Why use Node.js vm module instead of `isolated-vm` for sandboxed LLM code execution?

[Jason-CKY]

Question: Why use Node.js vm module instead of isolated-vm for sandboxing?

While the implementation in packages/code-mode/src/code_mode_utcp_client.ts leverages Node.js's native vm module for executing LLM-generated TypeScript code in a sandboxed environment, I'm curious about the decision not to use isolated-vm instead. The isolated-vm library is widely regarded for its stronger isolation guarantees, being designed specifically to prevent untrusted code from escaping its sandbox and interfering with the host process or other sandboxes.

Context:

• The vm module executes code in a V8 context, but shares the same thread and some global objects with the parent Node.js process.
• isolated-vm creates true isolates in V8, preventing most forms of escape and providing much tighter separation, which is especially critical for running untrusted or LLM-generated code.

Questions:

• What are the technical or practical reasons for preferring vm over isolated-vm in this codebase?
• Are there limitations, compatibility issues, or performance concerns that led to this choice?
• Are there plans or discussions to adopt isolated-vm in the future for enhanced security and isolation?

References:

• Node.js vm module
• isolated-vm

This question is particularly relevant as LLM-generated code may be untrusted, and robust sandboxing is critical for security. Would appreciate insight from maintainers or those familiar with the design decisions here.