{ "schemaVersion": "1.0", "item": { "slug": "docker-sandbox", "name": "Docker Sandbox", "source": "tencent", "type": "skill", "category": "AI 智能", "sourceUrl": "https://clawhub.ai/gitgoodordietrying/docker-sandbox", "canonicalUrl": "https://clawhub.ai/gitgoodordietrying/docker-sandbox", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/docker-sandbox", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=docker-sandbox", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/docker-sandbox" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/docker-sandbox", "agentPageUrl": "https://openagent3.xyz/skills/docker-sandbox/agent", "manifestUrl": "https://openagent3.xyz/skills/docker-sandbox/agent.json", "briefUrl": "https://openagent3.xyz/skills/docker-sandbox/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Docker Sandbox", "body": "Run agents and commands in isolated VM environments using Docker Desktop's sandbox feature. Each sandbox gets its own lightweight VM with filesystem isolation, network proxy controls, and workspace mounting via virtiofs." }, { "title": "When to Use", "body": "Exploring untrusted packages or skills before installing them system-wide\nRunning arbitrary code from external sources safely\nTesting destructive operations without risking the host\nIsolating agent workloads that need network access controls\nSetting up reproducible environments for experiments" }, { "title": "Requirements", "body": "Docker Desktop 4.49+ with the docker sandbox plugin\nVerify: docker sandbox version" }, { "title": "Create a sandbox for the current project", "body": "docker sandbox create --name my-sandbox claude .\n\nThis creates a VM-isolated sandbox with:\n\nThe current directory mounted via virtiofs\nNode.js, git, and standard dev tools pre-installed\nNetwork proxy with allowlist controls" }, { "title": "Run commands inside", "body": "docker sandbox exec my-sandbox node --version\ndocker sandbox exec my-sandbox npm install -g some-package\ndocker sandbox exec -w /path/to/workspace my-sandbox bash -c \"ls -la\"" }, { "title": "Run an agent directly", "body": "# Create and run in one step\ndocker sandbox run claude . -- -p \"What files are in this project?\"\n\n# Run with agent arguments after --\ndocker sandbox run my-sandbox -- -p \"Analyze this codebase\"" }, { "title": "Lifecycle", "body": "# Create a sandbox (agents: claude, codex, copilot, gemini, kiro, cagent)\ndocker sandbox create --name \n\n# Run an agent in sandbox (creates if needed)\ndocker sandbox run [-- ...]\ndocker sandbox run [-- ...]\n\n# Execute a command\ndocker sandbox exec [options] [args...]\n -e KEY=VAL # Set environment variable\n -w /path # Set working directory\n -d # Detach (background)\n -i # Interactive (keep stdin open)\n -t # Allocate pseudo-TTY\n\n# Stop without removing\ndocker sandbox stop \n\n# Remove (destroys VM)\ndocker sandbox rm \n\n# List all sandboxes\ndocker sandbox ls\n\n# Reset all sandboxes\ndocker sandbox reset\n\n# Save snapshot as reusable template\ndocker sandbox save " }, { "title": "Network Controls", "body": "The sandbox includes a network proxy for controlling outbound access.\n\n# Allow specific domains\ndocker sandbox network proxy --allow-host example.com\ndocker sandbox network proxy --allow-host api.github.com\n\n# Block specific domains\ndocker sandbox network proxy --block-host malicious.com\n\n# Block IP ranges\ndocker sandbox network proxy --block-cidr 10.0.0.0/8\n\n# Bypass proxy for specific hosts (direct connection)\ndocker sandbox network proxy --bypass-host localhost\n\n# Set default policy (allow or deny all by default)\ndocker sandbox network proxy --policy deny # Block everything, then allowlist\ndocker sandbox network proxy --policy allow # Allow everything, then blocklist\n\n# View network activity\ndocker sandbox network log " }, { "title": "Custom Templates", "body": "# Use a custom container image as base\ndocker sandbox create --template my-custom-image:latest claude .