diff --git a/README.md b/README.md index ef454e0..21cfdba 100644 --- a/README.md +++ b/README.md @@ -77,14 +77,14 @@ prompted to keep yours, take the remote's, or rename the remote entry. ## What's in this template -| Asset | File | What it is | -|--------|-----------------------------------|---------------------------------------------------------| -| Agent | `agents/hello-agent/config.yaml` | Tiny LLM-loop agent that greets the user. | -| Role | `roles/explainer.md` | Role that explains technical concepts simply. | -| Skill | `skills/rust-fmt/SKILL.md` | Skill demonstrating `enabled_tools` + `auto_unload`. | -| Macro | `macros/greet.yaml` | Macro showing positional and rest-arg variables. | -| Tool | `functions/tools/greet.sh` | Bash tool using Coyote's argc-style annotations. | -| MCP | `functions/mcp.json` | One vanilla server + one with a vault secret reference. | +| Asset | File | What it is | +|-------|----------------------------------|---------------------------------------------------------| +| Agent | `agents/hello-agent/config.yaml` | Tiny LLM-loop agent that greets the user. | +| Role | `roles/explainer.md` | Role that explains technical concepts simply. | +| Skill | `skills/rust-fmt/SKILL.md` | Skill demonstrating `enabled_tools` + `auto_unload`. | +| Macro | `macros/greet.yaml` | Macro showing positional and rest-arg variables. | +| Tool | `functions/tools/greet.sh` | Bash tool using Coyote's argc-style annotations. | +| MCP | `functions/mcp.json` | One vanilla server + one with a vault secret reference. | Each sample is intentionally minimal. Replace it with your own work, or delete what you don't need. @@ -128,6 +128,31 @@ Use `{{SECRET_NAME}}` placeholders for values you don't want to commit; Coyote will detect missing secrets after the merge and prompt you to add them to the vault (or list them for you to add via `coyote --add-secret`). +### (Optional) Sandbox mixins (`sbx-mixin.yaml`) +If consumers of your bundle run Coyote in [Sandbox mode](https://github.com/Dark-Alex-17/coyote/wiki/Sandboxes), +they'll need any external binaries and network domain allowances declared +in an `sbx-mixin.yaml` file. Coyote auto-discovers mixin files at known +locations on every `coyote --sandbox` invocation, no flags required. + +This template ships two starter examples: + +- **`agents/hello-agent/sbx-mixin.yaml`:** Per-agent mixin, applied when + the agent is installed and any `coyote --sandbox` runs. +- **`functions/sbx-mixin.yaml`:** Shared by all custom tools in this + bundle. For per-tool granularity, use `functions//sbx-mixin.yaml` + instead. + +Both starters are commented-out templates. Simply open them and fill in the +domains and install commands your assets actually need. Delete the files +if they're not needed. + +> ⚠️ **Privilege grant.** Anyone installing your bundle is granting the +> mixins' install commands (passwordless sudo) and network domain +> allowances inside their sandboxes. Document any non-obvious entries in +> this README so they don't have to grep your YAML to find out what +> they're accepting. See the [Sharing Configurations - Sandbox Implications](https://github.com/Dark-Alex-17/coyote/wiki/Sharing-Configurations#sandbox-implications) +> wiki page for the full security model. + ## Secrets workflow Anywhere you reference a secret in `mcp.json` (or in any installed file), diff --git a/agents/hello-agent/sbx-mixin.yaml b/agents/hello-agent/sbx-mixin.yaml new file mode 100644 index 0000000..c995329 --- /dev/null +++ b/agents/hello-agent/sbx-mixin.yaml @@ -0,0 +1,23 @@ +schemaVersion: "1" +kind: mixin +name: agent-hello +description: > + Example sbx mixin for the hello-agent. Coyote auto-discovers and applies + any sbx-mixin.yaml co-located with an agent whenever you run + `coyote --sandbox`. Use this to declare any binaries the agent needs to + install inside the sandbox and any network domains it needs to reach. + Delete this file if your agent doesn't need extra sandbox setup. + +network: + allowedDomains: + # Replace with the domains your agent actually hits. + # Example: an agent that calls api.example.com would add: + # - "api.example.com:443" + +commands: + install: + # Replace with any binaries your agent depends on. Runs as the + # `agent` user (UID 1000) with passwordless sudo. Example: + # - command: "sudo apt-get update && sudo apt-get install -y httpie" + # user: "1000" + # description: Install httpie for hello-agent's API calls diff --git a/functions/sbx-mixin.yaml b/functions/sbx-mixin.yaml new file mode 100644 index 0000000..00476e3 --- /dev/null +++ b/functions/sbx-mixin.yaml @@ -0,0 +1,25 @@ +schemaVersion: "1" +kind: mixin +name: shared-custom-tools +description: > + Example global sbx mixin that applies to every Coyote sandbox you launch. + Use this for binaries and network domains shared by multiple custom tools + in functions/tools/. For per-tool needs that aren't shared, create + functions//sbx-mixin.yaml instead (per-tool mixins are also + auto-discovered). + + Delete this file if your fork doesn't need extra sandbox setup. + +network: + allowedDomains: + # Replace with the domains your custom tools reach. + # Example: a tool that calls a private API: + # - "api.your-company.com:443" + +commands: + install: + # Replace with binaries your custom tools depend on. Runs as the + # `agent` user (UID 1000) with passwordless sudo. Example: + # - command: "sudo apt-get update && sudo apt-get install -y httpie xmlstarlet" + # user: "1000" + # description: Install custom tool dependencies