added sandbox and bash tool

sandbox/session.py

@@ -0,0 +1,47 @@
+from pathlib import Path
+
+import podman
+
+from agent.config import settings
+
+
+class PodmanSandbox:
+    def __init__(self):
+        # connect to podman socket (rootless)
+        self.client = podman.PodmanClient()
+        self.container = None
+
+    async def __aenter__(self):
+        self.container = self.client.containers.run(
+            "python:3.14",
+            command=["sleep", "60h"],
+            detach=True,
+            runtime="krun",
+            network_mode="none",
+            mem_limit="512m",
+            volumes={
+                str(Path(settings.safedir).absolute()): {
+                    "bind": "/workspace",
+                    "mode": "rw",
+                }
+            },
+            working_dir="/workspace",
+            remove=True,
+        )
+        return self
+
+    async def run(self, command: str) -> str:
+        """Execute command in microVM/"""
+        exit_code, output = self.container.exec_run(
+            ["/bin/sh", "-c", command], workdir="/workspace"
+        )
+        return output.decode()
+
+    async def __aexit__(self, *args):
+        if self.container:
+            try:
+                self.container.stop()
+            except Exception as e:
+                # log but don't raise, best effort cleanup
+                print(f"Warning: Container cleanup failed: {e}")
+                # possibly use logging.warning if we add loggin later