forked from Selig/openclaw-skill
Initial commit: OpenClaw Skill Collection
6 custom skills (assign-task, dispatch-webhook, daily-briefing, task-capture, qmd-brain, tts-voice) with technical documentation. Compatible with Claude Code, OpenClaw, Codex CLI, and OpenCode.
This commit is contained in:
44
openclaw-knowhow-skill/docs/reference/cli/sandbox.md
Normal file
44
openclaw-knowhow-skill/docs/reference/cli/sandbox.md
Normal file
@@ -0,0 +1,44 @@
|
||||
# sandbox
|
||||
|
||||
# `openclaw sandbox`
|
||||
|
||||
Manage Docker-based isolated containers for secure agent execution.
|
||||
|
||||
## Overview
|
||||
|
||||
The OpenClaw sandbox system manages Docker-based isolated containers for secure agent execution. The CLI provides tools to inspect, list, and recreate these containers when configurations or images change.
|
||||
|
||||
## Key Commands
|
||||
|
||||
**`openclaw sandbox explain`** displays effective sandbox settings, including mode, scope, workspace access, and tool policies with relevant configuration paths.
|
||||
|
||||
**`openclaw sandbox list`** enumerates all sandbox containers, showing their operational status, Docker image details, creation time, idle duration, and associated session/agent information.
|
||||
|
||||
**`openclaw sandbox recreate`** forcefully removes containers to trigger fresh initialization with current images and configurations. Supports filtering by session, agent, or container type.
|
||||
|
||||
## Examples
|
||||
|
||||
```bash
|
||||
openclaw sandbox explain
|
||||
openclaw sandbox list
|
||||
openclaw sandbox recreate
|
||||
openclaw sandbox recreate --session <id>
|
||||
openclaw sandbox recreate --agent <id>
|
||||
```
|
||||
|
||||
## Primary Use Cases
|
||||
|
||||
After updating Docker images or modifying sandbox configuration settings, the recreate command ensures containers reflect these changes rather than persisting with outdated configurations. This addresses a core issue: existing containers continue running with old settings while the system waits up to 24 hours for automatic pruning.
|
||||
|
||||
## Configuration Location
|
||||
|
||||
Sandbox settings reside in `~/.openclaw/openclaw.json` under `agents.defaults.sandbox`, with per-agent overrides available in `agents.list[].sandbox`. Key parameters include:
|
||||
|
||||
* Execution mode (off/non-main/all)
|
||||
* Scope level (session/agent/shared)
|
||||
* Docker image specification
|
||||
* Pruning thresholds
|
||||
|
||||
## Related Resources
|
||||
|
||||
See additional documentation covering broader sandboxing concepts, agent workspace configuration, and the doctor command for sandbox diagnostics verification.
|
||||
Reference in New Issue
Block a user