← 返回 Skills 市场
73
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install alfred-openshell-sandbox
功能描述
Provides isolated sandboxes using NVIDIA OpenShell for secure code execution, security scans, debugging, and test running with resource and network restricti...
使用说明 (SKILL.md)
OpenShell Sandbox Skill
Secure execution environment for specialist agents using NVIDIA OpenShell.
Overview
OpenShell provides sandboxed containers with Landlock LSM + seccomp + network namespaces + L7 policy engine. Each specialist agent gets an isolated sandbox for safe code execution.
Sandboxes Available
| Sandbox | Agent | Purpose | Status |
|---|---|---|---|
coder-sandbox |
coder | Code execution, builds, tests | Ready |
security-sandbox |
security | Pentesting, security scans | Ready |
debug-sandbox |
debug | Bug reproduction, diagnosis | Ready |
test-sandbox |
qa-tester | Test execution | Ready |
CLI Reference
# List all sandboxes
openshell sandbox list
# Execute command in sandbox
openshell sandbox exec -n \x3Csandbox-name> -- \x3Ccommand> [args...]
# Interactive shell
openshell sandbox connect -n \x3Csandbox-name>
# Create new sandbox
openshell sandbox create --name \x3Cname>
# Delete sandbox
openshell sandbox delete \x3Cname>
# View logs
openshell logs -n \x3Csandbox-name>
# Gateway status
openshell status
# Diagnose issues
openshell doctor check
Agent Integration
For Coder Agent
When executing code that could affect the host system:
# Instead of running locally:
python3 script.py
# Run in sandbox:
openshell sandbox exec -n coder-sandbox -- python3 /workspace/script.py
For Security Agent
When running security tools or scans:
# Run nmap, nikto, etc. in isolated sandbox
openshell sandbox exec -n security-sandbox -- nmap -sV target
For Debug Agent
When reproducing bugs or testing fixes:
openshell sandbox exec -n debug-sandbox -- node test.js
For QA-Tester
When running test suites:
openshell sandbox exec -n test-sandbox -- pytest tests/
File Transfer
To copy files between host and sandbox:
# Copy file INTO sandbox (via exec cat)
cat local_file.py | openshell sandbox exec -n coder-sandbox -- tee /workspace/local_file.py
# Copy file FROM sandbox
openshell sandbox exec -n coder-sandbox -- cat /workspace/result.txt > local_result.txt
Policies
Default policies apply L7 network restrictions. To view/modify:
openshell policy list
Resource Limits
- CPU: Shared with host (24GB RAM server)
- Network: Restricted by L7 policy (no outbound by default)
- Disk: Ephemeral (deleted with sandbox)
- Timeout: 30 min default per exec command
Troubleshooting
- Sandbox not found: Run
openshell sandbox listto check status - Gateway down: Run
openshell statusandopenshell doctor check - Permission denied: Sandboxes run as unprivileged user
- Network blocked: Default policy denies outbound; use
openshell policyto modify
Architecture
Host (Ubuntu ARM64)
└── OpenShell Gateway (Docker + k3s)
├── coder-sandbox (aarch64, Python 3.13, Node 22)
├── security-sandbox (aarch64)
├── debug-sandbox (aarch64)
└── test-sandbox (aarch64)
Version
- OpenShell CLI: 0.0.35
- Base image: ghcr.io/nvidia/openshell-community/sandboxes/base:latest
- Platform: aarch64 (ARM64)
安全使用建议
This is an instruction-only skill that documents how to use an existing NVIDIA OpenShell installation. Before installing or using it: (1) Verify you actually have the 'openshell' CLI and gateway reachable from the agent (the SKILL.md assumes this but the metadata does not declare it). (2) Confirm the OpenShell gateway and base image (ghcr.io/nvidia/openshell-community/...) are from a trusted source and up-to-date, and inspect their manifest/content if possible. (3) Validate sandbox isolation (Landlock/seccomp/L7 policies) in your environment — the skill will run arbitrary commands inside sandboxes and can copy host files into them, so a misconfigured gateway could leak host data. (4) Be cautious about running network scans or pentesting commands (legal/ethical considerations and possible outbound network requirements). (5) If you want this skill to be safer, request the author add explicit required-binaries and environment preconditions (openshell CLI presence, gateway URL/credentials if needed) and include provenance/homepage/source information.
功能分析
Type: OpenClaw Skill
Name: alfred-openshell-sandbox
Version: 1.0.0
The skill bundle provides documentation for 'OpenShell,' a sandboxing utility designed for secure code execution. The SKILL.md file contains standard CLI instructions for managing isolated environments (e.g., openshell sandbox exec) and lacks any indicators of malicious intent, data exfiltration, or prompt injection attacks.
能力评估
Purpose & Capability
The name/description (providing OpenShell sandboxes) matches the SKILL.md content: commands, sandboxes, policies and examples are consistent with that purpose. However, the skill metadata declares no required binaries or install steps even though every runtime example requires an 'openshell' CLI and an OpenShell gateway; that undeclared dependency is an incoherence.
Instruction Scope
The SKILL.md confines actions to managing and running commands inside sandboxes (exec, connect, policy, logs). It does not instruct reading unrelated host files or environment variables. It does show file copy patterns (cat | exec tee) which legitimately transfer host data into sandboxes — this is expected for the stated purpose but means host files can be exposed to sandboxes if used.
Install Mechanism
No install spec is present (instruction-only), which minimizes disk writes or hidden downloads. This is coherent for a skill that simply documents how to use an existing OpenShell installation — but the skill should have declared that the 'openshell' binary and gateway must be present and reachable.
Credentials
The skill requests no environment variables or credentials, which is proportional. However, it implicitly requires agent access to an OpenShell gateway/CLI and network access to targets for scans; those runtime privileges are not declared. Also it references a base image (ghcr.io/nvidia/openshell-community/...) — you should validate that image and the gateway's configuration before trusting sandbox isolation.
Persistence & Privilege
The skill is not always-enabled and does not request persistent or system-wide configuration changes. It does not attempt to modify other skills' configs in the instructions.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install alfred-openshell-sandbox - 安装完成后,直接呼叫该 Skill 的名称或使用
/alfred-openshell-sandbox触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial: 4 sandboxes (coder, security, debug, qa-tester), CLI reference, agent integration guide
元数据
常见问题
Alfred OpenShell Sandbox 是什么?
Provides isolated sandboxes using NVIDIA OpenShell for secure code execution, security scans, debugging, and test running with resource and network restricti... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 73 次。
如何安装 Alfred OpenShell Sandbox?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install alfred-openshell-sandbox」即可一键安装,无需额外配置。
Alfred OpenShell Sandbox 是免费的吗?
是的,Alfred OpenShell Sandbox 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Alfred OpenShell Sandbox 支持哪些平台?
Alfred OpenShell Sandbox 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Alfred OpenShell Sandbox?
由 lJokerl(@lllljokerllll)开发并维护,当前版本 v1.0.0。
推荐 Skills