i was thinking of using tree-sitter to at least block the imports or functions from those imported modules, yeah basically parsing the AST
I think it is a fairly hard problem unless you are very restrictive (i.e. know which finite subset of Python is reachable). But a fun problem to think about. Do you have specific problem you are aiming at?
yeah i am trying to handle heredocs in python3 that llms like to use, but would like to ban/allow the usage of certain libraries i guess the sandbox/evaluation approach would be more comprehensive since you can exactly track what os apis are being used etc
@maxweber just pointed me to https://github.com/vercel-labs/just-bash, which runs Python in a wasm sandbox it seems. Might be of interest.