Show HN: Riza – Safely run untrusted code from your app
Riza is the production-ready isolated runtime for untrusted code.
How it works
1
You prompt an LLM to write code.
TypeScript and Python tend to get the best results.
2
POST the code to the /v1/execute API endpoint.
Include command line args, stdin, files, and env vars.
3
Riza safely runs the code and returns the output.
Your response includes the exit code, stdout, and stderr.
What is the Code Interpreter API?
A service for executing untrusted Python, JavaScript, TypeScript, Ruby and PHP.
How are people using it today?
Teams are using it to run code generated by LLMs, power data transformations, and extend their products for enterprise customers.
Why is it secure?
Code is executed inside an isolated WebAssembly context. Learn more in our security documentation.
What are the current runtime limitations?
Check out our product roadmap to see what we're working on.
- Code only has access to data you provide, which includes command-line arguments, environment variables, files and
stdin
. - Read/write access to the `/mnt/req` directory, read-only access to the rest of the filesystem.
- Use external packages with Python and JavaScript via custom runtimes. Other interpreters have access to the language's standard library.
- Network access is limited to HTTP.
- No support for alternative interpreter versions.
- Execution time is limited to 30 seconds per invocation.
- Memory consumption is limited to 128Mib per invocation.
How much does it cost?
Riza is free to use for your side projects. For enterprise users, we charge based on usage. See our pricing page for full details.
Can I self-host the Code Interpreter API?
What's coming next?
Our full roadmap is available in our documentation, but here are some highlights:
- [shipped] Add support for secrets and HTTP API credentials.
- [shipped] Allow further interpreter customization via third-party packages and dependencies.
- [shipped] Allow filesystem access, with customer-defined capability controls.
Please send us an email or join us on Discord if you have questions or suggestions.