Template
Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
9557e0ba3c
|
|||
| 6ffe62cc3a |
@@ -77,14 +77,14 @@ prompted to keep yours, take the remote's, or rename the remote entry.
|
|||||||
|
|
||||||
## What's in this template
|
## What's in this template
|
||||||
|
|
||||||
| Asset | File | What it is |
|
| Asset | File | What it is |
|
||||||
|--------|-----------------------------------|---------------------------------------------------------|
|
|-------|----------------------------------|---------------------------------------------------------|
|
||||||
| Agent | `agents/hello-agent/config.yaml` | Tiny LLM-loop agent that greets the user. |
|
| Agent | `agents/hello-agent/config.yaml` | Tiny LLM-loop agent that greets the user. |
|
||||||
| Role | `roles/explainer.md` | Role that explains technical concepts simply. |
|
| Role | `roles/explainer.md` | Role that explains technical concepts simply. |
|
||||||
| Skill | `skills/rust-fmt/SKILL.md` | Skill demonstrating `enabled_tools` + `auto_unload`. |
|
| Skill | `skills/rust-fmt/SKILL.md` | Skill demonstrating `enabled_tools` + `auto_unload`. |
|
||||||
| Macro | `macros/greet.yaml` | Macro showing positional and rest-arg variables. |
|
| Macro | `macros/greet.yaml` | Macro showing positional and rest-arg variables. |
|
||||||
| Tool | `functions/tools/greet.sh` | Bash tool using Coyote's argc-style annotations. |
|
| Tool | `functions/tools/greet.sh` | Bash tool using Coyote's argc-style annotations. |
|
||||||
| MCP | `functions/mcp.json` | One vanilla server + one with a vault secret reference. |
|
| MCP | `functions/mcp.json` | One vanilla server + one with a vault secret reference. |
|
||||||
|
|
||||||
Each sample is intentionally minimal. Replace it with your own work, or
|
Each sample is intentionally minimal. Replace it with your own work, or
|
||||||
delete what you don't need.
|
delete what you don't need.
|
||||||
@@ -128,6 +128,31 @@ Use `{{SECRET_NAME}}` placeholders for values you don't want to commit;
|
|||||||
Coyote will detect missing secrets after the merge and prompt you to add
|
Coyote will detect missing secrets after the merge and prompt you to add
|
||||||
them to the vault (or list them for you to add via `coyote --add-secret`).
|
them to the vault (or list them for you to add via `coyote --add-secret`).
|
||||||
|
|
||||||
|
### (Optional) Sandbox mixins (`sbx-mixin.yaml`)
|
||||||
|
If consumers of your bundle run Coyote in [Sandbox mode](https://github.com/Dark-Alex-17/coyote/wiki/Sandboxes),
|
||||||
|
they'll need any external binaries and network domain allowances declared
|
||||||
|
in an `sbx-mixin.yaml` file. Coyote auto-discovers mixin files at known
|
||||||
|
locations on every `coyote --sandbox` invocation, no flags required.
|
||||||
|
|
||||||
|
This template ships two starter examples:
|
||||||
|
|
||||||
|
- **`agents/hello-agent/sbx-mixin.yaml`:** Per-agent mixin, applied when
|
||||||
|
the agent is installed and any `coyote --sandbox` runs.
|
||||||
|
- **`functions/sbx-mixin.yaml`:** Shared by all custom tools in this
|
||||||
|
bundle. For per-tool granularity, use `functions/<tool>/sbx-mixin.yaml`
|
||||||
|
instead.
|
||||||
|
|
||||||
|
Both starters are commented-out templates. Simply open them and fill in the
|
||||||
|
domains and install commands your assets actually need. Delete the files
|
||||||
|
if they're not needed.
|
||||||
|
|
||||||
|
> ⚠️ **Privilege grant.** Anyone installing your bundle is granting the
|
||||||
|
> mixins' install commands (passwordless sudo) and network domain
|
||||||
|
> allowances inside their sandboxes. Document any non-obvious entries in
|
||||||
|
> this README so they don't have to grep your YAML to find out what
|
||||||
|
> they're accepting. See the [Sharing Configurations - Sandbox Implications](https://github.com/Dark-Alex-17/coyote/wiki/Sharing-Configurations#sandbox-implications)
|
||||||
|
> wiki page for the full security model.
|
||||||
|
|
||||||
## Secrets workflow
|
## Secrets workflow
|
||||||
|
|
||||||
Anywhere you reference a secret in `mcp.json` (or in any installed file),
|
Anywhere you reference a secret in `mcp.json` (or in any installed file),
|
||||||
|
|||||||
@@ -0,0 +1,23 @@
|
|||||||
|
schemaVersion: "1"
|
||||||
|
kind: mixin
|
||||||
|
name: agent-hello
|
||||||
|
description: >
|
||||||
|
Example sbx mixin for the hello-agent. Coyote auto-discovers and applies
|
||||||
|
any sbx-mixin.yaml co-located with an agent whenever you run
|
||||||
|
`coyote --sandbox`. Use this to declare any binaries the agent needs to
|
||||||
|
install inside the sandbox and any network domains it needs to reach.
|
||||||
|
Delete this file if your agent doesn't need extra sandbox setup.
|
||||||
|
|
||||||
|
network:
|
||||||
|
allowedDomains:
|
||||||
|
# Replace with the domains your agent actually hits.
|
||||||
|
# Example: an agent that calls api.example.com would add:
|
||||||
|
# - "api.example.com:443"
|
||||||
|
|
||||||
|
commands:
|
||||||
|
install:
|
||||||
|
# Replace with any binaries your agent depends on. Runs as the
|
||||||
|
# `agent` user (UID 1000) with passwordless sudo. Example:
|
||||||
|
# - command: "sudo apt-get update && sudo apt-get install -y httpie"
|
||||||
|
# user: "1000"
|
||||||
|
# description: Install httpie for hello-agent's API calls
|
||||||
@@ -0,0 +1,25 @@
|
|||||||
|
schemaVersion: "1"
|
||||||
|
kind: mixin
|
||||||
|
name: shared-custom-tools
|
||||||
|
description: >
|
||||||
|
Example global sbx mixin that applies to every Coyote sandbox you launch.
|
||||||
|
Use this for binaries and network domains shared by multiple custom tools
|
||||||
|
in functions/tools/. For per-tool needs that aren't shared, create
|
||||||
|
functions/<tool-name>/sbx-mixin.yaml instead (per-tool mixins are also
|
||||||
|
auto-discovered).
|
||||||
|
|
||||||
|
Delete this file if your fork doesn't need extra sandbox setup.
|
||||||
|
|
||||||
|
network:
|
||||||
|
allowedDomains:
|
||||||
|
# Replace with the domains your custom tools reach.
|
||||||
|
# Example: a tool that calls a private API:
|
||||||
|
# - "api.your-company.com:443"
|
||||||
|
|
||||||
|
commands:
|
||||||
|
install:
|
||||||
|
# Replace with binaries your custom tools depend on. Runs as the
|
||||||
|
# `agent` user (UID 1000) with passwordless sudo. Example:
|
||||||
|
# - command: "sudo apt-get update && sudo apt-get install -y httpie xmlstarlet"
|
||||||
|
# user: "1000"
|
||||||
|
# description: Install custom tool dependencies
|
||||||
Reference in New Issue
Block a user