I agree, and as much as I think AI helps productivity, for a high security solution,

> Recently, with Claude's help, I rewrote everything on top of rusty_v8 directly.

worries me

Yes, exactly. The other reason Cloudflare workers runtime is secure is that they are incredibly active at keeping it patched and up to date with V8 main. It's often ahead of Chrome in adopting V8 releases.

Fair point. The V8 isolate provides memory isolation, and we enforce CPU limits (100ms) and memory caps (128MB). Workers run in separate isolates, not separate processes, so it's similar to Cloudflare's model. That said, for truly untrusted third-party code, I'd recommend running the whole thing in a container/VM as an extra layer. The sandboxing is more about resource isolation than security-grade multi-tenancy.

I don't think what you want us even possible. How would such guarantees even look like? "Hello, we are a serious cybersec firm and we have evaluated the code and it's pretty sound, trust us!"?

"Hello, we are a serious cybersec firm and we have evaluated the code and here are our test with results that proof that we didn't find anything, the code is sound; Have we been through? We have, trust us!"

Cloudflare needs to worry about their sandbox, because they are running your code and you might be malicious. You have less reason to worry: if you want to do something malicious to the box your worker code is running on, you already have access (because you're self-hosting) and don't need a sandbox escape.

Since it’s self hosted the sandboxing aspect at the language/runtime level probably matters just a little bit less.

I think this is, sandboxed so your debugging didn't need to consider interactions, not sandboxes so you can run untrusted code.

Not if you're self-hosting and running your own trusted code, you don't. I care about resource isolation, not security isolation, between my own services.