let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: clarify sandbox env + recreate guidance

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-20 15:00:03 +00:00
parent 390ba5f42a
commit 04ee9e7765
4 changed files with 32 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/gateway/sandboxing.md
View File

@@ -105,6 +105,11 @@ Build it once:
scripts/sandbox-setup.sh
```
Note: the default image does **not** include Node. If a skill needs Node (or
other runtimes), either bake a custom image or install via
`sandbox.docker.setupCommand` (requires network egress + writable root +
root user).
Sandboxed browser image:
```bash
scripts/sandbox-browser-setup.sh
@@ -129,6 +134,8 @@ Common pitfalls:
- Default `docker.network` is `"none"` (no egress), so package installs will fail.
- `readOnlyRoot: true` prevents writes; set `readOnlyRoot: false` or bake a custom image.
- `user` must be root for package installs (omit `user` or set `user: "0:0"`).
- Sandbox exec does **not** inherit host `process.env`. Use
`agents.defaults.sandbox.docker.env` (or a custom image) for skill API keys.
## Tool policy + escape hatches
Tool allow/deny policies still apply before sandbox rules. If a tool is denied