fix(sandbox): use sandlock's exit_code == -1 sentinel for timeout

Sandbox.run() does not populate result.error on timeout — only the
Pipeline path does.  String-matching on result.error was therefore
unreliable for the common single-sandbox case: a real timeout from
Sandbox.run() returns success=False, exit_code=-1, empty stderr, and
error=None, which my previous logic mis-classified as FAILED.

Switch to the structural signal: sandlock's ExitStatus::Timeout is
exposed as exit_code == -1 (see sandlock's _sdk.py around line 1475).
This matches how sandlock itself detects pipeline timeouts and works
uniformly across Sandbox.run() and any future execution paths.

Verified end-to-end with a real forced timeout against real sandlock:
  status: SandboxStatus.TIMEOUT
  exit: -1
  error: Execution timed out after 1s

Test updated to match: mock_timeout_result.exit_code = -1 and
error = None (reflecting actual Sandbox.run() behavior).

Author: congwang

src/praisonai/praisonai/sandbox/sandlock.py

@@ -290,21 +290,19 @@ def _run() -> Any:
         stdout = self._decode(result.stdout)
         stderr = self._decode(result.stderr)
 
-        # sandlock surfaces timeouts via result.error containing "timed out".
-        # This is authoritative — wall-clock guesses are unreliable because a
-        # process can legitimately finish just under the limit.
-        err_text = (result.error or "") if not result.success else ""
-        is_timeout = "timed out" in err_text.lower() or "timeout" in err_text.lower()
-
+        # sandlock uses exit_code == -1 as the ExitStatus::Timeout sentinel
+        # (see sandlock's python/src/sandlock/_sdk.py).  This is a
+        # structural signal — Sandbox.run() doesn't populate result.error
+        # for timeouts, so string-matching on it is unreliable.
         if result.success:
             status = SandboxStatus.COMPLETED
             error = None
-        elif is_timeout:
+        elif result.exit_code == -1:
             status = SandboxStatus.TIMEOUT
             error = f"Execution timed out after {limits.timeout_seconds}s"
         else:
             status = SandboxStatus.FAILED
-            error = f"Execution failed with exit code {result.exit_code}: {stderr or err_text}"
+            error = f"Execution failed with exit code {result.exit_code}: {stderr}"
 
         return SandboxResult(
             execution_id=execution_id,

src/praisonai/tests/unit/sandbox/test_sandlock_sandbox.py

@@ -125,7 +125,7 @@ async def test_sandlock_execution_success(self):
 
     @pytest.mark.asyncio
     async def test_sandlock_execution_timeout(self):
-        """Timeout is detected via result.error, not wall-clock heuristics."""
+        """Timeout is detected via exit_code == -1 (ExitStatus::Timeout)."""
         mock_sandlock = Mock()
         mock_sandlock.Policy.return_value = Mock()
         mock_sandlock.Sandbox.return_value = Mock()
@@ -135,11 +135,12 @@ async def test_sandlock_execution_timeout(self):
 
         mock_timeout_result = Mock()
         mock_timeout_result.success = False
-        mock_timeout_result.exit_code = 124
+        # sandlock's timeout sentinel — Sandbox.run() does not populate
+        # result.error on timeout, so we rely on the exit_code instead.
+        mock_timeout_result.exit_code = -1
         mock_timeout_result.stdout = b""
         mock_timeout_result.stderr = b""
-        # sandlock surfaces timeout via the error field.
-        mock_timeout_result.error = "process timed out after 10s"
+        mock_timeout_result.error = None
 
         with patch("asyncio.get_running_loop") as mock_loop:
             mock_loop.return_value.run_in_executor = AsyncMock(