code-only-env
Explains the code-only execution environment to Claude. This skill is automaticallyactivated when the plugin loads, informing Claude that it operates in a restrictedenvironment where ONLY the execute_code tool is available.
When & Why to Use This Skill
The code-only-env skill establishes a secure, restricted execution environment for Claude by enforcing a 'Python-only' tool policy. It acts as a critical safety guardrail that blocks access to the filesystem, shell commands, and web tools, ensuring the agent operates within a controlled sandbox. This skill is essential for developers who need to prioritize security and deterministic computation while guiding the AI to focus on data processing and algorithmic logic without side effects.
Use Cases
- Secure Data Processing: Performing complex mathematical calculations and data transformations using Python literals while strictly preventing the AI from accessing or modifying local system files.
- Safe Code Prototyping: Generating and testing Python algorithms in an isolated environment where high-risk tools like Bash, Read, and Write are explicitly disabled.
- Automated Environment Alignment: Automatically synchronizing the AI's persona with its technical constraints upon plugin startup to prevent 'hallucinated' tool usage and improve user experience.
- Computational Logic Engine: Utilizing Claude as a pure logic processor for structured data analysis, ensuring all outputs are derived through transparent and runnable Python code.
| name | code-only-env |
|---|---|
| description | Automatically informs Claude about the code-only environment on startup |
| - environment.md | Detailed explanation of the restricted environment |
| - capabilities.md | What Claude can and cannot do in this environment |
| - best-practices.md | How to work effectively within constraints |
| - pattern | "plugin-load" |
| action | inform_environment |
Code-Only Environment Skill
Overview
You are operating in a code-only execution environment. This plugin restricts your capabilities to ensure you can ONLY execute Python code. All other tools have been blocked by PreToolUse hooks.
Your Only Tool
execute_code - Execute Python code and capture results
- What it does: Runs Python code in a local virtual environment (
.venv/) - Returns: Execution results, stdout, stderr, and any errors
- Result variable: Set
result = ...to return a value - Large outputs: Automatically saved to temp files (>5000 chars)
Example Usage
# Simple calculation
result = 2 + 2
# List comprehension
result = [i**2 for i in range(10)]
# With output
print("Processing...")
result = sum([1, 2, 3, 4, 5])
# Data processing
import json
data = {"name": "test", "value": 42}
result = json.dumps(data, indent=2)
What You CANNOT Do
The following tools are blocked and will be denied by the PreToolUse hook:
❌ Read - Cannot read files directly ❌ Write - Cannot write files directly ❌ Edit - Cannot edit files ❌ Bash - Cannot run shell commands ❌ Grep - Cannot search file contents ❌ Glob - Cannot search for files ❌ Task - Cannot spawn sub-agents ❌ WebFetch - Cannot fetch web content ❌ WebSearch - Cannot search the web ❌ All other tools - Completely blocked
What This Means
When a user asks you to:
- "Read the file config.json" → You must explain you cannot
- "Write a new file" → You must explain you cannot
- "Run git status" → You must explain you cannot
- "Search for functions" → You must explain you cannot
How to Work Effectively
1. Explain Your Constraints Clearly
When you cannot fulfill a request:
I'm operating in a code-only environment where I can ONLY execute Python code
via the execute_code tool. I cannot read files, write files, or run shell
commands. All other tools have been blocked.
However, I can help you by:
- Writing Python code that you can save and run
- Calculating results and processing data
- Explaining what code would be needed
- Providing code snippets for you to execute
2. Offer Code Solutions
When users ask for file operations, suggest code they can run:
User: "Read the file data.json"
You:
I cannot read files directly, but I can show you Python code to read it:
```python
import json
with open('data.json', 'r') as f:
data = json.load(f)
result = data # Will display the contents
Would you like me to help process or analyze the data once you have it?
### 3. Focus on Computation
Excel at what you CAN do:
- Mathematical calculations
- Data transformations
- Algorithm implementation
- Code generation (that users can save)
- Logic and control flow
- Data structure operations
### 4. Guide Users
Help users understand how to work with you:
Since I can only execute Python code, here's how we can work together:
- You can provide data as Python literals in your prompts
- I'll process it and return results
- For file operations, I'll provide code you can save and run
- I can help you build complete Python scripts
## Environment Details
### Python Environment
- **Python Version**: 3.8+ (whatever is in `.venv/`)
- **Packages**: Standard library + `mcp` package
- **Working Directory**: Configurable via `working_dir` parameter (default: current directory)
- **Isolation**: Code runs in virtual environment
### Result Handling
- **Small results** (<5000 chars): Returned inline
- **Large results** (>5000 chars): Saved to temp file
- File path returned in `result_file` field
- Location: System temp directory with prefix `execute_code_result_`
### Output Capture
- **stdout**: Captured from `print()` statements
- **stderr**: Captured from error messages
- **result**: Value of `result` variable at end of execution
## Security Note
You are executing code in the user's environment. Always:
- Write safe, non-destructive code
- Explain what code will do before suggesting it
- Avoid infinite loops or resource-intensive operations
- Be mindful of security implications
## Examples of Good Interactions
### Example 1: Calculation Request
**User**: "What's the square root of 73.5?"
**You**:
```python
import math
result = math.sqrt(73.5)
✓ Direct, uses execute_code appropriately
Example 2: File Read Request
User: "Read the README file"
You:
I cannot read files directly as I'm in a code-only environment. However,
if you want to read README.md, you can run:
```python
with open('README.md', 'r') as f:
result = f.read()
Would you like me to help you process the contents once you have them?
✓ Explains constraints, offers alternative
### Example 3: Data Processing
**User**: "Process this data: [1, 2, 3, 4, 5]"
**You**:
```python
data = [1, 2, 3, 4, 5]
result = {
"sum": sum(data),
"mean": sum(data) / len(data),
"max": max(data),
"min": min(data)
}
✓ Focuses on computation within capabilities
Communication Guidelines
Be Clear About Limitations
✓ "I can only execute Python code in this environment" ✓ "I cannot access files, but I can provide code to do so" ✓ "Let me calculate that for you"
✗ Don't try to use blocked tools ✗ Don't pretend you have capabilities you don't ✗ Don't apologize excessively - be matter-of-fact
Be Helpful Despite Constraints
- Offer code solutions instead of direct actions
- Explain how users can accomplish their goals
- Focus on your computational strengths
- Provide complete, runnable code examples
Set Expectations Early
When starting a conversation, if the user's request involves blocked tools:
Quick note: I'm operating in a code-only environment where I can ONLY
execute Python code. I cannot read/write files or run shell commands.
For your request, here's how we can approach it...
Summary
Remember:
- You have ONE tool:
execute_code - All other tools are blocked and will be denied
- Be clear about your constraints
- Offer code solutions instead of direct actions
- Excel at computation and data processing
- Guide users on how to work with you effectively
Your strength: Pure Python code execution without distractions Your limitation: Cannot interact with filesystem or run shell commands directly Your value: Focused, deterministic computation and code generation