yucheng/openclaw-skill
1
0
Fork 0
forked from Selig/openclaw-skill
Code Pull Requests Activity
Files
9ab15e99e5632c53e5a5a5f034f39e3671366eb0
openclaw-skill/openclaw-knowhow-skill/docs/reference/cli/sandbox.md
Selig 4c966a3ad2 Initial commit: OpenClaw Skill Collection 
6 custom skills (assign-task, dispatch-webhook, daily-briefing,
task-capture, qmd-brain, tts-voice) with technical documentation.
Compatible with Claude Code, OpenClaw, Codex CLI, and OpenCode.
2026-03-13 10:58:30 +08:00

45 lines
1.9 KiB
Markdown
Raw Blame History

# sandbox
# `openclaw sandbox`
Manage Docker-based isolated containers for secure agent execution.
## Overview
The OpenClaw sandbox system manages Docker-based isolated containers for secure agent execution. The CLI provides tools to inspect, list, and recreate these containers when configurations or images change.
## Key Commands
**`openclaw sandbox explain`** displays effective sandbox settings, including mode, scope, workspace access, and tool policies with relevant configuration paths.
**`openclaw sandbox list`** enumerates all sandbox containers, showing their operational status, Docker image details, creation time, idle duration, and associated session/agent information.
**`openclaw sandbox recreate`** forcefully removes containers to trigger fresh initialization with current images and configurations. Supports filtering by session, agent, or container type.
## Examples
```bash
openclaw sandbox explain
openclaw sandbox list
openclaw sandbox recreate
openclaw sandbox recreate --session <id>
openclaw sandbox recreate --agent <id>
```
## Primary Use Cases
After updating Docker images or modifying sandbox configuration settings, the recreate command ensures containers reflect these changes rather than persisting with outdated configurations. This addresses a core issue: existing containers continue running with old settings while the system waits up to 24 hours for automatic pruning.
## Configuration Location
Sandbox settings reside in `~/.openclaw/openclaw.json` under `agents.defaults.sandbox`, with per-agent overrides available in `agents.list[].sandbox`. Key parameters include:
* Execution mode (off/non-main/all)
* Scope level (session/agent/shared)
* Docker image specification
* Pruning thresholds
## Related Resources
See additional documentation covering broader sandboxing concepts, agent workspace configuration, and the doctor command for sandbox diagnostics verification.
View Git Blame Copy Permalink