[FR] Improve AICode to capture more unsafe behaviors

[svilupp]

It would be good to capture other unsafe behavior before we evaluate any code

• file system manipulation (eg, cp, rm`,...)
• spawning separate processes (eg, run, Cmd)

[jpsamaroo]

Probably a better approach would be to run the AI within a virtual machine or Docker container, so that we don't have to guard against dangerous behavior (which is an impossible thing to do robustly, without relying on hardware-based or OS-based isolation). We can always do explicit file copies to/from the machine or do volume mapping so that the AI can modify files on the host system.

[svilupp]

I 100% agree, or a cloud container like: https://e2b.dev/ (they are becoming really popular).

But I'd say that's out-of-scope for PT to manage. The above is just a 80/20 solution.

Tbf, I'm not sure how that would be managed.. Probably easiest to just connect into the container shell and run PT in there (ie, no work required).

[jpsamaroo]

I agree that it would be out-of-scope for PT to manage the VM, but I could see it being worthwhile for PT to provide a way to override just directly executing the code in the current session, so another package could implement a VM and then be "plugged in" to PT.