ClawHub

Alfred OpenShell Sandbox

Dev Tools

Provides isolated sandboxes using NVIDIA OpenShell for secure code execution, security scans, debugging, and test running with resource and network restricti...

Install

openclaw skills install alfred-openshell-sandbox

OpenShell Sandbox Skill

Secure execution environment for specialist agents using NVIDIA OpenShell.

Overview

OpenShell provides sandboxed containers with Landlock LSM + seccomp + network namespaces + L7 policy engine. Each specialist agent gets an isolated sandbox for safe code execution.

Sandboxes Available

SandboxAgentPurposeStatus
coder-sandboxcoderCode execution, builds, testsReady
security-sandboxsecurityPentesting, security scansReady
debug-sandboxdebugBug reproduction, diagnosisReady
test-sandboxqa-testerTest executionReady

CLI Reference

# List all sandboxes
openshell sandbox list

# Execute command in sandbox
openshell sandbox exec -n <sandbox-name> -- <command> [args...]

# Interactive shell
openshell sandbox connect -n <sandbox-name>

# Create new sandbox
openshell sandbox create --name <name>

# Delete sandbox
openshell sandbox delete <name>

# View logs
openshell logs -n <sandbox-name>

# Gateway status
openshell status

# Diagnose issues
openshell doctor check

Agent Integration

For Coder Agent

When executing code that could affect the host system:

# Instead of running locally:
python3 script.py

# Run in sandbox:
openshell sandbox exec -n coder-sandbox -- python3 /workspace/script.py

For Security Agent

When running security tools or scans:

# Run nmap, nikto, etc. in isolated sandbox
openshell sandbox exec -n security-sandbox -- nmap -sV target

For Debug Agent

When reproducing bugs or testing fixes:

openshell sandbox exec -n debug-sandbox -- node test.js

For QA-Tester

When running test suites:

openshell sandbox exec -n test-sandbox -- pytest tests/

File Transfer

To copy files between host and sandbox:

# Copy file INTO sandbox (via exec cat)
cat local_file.py | openshell sandbox exec -n coder-sandbox -- tee /workspace/local_file.py

# Copy file FROM sandbox
openshell sandbox exec -n coder-sandbox -- cat /workspace/result.txt > local_result.txt

Policies

Default policies apply L7 network restrictions. To view/modify:

openshell policy list

Resource Limits

  • CPU: Shared with host (24GB RAM server)
  • Network: Restricted by L7 policy (no outbound by default)
  • Disk: Ephemeral (deleted with sandbox)
  • Timeout: 30 min default per exec command

Troubleshooting

  • Sandbox not found: Run openshell sandbox list to check status
  • Gateway down: Run openshell status and openshell doctor check
  • Permission denied: Sandboxes run as unprivileged user
  • Network blocked: Default policy denies outbound; use openshell policy to modify

Architecture

Host (Ubuntu ARM64)
  └── OpenShell Gateway (Docker + k3s)
       ├── coder-sandbox (aarch64, Python 3.13, Node 22)
       ├── security-sandbox (aarch64)
       ├── debug-sandbox (aarch64)
       └── test-sandbox (aarch64)

Version

  • OpenShell CLI: 0.0.35
  • Base image: ghcr.io/nvidia/openshell-community/sandboxes/base:latest
  • Platform: aarch64 (ARM64)
More in Dev Tools