fix(execution): run pptx/docx/pdf generation inside isolated-vm sandbox

Retires the legacy doc-worker.cjs / pptx-worker.cjs pipeline that ran user
DSL via node:vm + full require() in the same UID/PID namespace as the main
Next.js process. User code now runs inside the existing isolated-vm pool
(V8 isolate, no process / require / fs, no /proc/1/environ reachability).

Introduces a first-class SandboxTask abstraction under apps/sim/sandbox-tasks/
that mirrors apps/sim/background/ — one file per task, central typed
registry, kebab-case ids. Adding a new thing that runs in the isolate is
one file plus one registry entry.

Runtime additions in lib/execution/:
 - task-mode execution in isolated-vm-worker.cjs: load pre-built library
   bundles, run task bootstrap, run user code, run finalize, transfer
   Uint8Array result as base64 via IPC
 - named broker IPC bridge (generalizes the existing fetch bridge) with
   args size, result size, and per-execution call caps
 - cooperative AbortSignal support: cancel IPC disposes the isolate, pool
   slot is freed, pending broker-call timers are swept
 - compiled scripts + references explicitly released per execution
 - isolate.isDisposed used for cancellation detection (no error-string
   substring matching)

Library bundles (pptxgenjs, docx, pdf-lib) are built into isolate-safe
IIFE bundles by apps/sim/lib/execution/sandbox/bundles/build.ts and
committed; next.config.ts / trigger.config.ts / Dockerfile updated to
ship them instead of the deleted dist/*-worker.cjs artifacts.

Call sites migrated:
 - app/api/workspaces/[id]/pptx/preview/route.ts
 - app/api/files/serve/[...path]/route.ts (+ test mock)
 - lib/copilot/tools/server/files/{workspace-file,edit-content}.ts

All pass owner key user:<userId> for per-user pool fairness + distributed
lease accounting.

Made-with: Cursor

Author: icecrasher321

apps/sim/app/api/files/serve/[...path]/route.test.ts

@@ -75,10 +75,12 @@ vi.mock('@/lib/uploads/utils/file-utils', () => ({
 
 vi.mock('@/lib/uploads/setup.server', () => ({}))
 
-vi.mock('@/lib/execution/doc-vm', () => ({
-  generatePdfFromCode: vi.fn().mockResolvedValue(Buffer.from('%PDF-compiled')),
-  generateDocxFromCode: vi.fn().mockResolvedValue(Buffer.from('PK\x03\x04compiled')),
-  generatePptxFromCode: vi.fn().mockResolvedValue(Buffer.from('PK\x03\x04compiled')),
+vi.mock('@/lib/execution/sandbox/run-task', () => ({
+  runSandboxTask: vi
+    .fn()
+    .mockImplementation(async (taskId: string) =>
+      taskId === 'pdf-generate' ? Buffer.from('%PDF-compiled') : Buffer.from('PK\x03\x04compiled')
+    ),
 }))
 
 vi.mock('@/lib/uploads/contexts/workspace/workspace-file-manager', () => ({

apps/sim/app/api/files/serve/[...path]/route.ts

@@ -4,11 +4,7 @@ import { createLogger } from '@sim/logger'
 import type { NextRequest } from 'next/server'
 import { NextResponse } from 'next/server'
 import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
-import {
-  generateDocxFromCode,
-  generatePdfFromCode,
-  generatePptxFromCode,
-} from '@/lib/execution/doc-vm'
+import { runSandboxTask } from '@/lib/execution/sandbox/run-task'
 import { CopilotFiles, isUsingCloudStorage } from '@/lib/uploads'
 import type { StorageContext } from '@/lib/uploads/config'
 import { parseWorkspaceFileKey } from '@/lib/uploads/contexts/workspace/workspace-file-manager'
@@ -22,6 +18,7 @@ import {
   findLocalFile,
   getContentType,
 } from '@/app/api/files/utils'
+import type { SandboxTaskId } from '@/sandbox-tasks/registry'
 
 const logger = createLogger('FilesServeAPI')
 
@@ -30,24 +27,24 @@ const PDF_MAGIC = Buffer.from([0x25, 0x50, 0x44, 0x46, 0x2d]) // %PDF-
 
 interface CompilableFormat {
   magic: Buffer
-  compile: (code: string, workspaceId: string) => Promise<Buffer>
+  taskId: SandboxTaskId
   contentType: string
 }
 
 const COMPILABLE_FORMATS: Record<string, CompilableFormat> = {
   '.pptx': {
     magic: ZIP_MAGIC,
-    compile: generatePptxFromCode,
+    taskId: 'pptx-generate',
     contentType: 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
   },
   '.docx': {
     magic: ZIP_MAGIC,
-    compile: generateDocxFromCode,
+    taskId: 'docx-generate',
     contentType: 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
   },
   '.pdf': {
     magic: PDF_MAGIC,
-    compile: generatePdfFromCode,
+    taskId: 'pdf-generate',
     contentType: 'application/pdf',
   },
 }
@@ -65,8 +62,9 @@ function compiledCacheSet(key: string, buffer: Buffer): void {
 async function compileDocumentIfNeeded(
   buffer: Buffer,
   filename: string,
-  workspaceId?: string,
-  raw?: boolean
+  workspaceId: string | undefined,
+  raw: boolean,
+  ownerKey: string | undefined
 ): Promise<{ buffer: Buffer; contentType: string }> {
   if (raw) return { buffer, contentType: getContentType(filename) }
 
