AgentSkillsCN

monty

使用 pydantic-monty 在安全沙箱中执行 Python 代码。适用于运行应与文件系统和网络访问隔离的 LLM 生成代码时。

SKILL.md
--- frontmatter
name: monty
description: Execute Python code in a secure sandbox using pydantic-monty. Use when running LLM-generated code that should be isolated from filesystem/network access.

monty

Execute Python code safely without filesystem/network access.

Run

bash
uv run https://raw.githubusercontent.com/zhouzhuojie/monty-skill/main/monty.py "code here"

Note: Since uv run downloads monty.py from the remote repo, the local functions.py does not exist by default. If you need external functions, create a functions.py file and pass it with -f.

Options

FlagDescription
-f FILEPath to external functions file (default: functions.py)
-t SECTimeout in seconds

External Functions

Define safe functions in functions.py for use in sandboxed code:

python
import random

def random_numbers(count: int) -> list:
    """Generate n random numbers between 0 and 1."""
    return [random.random() for _ in range(count)]

async def fetch(url: str) -> dict:
    return {"data": "example"}

Creating Custom Functions

If a feature isn't available in the built-ins, you can add your own safe functions to functions.py. Monty will automatically detect and load functions that are called in your code.

Example: Generating random numbers

python
# functions.py
import random

def random_numbers(count: int) -> list:
    """Generate n random numbers between 0 and 1."""
    return [random.random() for _ in range(count)]

def random_int(min_val: int, max_val: int, count: int) -> list:
    """Generate n random integers between min and max (inclusive)."""
    return [random.randint(min_val, max_val) for _ in range(count)]

Then use in monty:

bash
uv run https://raw.githubusercontent.com/zhouzhuojie/monty-skill/main/monty.py "result = random_numbers(1000); print(f'Mean: {sum(result)/len(result):.4f}')" -f functions.py

Adding Extra Dependencies

If your external functions need packages like cryptography or requests, use uv run --with:

bash
uv run --with cryptography --with requests https://raw.githubusercontent.com/zhouzhuojie/monty-skill/main/monty.py "encrypt('secret')" -f functions.py

Note: The --with packages are only available to your external functions running on the host. The sandboxed code (LLM-generated) still cannot access these packages directly - it must call through your external functions. This maintains the security guarantee.

Install for Agents

bash
npx skills add zhouzhuojie/monty-skill

Or manually:

bash
git clone https://github.com/zhouzhuojie/monty-skill.git
cp -r monty-skill ~/.claude/skills/  # Claude
cp -r monty-skill ~/.pi/agent/skills/  # Pi

Supported Python

  • Built-ins: print, len, str, int, list, dict, range
  • Control flow, functions, async/await, type hints

Not Supported

  • Third-party libraries (pandas, requests)
  • Classes, match statements
  • Direct filesystem/network access

Examples

See test_monty.py for comprehensive examples.