How to treat code execution. "auto" (default) is safe-by-default: trusted
code runs directly, untrusted code is sandboxed if possible and otherwise
refuses. false is the dangerous opt-out — run unconfined (you audited it, or
you trust the outer container). "strict" forces confinement even for trusted
code and throws if no sandbox is available.
How to treat code execution.
"auto"(default) is safe-by-default: trusted code runs directly, untrusted code is sandboxed if possible and otherwise refuses.falseis the dangerous opt-out — run unconfined (you audited it, or you trust the outer container)."strict"forces confinement even for trusted code and throws if no sandbox is available.