-
Notifications
You must be signed in to change notification settings - Fork 395
Expand file tree
/
Copy pathsandbox_agent.yaml
More file actions
27 lines (26 loc) · 1.05 KB
/
Copy pathsandbox_agent.yaml
File metadata and controls
27 lines (26 loc) · 1.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
runtime:
# Always run this agent inside a Docker sandbox so callers don't need
# to remember --sandbox on the command line. An explicit
# --sandbox=false on the CLI still wins.
sandbox: true
# Hosts the agent's tools need to reach. Unioned with the
# auto-discovered tool-install hosts and the configured models
# gateway, then added to the sandbox proxy's default-deny
# allowlist. Use this for endpoints the aqua-based resolver
# can't infer.
network_allowlist:
- api.example.com
- registry.npmjs.org
agents:
root:
model: openai/gpt-4o
description: |
A helpful assistant that runs shell commands in a sandboxed environment.
All commands execute inside a Docker container with limited filesystem access.
The agent declares runtime.sandbox: true above, so:
docker agent run examples/sandbox_agent.yaml
is equivalent to:
docker agent run --sandbox examples/sandbox_agent.yaml
instruction: You are a helpful assistant with access to a sandboxed shell environment.
toolsets:
- type: shell