// Add a new AI coding agent to Agent Sandbox. Creates all required files (Dockerfile, templates, CI, docs) and wires the agent into the CLI, proxy, and build system.
Break a milestone into discrete tasks. Use when starting work on a milestone that has been defined in the project plan.
Create a project plan for a new initiative. Use when starting a new project, defining goals, breaking work into milestones, and doing initial technical due diligence.
Entry point for the three-tier planning system. Use when starting planning work at any level - project, milestone, or task.
Plan and track execution of a task. Use when starting implementation of a task defined in a milestone plan.
| name | add-agent |
| description | Add a new AI coding agent to Agent Sandbox. Creates all required files (Dockerfile, templates, CI, docs) and wires the agent into the CLI, proxy, and build system. |
This skill generates all the files needed to add a new AI coding agent to Agent Sandbox. It follows the established patterns from Claude, Copilot, and Codex implementations.
The skill takes a single argument: the agent name (lowercase, no spaces). Example: gemini, opencode, factory.
Ask the user for the following (skip any already provided):
npm view {package} versiongh api repos/{owner}/{repo}/releases/latest --jq .tag_namerust-v prefix)GEMINI_VERSION)/home/dev/.gemini)config.toml to disable its internal sandbox)--dangerously-skip-permissions, --yolo, --full-auto)github.copilot-chat), or "none" for CLI-only agentscom.anthropic.code.plugin), or "none"Generate all files listed below. Read the reference files first to match the exact format and structure.
Create images/agents/{agent}/Dockerfile.
Pattern:
ARG BASE_IMAGE=agent-sandbox-base:local + FROM ${BASE_IMAGE}~/.local/bin if installing a binary thereCOPY config.toml /home/dev/.{agent}/config.toml)USER devENV PATH="/home/dev/.local/bin:$PATH" if installing to ~/.local/binARG TARGETARCH for multi-arch, prefer musl (statically linked) over gnu variantsorg.opencontainers.image.description and version labelIf the agent needs default config files, create them alongside the Dockerfile (e.g., images/agents/{agent}/config.toml).
Create internal/embeddata/templates/{agent}/cli/agent.yml.
This is a compose overlay that layers on top of the shared internal/embeddata/templates/compose/base.yml. It contains only agent-specific configuration. Read an existing agent.yml for the exact format.
Contents:
services.proxy.volumes: [] (required placeholder for compose merge)services.agent.image - the GHCR image referenceservices.agent.volumes - agent-specific state and history volumesservices.agent.environment - agent-specific env vars (if any)Do NOT include proxy config, HTTP_PROXY, HTTPS_PROXY, capabilities, or other shared settings. Those live in base.yml.
Create internal/embeddata/templates/{agent}/devcontainer/devcontainer.json.
This file references a layered array of compose files. Read an existing devcontainer.json for the exact format.
Key points:
dockerComposeFile is an array of 5 paths pointing into .agent-sandbox/compose/:
base.yml, agent.{name}.yml, mode.devcontainer.yml, user.override.yml, user.agent.{name}.override.ymlservice: "agent"workspaceFolder: "/workspace"remoteUser: "dev"overrideCommand: falseEdit cli/lib/agent.bash:
supported_agents_display() (space-separated string)supported_agents() (printf list)select_agent() (option list)validate_agent() case statementEdit cli/lib/cli-compose.bash:
CLAUDE.md and settings.json), add a conditional block in scaffold_cli_agent_override_if_missing() following the Claude pattern. This adds commented-out volume entries to user.agent.{name}.override.yml.Two test files reference the agent list string:
cli/test/init/init.bats: update the "rejects invalid --agent value" assertion to include the new agent name.cli/test/switch/switch.bats:
stub select_option call in "switch prompts for agent when --agent is omitted" to include the new agent in the argument list.Both assertions and the stub match the output of supported_agents_display() / select_agent().
Two files in the proxy image need updating:
images/proxy/service_catalog.py: add a new entry to the SIMPLE_SERVICE_HOSTS dict.
