// Manage OpenComputer cloud sandboxes. Use when the user wants to create, run commands in, checkpoint, or manage sandbox environments. Auto-invokes when sandboxes, remote environments, or the oc CLI are mentioned.
| name | opencomputer |
| description | Manage OpenComputer cloud sandboxes. Use when the user wants to create, run commands in, checkpoint, or manage sandbox environments. Auto-invokes when sandboxes, remote environments, or the oc CLI are mentioned. |
| allowed-tools | Bash(oc *), Bash(which oc), Bash(curl *), Bash(open *), Bash(xdg-open *), Bash(chmod *), Read, Grep, Glob |
You have access to the oc CLI for managing OpenComputer cloud sandboxes. Use it to create sandboxes, execute commands, manage checkpoints, and more.
oc command)Before running any sandbox command, make sure the user is set up. Do these checks in order, only fixing what's broken:
oc CLI installed?which oc
If it returns a path → installed, skip to step 2.
If it returns nothing / non-zero exit → install it with the official one-liner:
curl -fsSL https://raw.githubusercontent.com/diggerhq/opencomputer/main/scripts/install.sh | bash
This installs oc to ~/.local/bin/oc. If ~/.local/bin is not on the user's PATH, tell them to add export PATH="$HOME/.local/bin:$PATH" to their shell rc file, and use the full path ~/.local/bin/oc for the rest of this session.
oc config show
If API Key is shown (even masked) → logged in, you're done.
If no API key is set, OR a sandbox command fails with an auth error (401, "unauthorized", "missing API key"):
open https://app.opencomputer.devxdg-open https://app.opencomputer.devoc config set api-key YOUR_API_KEY
Do not prompt them for the key in the chat — they should paste it into their own terminal so it never leaves their machine.
# Create a sandbox (returns sandbox ID)
oc sandbox create --timeout 300 --cpu 1 --memory 512
oc sandbox create --env KEY=VALUE --env KEY2=VALUE2
oc sandbox create --secret-store my-secrets --metadata project=demo
oc create # shortcut
# List running sandboxes
oc sandbox list
oc ls # shortcut
# Get sandbox details
oc sandbox get <sandbox-id>
# Kill a sandbox
oc sandbox kill <sandbox-id>
# Hibernate (saves state to S3, can wake later)
oc sandbox hibernate <sandbox-id>
# Wake a hibernated sandbox
oc sandbox wake <sandbox-id> --timeout 300
# Update timeout
oc sandbox set-timeout <sandbox-id> <seconds>
oc exec streams stdout/stderr live by default and exits with the remote process's exit code. Use --wait for buffered/synchronous execution (needed for --json), or --detach to fire-and-forget.
# Stream live (default)
oc exec <sandbox-id> -- echo hello
oc exec <sandbox-id> --cwd /app -- npm install
oc exec <sandbox-id> --timeout 120 -- make build
oc exec <sandbox-id> --env NODE_ENV=production -- node server.js
# Buffered + JSON envelope (exitCode, stdout, stderr) — required for scripting
oc exec <sandbox-id> --wait --json -- whoami
# Fire-and-forget; prints the session id so you can re-attach later
oc exec <sandbox-id> --detach -- long-running-job
# Manage exec sessions
oc exec list <sandbox-id>
oc exec attach <sandbox-id> <session-id>
oc exec kill <sandbox-id> <session-id>
Checkpoints snapshot a running sandbox. You can restore to a checkpoint (in-place revert) or spawn new sandboxes from one (fork).
# Create a checkpoint
oc checkpoint create <sandbox-id> --name "after-setup"
# List checkpoints
oc checkpoint list <sandbox-id>
# Restore sandbox to a checkpoint (in-place revert)
oc checkpoint restore <sandbox-id> <checkpoint-id>
# Spawn a new sandbox from a checkpoint (fork)
oc checkpoint spawn <checkpoint-id> --timeout 300
# Delete a checkpoint
oc checkpoint delete <sandbox-id> <checkpoint-id>
Patches are scripts applied when sandboxes are spawned from a checkpoint. Use them to customize forked environments.
# Create a patch (reads script from file)
oc patch create <checkpoint-id> --script ./setup.sh --description "Install deps"
# Create a patch from stdin
echo "apt install -y curl" | oc patch create <checkpoint-id> --script -
# List patches
oc patch list <checkpoint-id>
# Delete a patch
oc patch delete <checkpoint-id> <patch-id>
Expose a sandbox port via a public URL.
# Create a preview URL
oc preview create <sandbox-id> --port 3000
oc preview create <sandbox-id> --port 8080 --domain myapp.example.com
# List preview URLs
oc preview list <sandbox-id>
# Delete a preview URL
oc preview delete <sandbox-id> <port>
# Open an interactive terminal session
oc shell <sandbox-id>
oc shell <sandbox-id> --shell /bin/zsh
All commands support:
--json — output as JSON instead of tables--api-key <key> — override API key--api-url <url> — override API URLID=$(oc create --json | jq -r '.sandboxID')
oc exec $ID --wait -- apt update
oc exec $ID --wait -- apt install -y nodejs
oc exec $ID -- node -e "console.log('hello')"
oc sandbox kill $ID
# Create base environment
ID=$(oc create --json | jq -r '.sandboxID')
oc exec $ID --wait -- apt update
oc exec $ID --wait -- apt install -y python3 pip
oc exec $ID --wait -- pip install flask
# Checkpoint it
CP=$(oc checkpoint create $ID --name "python-flask" --json | jq -r '.id')
# Wait for checkpoint to be ready
oc checkpoint list $ID
# Spawn copies from the checkpoint
FORK1=$(oc checkpoint spawn $CP --json | jq -r '.sandboxID')
FORK2=$(oc checkpoint spawn $CP --json | jq -r '.sandboxID')
oc patch create $CP --script ./inject-config.sh --description "Add app config"
# All future spawns from $CP will run inject-config.sh on boot
--json and parse with jq when you need to extract IDs or fields programmatically.sb-xxxxxxxx. Checkpoint IDs are UUIDs.ready. Poll with oc checkpoint list if needed.oc sandbox kill to clean up sandboxes when done.oc exec command exits with the remote process exit code.