[networked]

Sandboxing in Wile is based on "A Security Kernel Based on the Lambda-Calculus" by Jonathan A. Rees (https://dspace.mit.edu/entities/publication/ef87c5a4-aae4-41...). This 2020 HN comment recommends it as the best paper the user read that year: https://news.ycombinator.com/item?id=25354770. The report itself is from 1996. Sounds worth reading.

My current choice of Go interpreter for untrusted code is Starlark in Go (https://github.com/google/starlark-go/). Since Starlark is a dialect of Python, it's occurred to me it might be fun to put a Hy-like (https://hylang.org/) layer on top.