agent-sandbox

module
v0.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 11, 2026 License: MIT

Directories

Path Synopsis
agent-sandbox/main.go
agent-sandbox/main.go
cmd
agent-sandbox/cmd/claude.go
agent-sandbox/cmd/claude.go
internal/claude
Package claude builds and runs the sandboxed `claude` command: it parses the launcher's arguments, constructs the `nono wrap … claude …` invocation (including the hook settings injected in hook mode), and executes it.
Package claude builds and runs the sandboxed `claude` command: it parses the launcher's arguments, constructs the `nono wrap … claude …` invocation (including the hook settings injected in hook mode), and executes it.
internal/policysnapshot
Package policysnapshot persists the sandbox policy (a *config.Config) to a per-session JSON file so hook-mode `agent-sandbox exec` can route from a frozen copy the agent cannot edit, rather than re-reading the mutable agent-sandbox.toml on every command.
Package policysnapshot persists the sandbox policy (a *config.Config) to a per-session JSON file so hook-mode `agent-sandbox exec` can route from a frozen copy the agent cannot edit, rather than re-reading the mutable agent-sandbox.toml on every command.
internal/router
Package router routes a command to drop/host/container and executes it, independent of any transport (MCP, CLI).
Package router routes a command to drop/host/container and executes it, independent of any transport (MCP, CLI).
internal/safe
Package safe holds shared helpers for the "safe" command wrappers.
Package safe holds shared helpers for the "safe" command wrappers.
internal/safe/dockercompose
Package dockercompose validates and runs docker compose invocations safely.
Package dockercompose validates and runs docker compose invocations safely.
internal/safe/gh
Package gh implements the "safe gh" wrapper: it parses a gh argv and reports invocations outside a narrow allowlist so the command layer can refuse them.
Package gh implements the "safe gh" wrapper: it parses a gh argv and reports invocations outside a narrow allowlist so the command layer can refuse them.
internal/safe/git
Package git implements the "safe git" wrapper: it parses a git argv and reports known-dangerous invocations so the command layer can refuse them.
Package git implements the "safe git" wrapper: it parses a git argv and reports known-dangerous invocations so the command layer can refuse them.
internal/sandboxlifecycle
Package sandboxlifecycle decides whether the Docker sandbox needs starting and, when it does, brings it up — reporting whether the caller now owns it.
Package sandboxlifecycle decides whether the Docker sandbox needs starting and, when it does, brings it up — reporting whether the caller now owns it.
internal/shellquote
Package shellquote quotes strings as single shell tokens.
Package shellquote quotes strings as single shell tokens.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL