Home/Use Cases/Execute Untrusted Code

Execute Untrusted Code Without Risk

Run user-submitted scripts, third-party code, or AI-generated programs in fully isolated sandboxes. Hardware-level security, ~100ms startup, zero host exposure.

No credit card requiredSOC 2 compliantISO 27001 certified

The Problem With Running Unknown Code

You need to execute code you don't control — user submissions, AI outputs, third-party scripts. But running it on your servers is dangerous:

  • Malicious code can access your filesystem, secrets, or network
  • Resource exhaustion (infinite loops, memory bombs) crashes your system
  • Container escapes are a real threat — Docker isn't a security boundary
  • Building your own sandbox is complex and error-prone

The Hopx Solution

  • Each execution runs in a dedicated micro-VM — not a container
  • Firecracker hypervisor (same tech as AWS Lambda) ensures isolation
  • Set CPU, memory, and time limits per sandbox
  • Sandbox destroyed after use — no state leakage

Why Teams Choose Hopx for Untrusted Code

Hardware-Level Isolation

Each sandbox runs in its own Firecracker micro-VM with dedicated kernel. No shared resources, no container escapes, no host exposure.

~100ms Cold Starts

Sandboxes boot from pre-built snapshots in milliseconds. No waiting for containers to pull or VMs to provision.

Network & Filesystem Isolation

Control exactly what the sandbox can access. Block network, whitelist domains, or run fully air-gapped.

Full Linux Environment

Not a restricted shell — a complete Linux system with root access, package managers, and any runtime you need.

Simple API, Powerful Isolation

Three lines to execute untrusted code safely. No infrastructure to manage, no security configurations to debug.

What you can run:

  • User-submitted code in your SaaS platform
  • AI/LLM-generated scripts before execution
  • Third-party plugins or extensions
  • Student code in educational platforms
  • Webhook handlers with custom logic
  • Code from untrusted repositories
example.py
1from hopx_ai import Sandbox
2
3# Create isolated sandbox
4sandbox = Sandbox.create(template="code-interpreter")
5
6# Execute untrusted code safely
7untrusted_code = user_input.code  # From user submission
8
9result = sandbox.run_code(untrusted_code)
10
11print(result.stdout)      # Captured output
12print(result.stderr)      # Any errors
13print(result.exit_code)   # 0 = success
14
15# Destroy sandbox - no traces left
16sandbox.kill()

Start Executing Untrusted Code Safely

Get $200 in free credits. No credit card required. Deploy your first sandbox in under 5 minutes.