Quickstart

Alternative: NodeRuntime
Next steps

Install

npm install secure-exec

Create a kernel

A kernel manages a virtual filesystem, process table, and permissions. Mount a Node runtime to execute JavaScript.

import {
  createKernel,
  createInMemoryFileSystem,
  createNodeRuntime,
} from "secure-exec";

const filesystem = createInMemoryFileSystem();
const kernel = createKernel({ filesystem });
await kernel.mount(createNodeRuntime());

Run code

Use kernel.exec() to run commands. Use the filesystem to read and write files.

import {
  createKernel,
  createInMemoryFileSystem,
  createNodeRuntime,
} from "secure-exec";

const kernel = createKernel({
  filesystem: createInMemoryFileSystem(),
});
await kernel.mount(createNodeRuntime());

const result = await kernel.exec(
  "node -e \"console.log('hello from secure-exec')\""
);

console.log(result.stdout); // "hello from secure-exec\n"

await kernel.dispose();

Alternative: NodeRuntime

For direct code execution with typed return values, use the NodeRuntime convenience class.

import {
  NodeRuntime,
  createNodeDriver,
  createNodeRuntimeDriverFactory,
} from "secure-exec";

const runtime = new NodeRuntime({
  systemDriver: createNodeDriver(),
  runtimeDriverFactory: createNodeRuntimeDriverFactory(),
});

const result = await runtime.run<{ message: string }>(
  "module.exports = { message: 'hello from secure-exec' };"
);

console.log(result.exports?.message); // "hello from secure-exec"

Next steps

SDK Overview

Full tour of the API surface and core concepts.

Permissions

Control filesystem, network, and process access.

Security Model

Trust boundaries, timing hardening, and resource limits.

SDK Overview

⌘I

Getting Started

Use Cases

System Drivers

Features

Reference

Alternative: NodeRuntime

Next steps

SDK Overview

Permissions

Security Model

Getting Started

Use Cases

System Drivers

Features

Reference

​Alternative: NodeRuntime

​Next steps

SDK Overview

Permissions

Security Model

Alternative: NodeRuntime

Next steps