\n\n# Save current sandbox state as template for reuse\ndocker sandbox save my-sandbox" }, { "title": "Workspace Mounting", "body": "The workspace path on the host is mounted into the sandbox via virtiofs. The mount path inside the sandbox preserves the host path structure:\n\nHost OSHost PathSandbox PathWindowsH:\\Projects\\my-app/h/Projects/my-appmacOS/Users/me/projects/my-app/Users/me/projects/my-appLinux/home/me/projects/my-app/home/me/projects/my-app\n\nThe agent's home directory is /home/agent/ with a symlinked workspace/ directory." }, { "title": "Environment Inside the Sandbox", "body": "Each sandbox VM includes:\n\nNode.js (v20.x LTS)\nGit (latest)\nPython (system)\ncurl, wget, standard Linux utilities\nnpm (global install directory at /usr/local/share/npm-global/)\nDocker socket (at /run/docker.sock - Docker-in-Docker capable)" }, { "title": "Proxy Configuration (auto-set)", "body": "HTTP_PROXY=http://host.docker.internal:3128\nHTTPS_PROXY=http://host.docker.internal:3128\nNODE_EXTRA_CA_CERTS=/usr/local/share/ca-certificates/proxy-ca.crt\nSSL_CERT_FILE=/usr/local/share/ca-certificates/proxy-ca.crt\n\nImportant: Node.js fetch (undici) does NOT respect HTTP_PROXY env vars by default. For npm packages that use fetch, create a require hook:\n\n// /tmp/proxy-fix.js\nconst proxy = process.env.HTTPS_PROXY || process.env.HTTP_PROXY;\nif (proxy) {\n const { ProxyAgent } = require('undici');\n const agent = new ProxyAgent(proxy);\n const origFetch = globalThis.fetch;\n globalThis.fetch = function(url, opts = {}) {\n return origFetch(url, { ...opts, dispatcher: agent });\n };\n}\n\nRun with: node -r /tmp/proxy-fix.js your-script.js" }, { "title": "Safe Package Exploration", "body": "# Create isolated sandbox\ndocker sandbox create --name pkg-test claude .\n\n# Restrict network to only npm registry\ndocker sandbox network proxy pkg-test --policy deny\ndocker sandbox network proxy pkg-test --allow-host registry.npmjs.org\ndocker sandbox network proxy pkg-test --allow-host api.npmjs.org\n\n# Install and inspect the package\ndocker sandbox exec pkg-test npm install -g suspicious-package\ndocker sandbox exec pkg-test bash -c \"find /usr/local/share/npm-global/lib/node_modules/suspicious-package -name '*.js' | head -20\"\n\n# Check for post-install scripts, network calls, file access\ndocker sandbox network log pkg-test\n\n# Clean up\ndocker sandbox rm pkg-test" }, { "title": "Persistent Dev Environment", "body": "# Create once\ndocker sandbox create --name dev claude ~/projects/my-app\n\n# Use across sessions\ndocker sandbox exec dev npm test\ndocker sandbox exec dev npm run build\n\n# Save as template for team sharing\ndocker sandbox save dev" }, { "title": "Locked-Down Agent Execution", "body": "# Deny-all network, allow only what's needed\ndocker sandbox create --name secure claude .\ndocker sandbox network proxy secure --policy deny\ndocker sandbox network proxy secure --allow-host api.openai.com\ndocker sandbox network proxy secure --allow-host github.com\n\n# Run agent with restrictions\ndocker sandbox run secure -- -p \"Review this code for security issues\"" }, { "title": "\"client version X is too old\"", "body": "Update Docker Desktop to 4.49+. The sandbox plugin requires engine API v1.44+." }, { "title": "\"fetch failed\" inside sandbox", "body": "Node.js fetch doesn't use the proxy. Use the proxy-fix.js require hook above, or use curl instead:\n\ndocker sandbox exec my-sandbox curl -sL https://api.example.com/data" }, { "title": "Path conversion on Windows (Git Bash / MSYS2)", "body": "Git Bash converts /path to C:/Program Files/Git/path. Prefix commands with:\n\nMSYS_NO_PATHCONV=1 docker sandbox exec my-sandbox ls /home/agent" }, { "title": "Sandbox won't start after Docker update", "body": "docker sandbox reset # Clears all sandbox state" } ], "body": "Docker Sandbox\n\nRun agents and commands in isolated VM environments using Docker Desktop's sandbox feature. Each sandbox gets its own lightweight VM with filesystem isolation, network proxy controls, and workspace mounting via virtiofs.