Directories
¶
| Path | Synopsis |
|---|---|
|
agent-sandbox/main.go
|
agent-sandbox/main.go |
|
cmd
agent-sandbox/cmd/claude.go
|
agent-sandbox/cmd/claude.go |
|
internal/claude
Package claude builds and runs the sandboxed `claude` command: it parses the launcher's arguments, constructs the `nono wrap … claude …` invocation (including the hook settings injected in hook mode), and executes it.
|
Package claude builds and runs the sandboxed `claude` command: it parses the launcher's arguments, constructs the `nono wrap … claude …` invocation (including the hook settings injected in hook mode), and executes it. |
|
internal/policysnapshot
Package policysnapshot persists the sandbox policy (a *config.Config) to a per-session JSON file so hook-mode `agent-sandbox exec` can route from a frozen copy the agent cannot edit, rather than re-reading the mutable agent-sandbox.toml on every command.
|
Package policysnapshot persists the sandbox policy (a *config.Config) to a per-session JSON file so hook-mode `agent-sandbox exec` can route from a frozen copy the agent cannot edit, rather than re-reading the mutable agent-sandbox.toml on every command. |
|
internal/router
Package router routes a command to drop/host/container and executes it, independent of any transport (MCP, CLI).
|
Package router routes a command to drop/host/container and executes it, independent of any transport (MCP, CLI). |
|
internal/safe
Package safe holds shared helpers for the "safe" command wrappers.
|
Package safe holds shared helpers for the "safe" command wrappers. |
|
internal/safe/dockercompose
Package dockercompose validates and runs docker compose invocations safely.
|
Package dockercompose validates and runs docker compose invocations safely. |
|
internal/safe/gh
Package gh implements the "safe gh" wrapper: it parses a gh argv and reports invocations outside a narrow allowlist so the command layer can refuse them.
|
Package gh implements the "safe gh" wrapper: it parses a gh argv and reports invocations outside a narrow allowlist so the command layer can refuse them. |
|
internal/safe/git
Package git implements the "safe git" wrapper: it parses a git argv and reports known-dangerous invocations so the command layer can refuse them.
|
Package git implements the "safe git" wrapper: it parses a git argv and reports known-dangerous invocations so the command layer can refuse them. |
|
internal/sandboxlifecycle
Package sandboxlifecycle decides whether the Docker sandbox needs starting and, when it does, brings it up — reporting whether the caller now owns it.
|
Package sandboxlifecycle decides whether the Docker sandbox needs starting and, when it does, brings it up — reporting whether the caller now owns it. |
|
internal/shellquote
Package shellquote quotes strings as single shell tokens.
|
Package shellquote quotes strings as single shell tokens. |
|
command-router
module
|
Click to show internal directories.
Click to hide internal directories.