Exécutez n'importe quel Skill dans Manus
en un clic

Exécutez n'importe quel Skill dans Manus en un clic

Commencer

$pwd:

sandbox-security

Name: Sandbox Security
Author: spences10

// Daytona sandbox security. Use for token handling, credential boundaries, and full paths in SSH.

Exécuter dans Manus

$ git log --oneline --stat

stars:2

forks:0

updated:24 avril 2026 à 09:52

Explorateur de fichiers

2 fichiers

SKILL.md

readonly

name	sandbox-security
description	Daytona sandbox security. Use for token handling, credential boundaries, and full paths in SSH.

Sandbox Security

Credential Boundaries

Keep local orchestration credentials separate from sandbox credentials:

Context	Variables
Local orchestrator	`DAYTONA_API_KEY`, `GH_TOKEN`, `ANTHROPIC_API_KEY`
Sandbox forwarded	`SANDBOX_GH_TOKEN`, `SANDBOX_ANTHROPIC_API_KEY`

Ralph-Town forwards sandbox-scoped variables under the names tools expect inside the sandbox:

SANDBOX_GH_TOKEN -> GH_TOKEN
SANDBOX_ANTHROPIC_API_KEY -> ANTHROPIC_API_KEY

GITHUB_PAT is only a deprecated compatibility alias for SANDBOX_GH_TOKEN.

Full Paths Required

SSH sessions can have a limited PATH. Use full paths when commands are not found:

Tool	Path
git	`/usr/bin/git`
gh	`/usr/bin/gh`
pnpm	`/usr/local/bin/pnpm`
ls/cat/echo	`/bin/ls`, `/bin/cat`, `/bin/echo`

Token Safety

Never embed tokens in URLs. They can leak to process lists, logs, and error output.

# BAD - token visible in ps, logs, error messages
/usr/bin/git clone https://$GH_TOKEN@github.com/owner/repo.git

# GOOD - prefer unauthenticated clone when possible
/usr/bin/git clone https://github.com/owner/repo.git

For private repos or push workflows, use a credential helper inside the sandbox:

/usr/bin/git config --global credential.helper store
/bin/printf 'https://oauth2:%s@github.com\n' "$GH_TOKEN" > ~/.git-credentials
/bin/chmod 600 ~/.git-credentials

Reference Files

references/security-details.md - Full security explanations

related-skills.json

même dépôt

daytona-sdk.md

from "spences10/ralph-town"

Use when working with Daytona SDK - uploadFile(Buffer, path), pnpm setup, CodeLanguage options

2026-04-242

sandbox-session.md

from "spences10/ralph-town"

Prepare reusable Daytona sandbox sessions for isolated evals, debugging, or manual command execution.

2026-04-242

sandbox.md

from "spences10/ralph-town"

Manage Daytona sandboxes for isolated evals, smoke tests, and command execution.

2026-04-242

sandbox-task-prompt.md

from "spences10/ralph-town"

Generate sandbox-scoped task prompts for any LLM or tool runner working inside Daytona sandboxes.

2026-04-242

sandbox-troubleshooting.md

from "spences10/ralph-town"

Troubleshoot Daytona sandbox runs, SSH access, snapshots, credentials, and command execution failures.

2026-04-242

sandbox-workflow.md

from "spences10/ralph-town"

Use for reusable Daytona sandbox workflows, SSH access, git setup, and isolated command execution.

2026-04-242

package.json

"author": "spences10"

"repository": "spences10/ralph-town"

Ouvrir le dépôt GitHub Voir les dépôts du créateur

$ install --global

$ download --local

Exécuter dans Manus

$ useful --forSOC

Administrateurs de réseaux et de systèmes informatiquesProfessions informatiques et mathématiques15-1244L4

name	sandbox-security
description	Daytona sandbox security. Use for token handling, credential boundaries, and full paths in SSH.

Sandbox Security

Credential Boundaries

Keep local orchestration credentials separate from sandbox credentials:

Context	Variables
Local orchestrator	`DAYTONA_API_KEY`, `GH_TOKEN`, `ANTHROPIC_API_KEY`
Sandbox forwarded	`SANDBOX_GH_TOKEN`, `SANDBOX_ANTHROPIC_API_KEY`

Ralph-Town forwards sandbox-scoped variables under the names tools expect inside the sandbox:

SANDBOX_GH_TOKEN -> GH_TOKEN
SANDBOX_ANTHROPIC_API_KEY -> ANTHROPIC_API_KEY

GITHUB_PAT is only a deprecated compatibility alias for SANDBOX_GH_TOKEN.

Full Paths Required

SSH sessions can have a limited PATH. Use full paths when commands are not found:

Tool	Path
git	`/usr/bin/git`
gh	`/usr/bin/gh`
pnpm	`/usr/local/bin/pnpm`
ls/cat/echo	`/bin/ls`, `/bin/cat`, `/bin/echo`

Token Safety

Never embed tokens in URLs. They can leak to process lists, logs, and error output.

# BAD - token visible in ps, logs, error messages
/usr/bin/git clone https://$GH_TOKEN@github.com/owner/repo.git

# GOOD - prefer unauthenticated clone when possible
/usr/bin/git clone https://github.com/owner/repo.git

For private repos or push workflows, use a credential helper inside the sandbox:

/usr/bin/git config --global credential.helper store
/bin/printf 'https://oauth2:%s@github.com\n' "$GH_TOKEN" > ~/.git-credentials
/bin/chmod 600 ~/.git-credentials

Reference Files

references/security-details.md - Full security explanations

sandbox-security

Sandbox Security

Credential Boundaries

Full Paths Required

Token Safety

Reference Files

Plus depuis ce dépôt

Sandbox Security

Credential Boundaries

Full Paths Required

Token Safety

Reference Files

Plus depuis ce dépôt