feat: Added sbx-mixin.yaml templates and documentation on how sandbox integration works in Coyote

This commit is contained in:
2026-06-18 09:52:46 -06:00
parent 6ffe62cc3a
commit 9557e0ba3c
3 changed files with 81 additions and 8 deletions
+33 -8
View File
@@ -77,14 +77,14 @@ prompted to keep yours, take the remote's, or rename the remote entry.
## What's in this template ## What's in this template
| Asset | File | What it is | | Asset | File | What it is |
|--------|-----------------------------------|---------------------------------------------------------| |-------|----------------------------------|---------------------------------------------------------|
| Agent | `agents/hello-agent/config.yaml` | Tiny LLM-loop agent that greets the user. | | Agent | `agents/hello-agent/config.yaml` | Tiny LLM-loop agent that greets the user. |
| Role | `roles/explainer.md` | Role that explains technical concepts simply. | | Role | `roles/explainer.md` | Role that explains technical concepts simply. |
| Skill | `skills/rust-fmt/SKILL.md` | Skill demonstrating `enabled_tools` + `auto_unload`. | | Skill | `skills/rust-fmt/SKILL.md` | Skill demonstrating `enabled_tools` + `auto_unload`. |
| Macro | `macros/greet.yaml` | Macro showing positional and rest-arg variables. | | Macro | `macros/greet.yaml` | Macro showing positional and rest-arg variables. |
| Tool | `functions/tools/greet.sh` | Bash tool using Coyote's argc-style annotations. | | Tool | `functions/tools/greet.sh` | Bash tool using Coyote's argc-style annotations. |
| MCP | `functions/mcp.json` | One vanilla server + one with a vault secret reference. | | MCP | `functions/mcp.json` | One vanilla server + one with a vault secret reference. |
Each sample is intentionally minimal. Replace it with your own work, or Each sample is intentionally minimal. Replace it with your own work, or
delete what you don't need. delete what you don't need.
@@ -128,6 +128,31 @@ Use `{{SECRET_NAME}}` placeholders for values you don't want to commit;
Coyote will detect missing secrets after the merge and prompt you to add Coyote will detect missing secrets after the merge and prompt you to add
them to the vault (or list them for you to add via `coyote --add-secret`). them to the vault (or list them for you to add via `coyote --add-secret`).
### (Optional) Sandbox mixins (`sbx-mixin.yaml`)
If consumers of your bundle run Coyote in [Sandbox mode](https://github.com/Dark-Alex-17/coyote/wiki/Sandboxes),
they'll need any external binaries and network domain allowances declared
in an `sbx-mixin.yaml` file. Coyote auto-discovers mixin files at known
locations on every `coyote --sandbox` invocation, no flags required.
This template ships two starter examples:
- **`agents/hello-agent/sbx-mixin.yaml`:** Per-agent mixin, applied when
the agent is installed and any `coyote --sandbox` runs.
- **`functions/sbx-mixin.yaml`:** Shared by all custom tools in this
bundle. For per-tool granularity, use `functions/<tool>/sbx-mixin.yaml`
instead.
Both starters are commented-out templates. Simply open them and fill in the
domains and install commands your assets actually need. Delete the files
if they're not needed.
> ⚠️ **Privilege grant.** Anyone installing your bundle is granting the
> mixins' install commands (passwordless sudo) and network domain
> allowances inside their sandboxes. Document any non-obvious entries in
> this README so they don't have to grep your YAML to find out what
> they're accepting. See the [Sharing Configurations - Sandbox Implications](https://github.com/Dark-Alex-17/coyote/wiki/Sharing-Configurations#sandbox-implications)
> wiki page for the full security model.
## Secrets workflow ## Secrets workflow
Anywhere you reference a secret in `mcp.json` (or in any installed file), Anywhere you reference a secret in `mcp.json` (or in any installed file),
+23
View File
@@ -0,0 +1,23 @@
schemaVersion: "1"
kind: mixin
name: agent-hello
description: >
Example sbx mixin for the hello-agent. Coyote auto-discovers and applies
any sbx-mixin.yaml co-located with an agent whenever you run
`coyote --sandbox`. Use this to declare any binaries the agent needs to
install inside the sandbox and any network domains it needs to reach.
Delete this file if your agent doesn't need extra sandbox setup.
network:
allowedDomains:
# Replace with the domains your agent actually hits.
# Example: an agent that calls api.example.com would add:
# - "api.example.com:443"
commands:
install:
# Replace with any binaries your agent depends on. Runs as the
# `agent` user (UID 1000) with passwordless sudo. Example:
# - command: "sudo apt-get update && sudo apt-get install -y httpie"
# user: "1000"
# description: Install httpie for hello-agent's API calls
+25
View File
@@ -0,0 +1,25 @@
schemaVersion: "1"
kind: mixin
name: shared-custom-tools
description: >
Example global sbx mixin that applies to every Coyote sandbox you launch.
Use this for binaries and network domains shared by multiple custom tools
in functions/tools/. For per-tool needs that aren't shared, create
functions/<tool-name>/sbx-mixin.yaml instead (per-tool mixins are also
auto-discovered).
Delete this file if your fork doesn't need extra sandbox setup.
network:
allowedDomains:
# Replace with the domains your custom tools reach.
# Example: a tool that calls a private API:
# - "api.your-company.com:443"
commands:
install:
# Replace with binaries your custom tools depend on. Runs as the
# `agent` user (UID 1000) with passwordless sudo. Example:
# - command: "sudo apt-get update && sudo apt-get install -y httpie xmlstarlet"
# user: "1000"
# description: Install custom tool dependencies