A minimal, secure Python interpreter written in Rust, Monty enables AI agents to safely execute LLM-generated code without the overhead of traditional container sandboxing. It targets developers building AI agents who need to run untrusted Python code quickly and reliably, offering microsecond startup times and controlled execution environments.

How It Works

Monty provides a Rust-based Python interpreter that strictly isolates code execution from the host environment. It achieves security by intercepting and controlling access to the filesystem, environment variables, and network, exposing these capabilities only through developer-defined external function calls. The interpreter supports modern Python type hints via the included ty binary for static analysis and can serialize its execution state (snapshotting) for later resumption. Its architecture prioritizes extremely fast startup times (<1μs) and runtime performance comparable to CPython, making it suitable for embedded use across Rust, Python, and JavaScript applications.

Quick Start & Requirements

Installation is straightforward via uv add pydantic-monty or pip install pydantic-monty. The project requires Python and can be integrated into Rust or JavaScript projects. No specific hardware like GPUs is mentioned. Type checking requires the ty tool, which is bundled.

Highlighted Details

• Security: Host access (filesystem, network, env) is blocked by default and mediated via external function calls.
• Performance: Achieves sub-microsecond startup times and runtime performance similar to CPython.
• Snapshotting: Supports serialization of interpreter state to bytes for persistence and resumption.
• Type Checking: Integrates ty for full modern Python type hint validation.
• Embeddability: Usable from Rust, Python, and JavaScript due to its lack of CPython dependencies.
• Resource Control: Tracks memory, allocations, stack depth, and execution time.

Maintenance & Community

Information regarding active maintenance, notable contributors, or community channels (e.g., Discord, Slack) is not detailed in the provided project description.

Licensing & Compatibility

The license type is not explicitly stated, requiring further investigation for commercial use or closed-source integration compatibility.

Limitations & Caveats

Monty is explicitly marked as experimental and not ready for production. Its Python language support is intentionally limited, excluding classes, match statements, most of the standard library, and all third-party Python libraries.