\n\nWhen to Use\nExploring untrusted packages or skills before installing them system-wide\nRunning arbitrary code from external sources safely\nTesting destructive operations without risking the host\nIsolating agent workloads that need network access controls\nSetting up reproducible environments for experiments\nRequirements\nDocker Desktop 4.49+ with the docker sandbox plugin\nVerify: docker sandbox version\nQuick Start\nCreate a sandbox for the current project\ndocker sandbox create --name my-sandbox claude .\n\n\nThis creates a VM-isolated sandbox with:\n\nThe current directory mounted via virtiofs\nNode.js, git, and standard dev tools pre-installed\nNetwork proxy with allowlist controls\nRun commands inside\ndocker sandbox exec my-sandbox node --version\ndocker sandbox exec my-sandbox npm install -g some-package\ndocker sandbox exec -w /path/to/workspace my-sandbox bash -c \"ls -la\"\n\nRun an agent directly\n# Create and run in one step\ndocker sandbox run claude . -- -p \"What files are in this project?\"\n\n# Run with agent arguments after --\ndocker sandbox run my-sandbox -- -p \"Analyze this codebase\"\n\nCommands Reference\nLifecycle\n# Create a sandbox (agents: claude, codex, copilot, gemini, kiro, cagent)\ndocker sandbox create --name \n\n# Run an agent in sandbox (creates if needed)\ndocker sandbox run [-- ...]\ndocker sandbox run [-- ...]\n\n# Execute a command\ndocker sandbox exec [options] [args...]\n -e KEY=VAL # Set environment variable\n -w /path # Set working directory\n -d # Detach (background)\n -i # Interactive (keep stdin open)\n -t # Allocate pseudo-TTY\n\n# Stop without removing\ndocker sandbox stop \n\n# Remove (destroys VM)\ndocker sandbox rm \n\n# List all sandboxes\ndocker sandbox ls\n\n# Reset all sandboxes\ndocker sandbox reset\n\n# Save snapshot as reusable template\ndocker sandbox save \n\nNetwork Controls\n\nThe sandbox includes a network proxy for controlling outbound access.\n\n# Allow specific domains\ndocker sandbox network proxy --allow-host example.com\ndocker sandbox network proxy --allow-host api.github.com\n\n# Block specific domains\ndocker sandbox network proxy --block-host malicious.com\n\n# Block IP ranges\ndocker sandbox network proxy --block-cidr 10.0.0.0/8\n\n# Bypass proxy for specific hosts (direct connection)\ndocker sandbox network proxy --bypass-host localhost\n\n# Set default policy (allow or deny all by default)\ndocker sandbox network proxy --policy deny # Block everything, then allowlist\ndocker sandbox network proxy --policy allow # Allow everything, then blocklist\n\n# View network activity\ndocker sandbox network log \n\nCustom Templates\n# Use a custom container image as base\ndocker sandbox create --template my-custom-image:latest claude .\n\n# Save current sandbox state as template for reuse\ndocker sandbox save my-sandbox\n\nWorkspace Mounting\n\nThe workspace path on the host is mounted into the sandbox via virtiofs. The mount path inside the sandbox preserves the host path structure:\n\nHost OS\tHost Path\tSandbox Path\nWindows\tH:\\Projects\\my-app\t/h/Projects/my-app\nmacOS\t/Users/me/projects/my-app\t/Users/me/projects/my-app\nLinux\t/home/me/projects/my-app\t/home/me/projects/my-app\n\nThe agent's home directory is /home/agent/ with a symlinked workspace/ directory.