000, // Max 10K loop iterations
  toolHandler: async (toolName, args) => {
    // Handle tool calls from the script
    console.log(`Tool called: ${toolName}`, args);
    return { result: 'data' };
  },
});

// Execute AgentScript code
const code = `
  const users = await callTool('users:list', { limit: 10 });
  const filtered = users.filter(u => u.active);
  return filtered.length;
`;

const result = await enclave.run(code);

if (result.success) {
  console.log('Result:', result.value);
  console.log('Stats:', result.stats);
} else {
  console.error('Error:', result.error);
}

// Clean up
enclave.dispose();

Execution Results

Enclave returns a structured result with success/error status and execution stats: 
interface ExecutionResult<T> {
  success: boolean;
  value?: T;              // Result value (if success)
  error?: {               // Error details (if failed)
    name: string;
    message: string;
    code: string;
    stack?: string;
  };
  stats: {
    duration: number;      // Execution time in ms
    toolCallCount: number; // Number of tool calls made
    iterationCount: number; // Number of loop iterations
  };
}

Error Codes

CodeMeaningAction
VALIDATION_ERRORAST validation failedFix the code - blocked construct used
EXECUTION_ERRORRuntime error in scriptFix script logic
TIMEOUTExecution exceeded timeoutOptimize or increase timeout
TOOL_ERRORTool call failedCheck tool input/availability
MEMORY_LIMIT_EXCEEDEDMemory limit exceededReduce memory usage or increase limit