fix: use context managers for file reads in sandbox_program_utils.py

[vominh1919]

Problem

Four instances of open().read() without a context manager in verifiers/v1/utils/sandbox_program_utils.py. Each call opens a file, reads its contents, but never explicitly closes the file descriptor. While Python's GC will eventually close them, this is a resource leak — especially if the code is called repeatedly or under memory pressure.

# Before — file descriptor leaked
defs = json.loads(open(TOOL_DEFS_BY_PROTOCOL_PATH).read())
config = json.loads(open(RUNNER_CONFIG_PATH).read())
task = json.loads(open(TASK_PATH).read())
state = json.loads(open(STATE_INPUT_PATH).read())

Fix

Replace with with open() as f: json.load(f) context managers, which guarantee the file is closed even if json.load() raises:

# After — file descriptor properly managed
with open(TOOL_DEFS_BY_PROTOCOL_PATH) as f:
    defs = json.load(f)

Tests

• Verified syntax with ast.parse()
• No behavioral change — same JSON parsing, just with proper resource cleanup

---

Note

Low Risk
Low risk: behavior is unchanged aside from ensuring file descriptors are always closed during JSON reads. Impact is limited to sandbox runner initialization/config loading paths.

Overview
Ensures the sandbox runner code in verifiers/v1/utils/sandbox_program_utils.py reads JSON inputs (tool defs, runner config, task, and state) using with open(...) context managers and json.load() instead of open().read() + json.loads().

This eliminates potential file-descriptor leaks during repeated sandbox executions without changing the parsed data or control flow.

^{Reviewed by Cursor Bugbot for commit 4be5213. Bugbot is set up for automated code reviews on this repo. Configure here.}