@@ -90,7 +88,11 @@ async function compileDocumentIfNeeded(
     return { buffer: cached, contentType: format.contentType }
   }
 
-  const compiled = await format.compile(code, workspaceId || '')
+  const compiled = await runSandboxTask(
+    format.taskId,
+    { code, workspaceId: workspaceId || '' },
+    { ownerKey }
+  )
   compiledCacheSet(cacheKey, compiled)
   return { buffer: compiled, contentType: format.contentType }
 }
@@ -173,6 +175,7 @@ async function handleLocalFile(
   userId: string,
   raw: boolean
 ): Promise<NextResponse> {
+  const ownerKey = `user:${userId}`
   try {
     const contextParam: StorageContext | undefined = inferContextFromKey(filename) as
       | StorageContext
@@ -205,7 +208,8 @@ async function handleLocalFile(
       rawBuffer,
       displayName,
       workspaceId,
-      raw
+      raw,
+      ownerKey
     )
 
     logger.info('Local file served', { userId, filename, size: fileBuffer.length })
@@ -227,6 +231,7 @@ async function handleCloudProxy(
   userId: string,
   raw = false
 ): Promise<NextResponse> {
+  const ownerKey = `user:${userId}`
   try {
     const context = inferContextFromKey(cloudKey)
     logger.info(`Inferred context: ${context} from key pattern: ${cloudKey}`)
@@ -262,7 +267,8 @@ async function handleCloudProxy(
       rawBuffer,
       displayName,
       workspaceId,
-      raw
+      raw,
+      ownerKey
     )
 
     logger.info('Cloud file served', {

apps/sim/app/api/workspaces/[id]/pptx/preview/route.ts

@@ -1,7 +1,7 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { getSession } from '@/lib/auth'
-import { generatePptxFromCode } from '@/lib/execution/doc-vm'
+import { runSandboxTask } from '@/lib/execution/sandbox/run-task'
 import { verifyWorkspaceMembership } from '@/app/api/workflows/utils'
 
 export const dynamic = 'force-dynamic'
@@ -44,7 +44,11 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
       return NextResponse.json({ error: 'code exceeds maximum size' }, { status: 413 })
     }
 
-    const buffer = await generatePptxFromCode(code, workspaceId, req.signal)
+    const buffer = await runSandboxTask(
+      'pptx-generate',
+      { code, workspaceId },
+      { ownerKey: `user:${session.user.id}`, signal: req.signal }
+    )
 
     return new NextResponse(new Uint8Array(buffer), {
       status: 200,

apps/sim/lib/copilot/tools/server/files/edit-content.ts

@@ -4,12 +4,9 @@ import {
   type BaseServerTool,
   type ServerToolContext,
 } from '@/lib/copilot/tools/server/base-tool'
-import {
-  generateDocxFromCode,
-  generatePdfFromCode,
-  generatePptxFromCode,
-} from '@/lib/execution/doc-vm'
+import { runSandboxTask } from '@/lib/execution/sandbox/run-task'
 import { updateWorkspaceFileContent } from '@/lib/uploads/contexts/workspace/workspace-file-manager'
+import type { SandboxTaskId } from '@/sandbox-tasks/registry'
 import { consumeLatestFileIntent } from './file-intent-store'
 import { inferContentType } from './workspace-file'
 
@@ -29,31 +26,31 @@ function getDocumentFormatInfo(fileName: string): {
   isDoc: boolean
   formatName?: string
   sourceMime?: string
-  generator?: (code: string, workspaceId: string, signal?: AbortSignal) => Promise<Buffer>
+  taskId?: SandboxTaskId
 } {
   const lowerName = fileName.toLowerCase()
   if (lowerName.endsWith('.pptx')) {
     return {
       isDoc: true,
       formatName: 'PPTX',
       sourceMime: 'text/x-pptxgenjs',
-      generator: generatePptxFromCode,
+      taskId: 'pptx-generate',
     }
   }
   if (lowerName.endsWith('.docx')) {
     return {
       isDoc: true,
       formatName: 'DOCX',
       sourceMime: 'text/x-docxjs',
-      generator: generateDocxFromCode,
+      taskId: 'docx-generate',
     }
   }
   if (lowerName.endsWith('.pdf')) {
     return {
       isDoc: true,
       formatName: 'PDF',
       sourceMime: 'text/x-pdflibjs',
-      generator: generatePdfFromCode,
+      taskId: 'pdf-generate',
     }
   }
   return { isDoc: false }
@@ -240,7 +237,11 @@ export const editContentServerTool: BaseServerTool<EditContentArgs, EditContentR
 
