refactor: address final CodeRabbit feedback

- Fix Windows path escaping in verify_sandbox.py using .as_posix()
- Improve verdict detection with robust regex matching (avoid false positives)
- Wire allow_network parameter to Modal sandbox block_network
- Add finally block for sandbox resource cleanup
- Use lru_cache for thread-safe singleton pattern
- Add OpenAI-only note to LlamaIndexRAGService docstring

examples/modal_demo/verify_sandbox.py

@@ -56,10 +56,10 @@ def test_2_file_system_isolation():
     print(f"Local file exists: {local_file}")
     print(f"Can read locally: {local_file.exists()}")
 
-    # Try to access it from sandbox
+    # Try to access it from sandbox (use POSIX path for Windows compatibility)
     code = f"""
 from pathlib import Path
-file_path = Path("{local_file}")
+file_path = Path("{local_file.as_posix()}")
 exists = file_path.exists()
 print(f"File exists in sandbox: {{exists}}")
 if exists:

src/agents/analysis_agent.py

@@ -235,16 +235,21 @@ Generate executable Python code only (no markdown, no explanations).
         execution_result: dict[str, Any],
     ) -> AnalysisResult:
         """Interpret code execution results using LLM."""
-        # Extract verdict from output
+        import re
+
+        # Extract verdict from output using robust word-boundary matching
         stdout = execution_result["stdout"]
+        stdout_upper = stdout.upper()
         verdict = "INCONCLUSIVE"  # Default
 
-        # Simple heuristic: look for verdict in output
-        if "SUPPORTED" in stdout.upper():
+        # Avoid false positives like "NOT SUPPORTED" or "UNSUPPORTED"
+        if re.search(r"\bSUPPORTED\b", stdout_upper) and not re.search(
+            r"\b(?:NOT|UN)SUPPORTED\b", stdout_upper
+        ):
             verdict = "SUPPORTED"
-        elif "REFUTED" in stdout.upper():
+        elif re.search(r"\bREFUTED\b", stdout_upper):
             verdict = "REFUTED"
-        elif "INCONCLUSIVE" in stdout.upper():
+        elif re.search(r"\bINCONCLUSIVE\b", stdout_upper):
             verdict = "INCONCLUSIVE"
 
         # Parse key findings from output

src/services/llamaindex_rag.py

@@ -15,7 +15,13 @@ logger = structlog.get_logger()
 
 
 class LlamaIndexRAGService:
-    """RAG service using LlamaIndex with ChromaDB vector store."""
+    """RAG service using LlamaIndex with ChromaDB vector store.
+
+    Note:
+        This service is currently OpenAI-only. It uses OpenAI embeddings and LLM
+        regardless of the global `settings.llm_provider` configuration.
+        Requires OPENAI_API_KEY to be set.
+    """
 
     def __init__(
         self,

src/tools/code_execution.py

@@ -5,6 +5,7 @@ It's designed for running LLM-generated statistical analysis code safely.
 """
 
 import os
+from functools import lru_cache
 from typing import Any
 
 import structlog
@@ -120,12 +121,13 @@ class ModalCodeExecutor:
                 app=app,
                 image=scientific_image,
                 timeout=timeout,
-                # Security settings based on Modal docs for untrusted code
+                block_network=not allow_network,  # Wire the network control
             )
 
-            # Execute the code
-            # Wrap code to capture result
-            wrapped_code = f"""
+            try:
+                # Execute the code
+                # Wrap code to capture result
+                wrapped_code = f"""
 import sys
 import io
 from contextlib import redirect_stdout, redirect_stderr
@@ -148,15 +150,15 @@ print(stderr_io.getvalue(), file=sys.stderr)
 print("__STDERR_END__", file=sys.stderr)
 """
 
-            # Run the wrapped code
-            process = sandbox.exec("python", "-c", wrapped_code, timeout=timeout)
+                # Run the wrapped code
+                process = sandbox.exec("python", "-c", wrapped_code, timeout=timeout)
 
-            # Read output
-            stdout_raw = process.stdout.read()
-            stderr_raw = process.stderr.read()
-
-            # Terminate sandbox
-            sandbox.terminate()
+                # Read output
+                stdout_raw = process.stdout.read()
+                stderr_raw = process.stderr.read()
+            finally:
+                # Always clean up sandbox to prevent resource leaks
+                sandbox.terminate()
 
             # Parse output
             success = "__EXECUTION_SUCCESS__" in stdout_raw
@@ -248,13 +250,7 @@ print(json.dumps({{"__RESULT__": result}}))
             return text.strip()
 
 
-# Singleton instance for easy import
-_executor: ModalCodeExecutor | None = None
-
-
+@lru_cache(maxsize=1)
 def get_code_executor() -> ModalCodeExecutor:
-    """Get or create singleton code executor instance."""
-    global _executor
-    if _executor is None:
-        _executor = ModalCodeExecutor()
-    return _executor
+    """Get or create singleton code executor instance (thread-safe via lru_cache)."""
+    return ModalCodeExecutor()