Monty is a sandboxed execution environment designed primarily for running Python code generated by AI models. It provides a secure, isolated runtime that blocks host access, enforces resource limits, and supports pre-execution type checking against built-in type hints to catch signature mismatches before code runs. The sandbox can persist its interpreter state at external function calls, allowing execution sessions to be serialized, stored, and later resumed from a file or database.
What distinguishes Monty is its combination of stateful, resumable execution with multi-language native embedding. The runtime exposes itself as native libraries via FFI for Rust, Python, and JavaScript, giving each language identical behavior when embedding the sandbox engine. It also mounts host directories into a virtual filesystem with configurable access rights and path normalization that prevents escape. Host function access is explicitly whitelisted, so executed code can only interact with approved external functions, enabling secure integration of AI-generated tool calls. Each request runs in a separate process with automatic worker replacement on crash, ensuring one response per request.
The sandbox covers the full lifecycle of AI-generated code execution: type-checking, sandboxed execution, state snapshotting, and persistence for later re-execution. It is built in Rust and provides native bindings that make it embeddable in Rust, Python, or JavaScript applications.