       if (docInfo.isDoc) {
         try {
-          await docInfo.generator!(finalContent, workspaceId)
+          await runSandboxTask(
+            docInfo.taskId!,
+            { code: finalContent, workspaceId },
+            { ownerKey: `user:${context.userId}` }
+          )
         } catch (err) {
           const msg = err instanceof Error ? err.message : String(err)
           return {

apps/sim/lib/copilot/tools/server/files/workspace-file.ts

@@ -5,11 +5,7 @@ import {
   type BaseServerTool,
   type ServerToolContext,
 } from '@/lib/copilot/tools/server/base-tool'
-import {
-  generateDocxFromCode,
-  generatePdfFromCode,
-  generatePptxFromCode,
-} from '@/lib/execution/doc-vm'
+import { runSandboxTask } from '@/lib/execution/sandbox/run-task'
 import {
   deleteWorkspaceFile,
   downloadWorkspaceFile as downloadWsFile,
@@ -18,6 +14,7 @@ import {
   renameWorkspaceFile,
   uploadWorkspaceFile,
 } from '@/lib/uploads/contexts/workspace/workspace-file-manager'
+import type { SandboxTaskId } from '@/sandbox-tasks/registry'
 import { storeFileIntent } from './file-intent-store'
 
 const logger = createLogger('WorkspaceFileServerTool')
@@ -108,31 +105,31 @@ function getDocumentFormatInfo(fileName: string): {
   isDoc: boolean
   formatName?: 'PPTX' | 'DOCX' | 'PDF'
   sourceMime?: string
-  generator?: (code: string, workspaceId: string, signal?: AbortSignal) => Promise<Buffer>
+  taskId?: SandboxTaskId
 } {
   const lowerName = fileName.toLowerCase()
   if (lowerName.endsWith('.pptx')) {
     return {
       isDoc: true,
       formatName: 'PPTX',
       sourceMime: PPTX_SOURCE_MIME,
-      generator: generatePptxFromCode,
+      taskId: 'pptx-generate',
     }
   }
   if (lowerName.endsWith('.docx')) {
     return {
       isDoc: true,
       formatName: 'DOCX',
       sourceMime: DOCX_SOURCE_MIME,
-      generator: generateDocxFromCode,
+      taskId: 'docx-generate',
     }
   }
   if (lowerName.endsWith('.pdf')) {
     return {
       isDoc: true,
       formatName: 'PDF',
       sourceMime: PDF_SOURCE_MIME,
-      generator: generatePdfFromCode,
+      taskId: 'pdf-generate',
     }
   }
   return { isDoc: false }
@@ -201,7 +198,11 @@ export const workspaceFileServerTool: BaseServerTool<WorkspaceFileArgs, Workspac
           let contentType = inferContentType(fileName, explicitType)
           if (docInfo.isDoc) {
             try {
-              await docInfo.generator!(content, workspaceId)
+              await runSandboxTask(
+                docInfo.taskId!,
+                { code: content, workspaceId },
+                { ownerKey: `user:${context.userId}` }
+              )
             } catch (err) {
               const msg = err instanceof Error ? err.message : String(err)
               return {

apps/sim/lib/core/config/env.ts

@@ -232,6 +232,9 @@ export const env = createEnv({
     IVM_DISTRIBUTED_LEASE_MIN_TTL_MS:      z.string().optional().default('120000'), // Min TTL for distributed in-flight leases (ms)
     IVM_QUEUE_TIMEOUT_MS:                  z.string().optional().default('300000'), // Max queue wait before rejection (ms)
     IVM_MAX_EXECUTIONS_PER_WORKER:         z.string().optional().default('500'),    // Max lifetime executions before worker is recycled
+    IVM_MAX_BROKER_ARGS_JSON_CHARS:        z.string().optional().default('262144'),  // Max JSON payload size for sandbox task broker args (isolate→host)
+    IVM_MAX_BROKER_RESULT_JSON_CHARS:      z.string().optional().default('16777216'),// Max JSON payload size for sandbox task broker results (host→isolate)
+    IVM_MAX_BROKERS_PER_EXECUTION:         z.string().optional().default('1000'),    // Max broker calls per sandbox task execution
 
     // Knowledge Base Processing Configuration - Shared across all processing methods
     KB_CONFIG_MAX_DURATION:                z.number().optional().default(600),     // Max processing duration in seconds (10 minutes)