Hadrian is experimental alpha software. Do not use in production.
Hadrian
ConfigurationFeatures

Code Execution

Configure server-side code execution capabilities

The [features.code_execution] section configures server-side code execution. By default, code execution happens client-side via WebAssembly in the browser (Pyodide for Python, QuickJS for JavaScript).

Client-side WASM execution requires no server configuration. This section is only needed for server-side sandboxed execution.

Configuration Reference

Main Settings

[features.code_execution]
enabled = true
mode = "wasm"
allowed_languages = ["python", "javascript"]
timeout_secs = 30
max_memory_mb = 256
KeyTypeDefaultDescription
enabledbooleantrueEnable code execution
modestring"wasm"Execution mode
allowed_languagesarray["python", "javascript"]Allowed languages
timeout_secsinteger30Execution timeout
max_memory_mbinteger256Maximum memory per execution

Execution Modes

WASM (Default)

Client-side execution in the browser:

[features.code_execution]
enabled = true
mode = "wasm"

No server-side configuration needed. Runs via:

  • Python: Pyodide (numpy, pandas, matplotlib available)
  • JavaScript: QuickJS (sandboxed)

Sandboxed

Server-side execution in containers:

[features.code_execution]
enabled = true
allowed_languages = ["python", "javascript", "bash"]
timeout_secs = 60
max_memory_mb = 512

[features.code_execution.mode]
sandboxed = { runtime = "docker" }
RuntimeDescription
dockerDocker containers
firecrackerFirecracker microVMs
gvisorgVisor sandboxed containers

External Service

Delegate to an external code execution service:

[features.code_execution]
enabled = true
allowed_languages = ["python", "javascript", "r", "julia"]
timeout_secs = 120
max_memory_mb = 1024

[features.code_execution.mode]
external = { url = "https://code-exec.example.com", api_key = "${CODE_EXEC_API_KEY}" }
KeyTypeDescription
urlstringExternal service URL
api_keystringAPI key for authentication

Complete Examples

Client-Side Only (Default)

[features.code_execution]
enabled = true
mode = "wasm"
allowed_languages = ["python", "javascript"]
timeout_secs = 30
max_memory_mb = 256

Docker Sandboxed

[features.code_execution]
enabled = true
allowed_languages = ["python", "javascript", "bash", "ruby"]
timeout_secs = 60
max_memory_mb = 512

[features.code_execution.mode]
sandboxed = { runtime = "docker" }

External Service

[features.code_execution]
enabled = true
allowed_languages = ["python", "javascript", "r", "julia", "sql"]
timeout_secs = 120
max_memory_mb = 2048

[features.code_execution.mode]
external = { url = "https://code-exec.internal.company.com", api_key = "${CODE_EXEC_API_KEY}" }

Security Considerations

Server-side code execution requires careful security configuration. Consider: - Network isolation for containers - Resource limits (CPU, memory, disk) - Execution timeouts - Language restrictions

See Also

Web Search

Configure web search providers for the web_search tool

Image Fetching

Configure HTTP image URL fetching for non-OpenAI providers

On this page

Configuration ReferenceMain SettingsExecution ModesWASM (Default)SandboxedExternal ServiceComplete ExamplesClient-Side Only (Default)Docker SandboxedExternal ServiceSecurity ConsiderationsSee Also