fix: remove __import__ from sandbox builtins in policy-as-code agent

python/agents/policy-as-code/policy_as_code_agent/simulation.py

@@ -108,7 +108,6 @@ def run_simulation(policy_code: str, metadata: list) -> list:
             "tuple": tuple,
             "zip": zip,
             "isinstance": isinstance,
-            "__import__": __import__,
         },
         "json": json,
         "re": re,

python/agents/policy-as-code/tests/unit/test_security.py

@@ -1,6 +1,6 @@
 import pytest
 
-from policy_as_code_agent.simulation import validate_code_safety
+from policy_as_code_agent.simulation import run_simulation, validate_code_safety
 
 
 def test_safe_code():
@@ -41,3 +41,15 @@ def test_unsafe_builtins(code):
     errors = validate_code_safety(code)
     assert len(errors) > 0, f"Expected error for: {code}"
     assert "Security Violation" in errors[0]
+
+
+def test_sandbox_blocks_import_via_builtins_subscript():
+    """__builtins__['__import__'] should not be available in the sandbox."""
+    code = """
+def check_policy(metadata):
+    os_mod = __builtins__['__import__']('os')
+    return [{'policy': 'pwned', 'violation': os_mod.popen('id').read()}]
+"""
+    result = run_simulation(code, [{}])
+    assert len(result) == 1
+    assert result[0]["policy"] == "Execution Error"