\n\nEnvironment Inside the Sandbox\n\nEach sandbox VM includes:\n\nNode.js (v20.x LTS)\nGit (latest)\nPython (system)\ncurl, wget, standard Linux utilities\nnpm (global install directory at /usr/local/share/npm-global/)\nDocker socket (at /run/docker.sock - Docker-in-Docker capable)\nProxy Configuration (auto-set)\nHTTP_PROXY=http://host.docker.internal:3128\nHTTPS_PROXY=http://host.docker.internal:3128\nNODE_EXTRA_CA_CERTS=/usr/local/share/ca-certificates/proxy-ca.crt\nSSL_CERT_FILE=/usr/local/share/ca-certificates/proxy-ca.crt\n\n\nImportant: Node.js fetch (undici) does NOT respect HTTP_PROXY env vars by default. For npm packages that use fetch, create a require hook:\n\n// /tmp/proxy-fix.js\nconst proxy = process.env.HTTPS_PROXY || process.env.HTTP_PROXY;\nif (proxy) {\n const { ProxyAgent } = require('undici');\n const agent = new ProxyAgent(proxy);\n const origFetch = globalThis.fetch;\n globalThis.fetch = function(url, opts = {}) {\n return origFetch(url, { ...opts, dispatcher: agent });\n };\n}\n\n\nRun with: node -r /tmp/proxy-fix.js your-script.js\n\nPatterns\nSafe Package Exploration\n# Create isolated sandbox\ndocker sandbox create --name pkg-test claude .\n\n# Restrict network to only npm registry\ndocker sandbox network proxy pkg-test --policy deny\ndocker sandbox network proxy pkg-test --allow-host registry.npmjs.org\ndocker sandbox network proxy pkg-test --allow-host api.npmjs.org\n\n# Install and inspect the package\ndocker sandbox exec pkg-test npm install -g suspicious-package\ndocker sandbox exec pkg-test bash -c \"find /usr/local/share/npm-global/lib/node_modules/suspicious-package -name '*.js' | head -20\"\n\n# Check for post-install scripts, network calls, file access\ndocker sandbox network log pkg-test\n\n# Clean up\ndocker sandbox rm pkg-test\n\nPersistent Dev Environment\n# Create once\ndocker sandbox create --name dev claude ~/projects/my-app\n\n# Use across sessions\ndocker sandbox exec dev npm test\ndocker sandbox exec dev npm run build\n\n# Save as template for team sharing\ndocker sandbox save dev\n\nLocked-Down Agent Execution\n# Deny-all network, allow only what's needed\ndocker sandbox create --name secure claude .\ndocker sandbox network proxy secure --policy deny\ndocker sandbox network proxy secure --allow-host api.openai.com\ndocker sandbox network proxy secure --allow-host github.com\n\n# Run agent with restrictions\ndocker sandbox run secure -- -p \"Review this code for security issues\"\n\nTroubleshooting\n\"client version X is too old\"\n\nUpdate Docker Desktop to 4.49+. The sandbox plugin requires engine API v1.44+.\n\n\"fetch failed\" inside sandbox\n\nNode.js fetch doesn't use the proxy. Use the proxy-fix.js require hook above, or use curl instead:\n\ndocker sandbox exec my-sandbox curl -sL https://api.example.com/data\n\nPath conversion on Windows (Git Bash / MSYS2)\n\nGit Bash converts /path to C:/Program Files/Git/path. Prefix commands with:\n\nMSYS_NO_PATHCONV=1 docker sandbox exec my-sandbox ls /home/agent\n\nSandbox won't start after Docker update\ndocker sandbox reset # Clears all sandbox state" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/gitgoodordietrying/docker-sandbox", "publisherUrl": "https://clawhub.ai/gitgoodordietrying/docker-sandbox", "owner": "gitgoodordietrying", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/docker-sandbox", "downloadUrl": "https://openagent3.xyz/downloads/docker-sandbox", "agentUrl": "https://openagent3.xyz/skills/docker-sandbox/agent", "manifestUrl": "https://openagent3.xyz/skills/docker-sandbox/agent.json", "briefUrl": "https://openagent3.xyz/skills/docker-sandbox/agent.md" } }