Guidelines:
*.openai.com covers api.openai.com, auth.openai.com, regional endpoints)chatgpt.com is separate from openai.com)If the service needs rule-level semantics (repo scoping, method narrowing beyond the generic readonly mapping), add a dedicated expander function following the GitHub pattern instead of using SIMPLE_SERVICE_HOSTS.
images/proxy/render-policy: add the new agent name to the KNOWN_AGENTS set. This script renders the effective proxy policy at startup and validates the AGENTBOX_ACTIVE_AGENT env var against this set. If the agent is missing, the proxy will refuse to start with an "Unknown agent" error.
Edit images/build.sh to add:
: "${GEMINI_VERSION:=latest}"): "${GEMINI_EXTRA_PACKAGES:=}")build_{agent}() function following the pattern of existing agent build functionsall target)Create docs/agents/{agent}.md following this structure (see docs/agents/codex.md for exact format):
# {Display Name} Sandbox Templateagentbox compose down for stopping.services: YAML snippet with the agent's service name.Edit README.md:
:large_blue_circle: Preview for CLI and devcontainer modes.docs/{agent}/README.md in the "Agent-specific setup" sectionCreate the CI files directly in .github/workflows/. They follow a clear pattern and can be written without drafting.
Edit .github/workflows/build-images.yml:
{AGENT}_IMAGE_NAME env var (e.g., GEMINI_IMAGE_NAME)build-{agent} job following the pattern of build-codex (for GitHub releases) or build-copilot (for npm)npm view {package} versiongh api repos/{owner}/{repo}/releases/latest --jq .tag_name with any tag prefix stripping via sedneeds arrayCreate .github/workflows/check-{agent}-version.yml following the pattern of existing version check workflows.
{agent}- for the GHCR tag checkbuild-images.yml if the version tag doesn't exist in GHCRAfter creating all files:
./images/build.sh {agent}docker run --rm agent-sandbox-{agent}:local {agent} --versionagentbox init --agent {agent} --mode cli --path /tmp/test-projectgo test ./...curl -x http://proxy:8080 https://{api-domain}curl -x http://proxy:8080 https://example.comWhen generating files, read these for the exact patterns:
images/agents/claude/Dockerfile (npm install pattern)images/agents/copilot/Dockerfile (npm install with Node.js pattern)images/agents/codex/Dockerfile (direct binary download pattern, multi-arch, config file baking)images/agents/codex/config.toml (baked config file example)internal/embeddata/templates/compose/base.yml (shared compose base layer with proxy and agent skeleton)internal/embeddata/templates/compose/mode.devcontainer.yml (devcontainer mode overlay)internal/embeddata/templates/claude/cli/agent.yml (agent compose layer with env vars)internal/embeddata/templates/copilot/cli/agent.yml (simplest agent compose layer)internal/embeddata/templates/claude/devcontainer/devcontainer.json (devcontainer with extensions and JetBrains plugins)internal/embeddata/templates/codex/devcontainer/devcontainer.json (CLI-only agent, no extensions)internal/runtime/agents.go (agent registry: supported list and validation)internal/scaffold/init.go (CLI and devcontainer init flow entrypoints)internal/scaffold/devcontainer.go (devcontainer JSON rendering and merge behavior)internal/cli/init_test.go (init command assertions and prompting expectations)internal/cli/switch_test.go (switch command assertions and agent validation coverage)images/proxy/addons/enforcer.py (service domains, alphabetical ordering)images/proxy/render-policy (KNOWN_AGENTS set, policy rendering validation)images/build.sh (build functions and case statement)docs/agents/codex.md (simplest agent doc, CLI-only)docs/agents/copilot.md (agent doc with IDE notes)README.md (supported agents table and setup links).github/workflows/build-images.yml (build jobs).github/workflows/check-codex-version.yml (GitHub releases version check).github/workflows/check-copilot-version.yml (npm version check)