diff --git a/workflow/packages/engine/src/lib/core/code/code-sandbox.ts b/workflow/packages/engine/src/lib/core/code/code-sandbox.ts
index a39a4b77..df47ed16 100644
--- a/workflow/packages/engine/src/lib/core/code/code-sandbox.ts
+++ b/workflow/packages/engine/src/lib/core/code/code-sandbox.ts
@@ -15,8 +15,11 @@ const loadV8IsolateSandbox = async (): Promise<CodeSandbox> => {
 
 const loadCodeSandbox = async (): Promise<CodeSandbox> => {
     const loaders = {
-        [ExecutionMode.UNSANDBOXED]: loadNoOpCodeSandbox,
-        [ExecutionMode.SANDBOXED]: loadNoOpCodeSandbox,
+        // SECURITY FIX: Changed from loadNoOpCodeSandbox to loadV8IsolateSandbox
+        // to prevent RCE via Function() constructor in no-op sandbox
+        // See: https://github.com/AIxBlock-2023/aixblock-ai-dev-platform-public/issues/XXX
+        [ExecutionMode.UNSANDBOXED]: loadV8IsolateSandbox,
+        [ExecutionMode.SANDBOXED]: loadV8IsolateSandbox,
         [ExecutionMode.SANDBOX_CODE_ONLY]: loadV8IsolateSandbox,
     }
     assertNotNullOrUndefined(EXECUTION_MODE, 'AP_EXECUTION_MODE')