Implements Goose (Block's AI coding agent) on CloudSigma.
Uses CloudSigma primitives for server provisioning and
OpenRouter for inference via GOOSE_PROVIDER=openrouter.
Agent: gap-filler
Co-authored-by: OpenRouter Bot <noreply@openrouter.ai>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Convert unquoted heredocs in refactor.sh (issue mode) and security.sh
(team_building mode) to single-quoted heredocs with sed placeholder
substitution. This prevents shell expansion of variables like
$SPAWN_ISSUE, $ISSUE_NUM, $WORKTREE_BASE inside prompt templates,
matching the existing WORKTREE_BASE_PLACEHOLDER pattern used in
refactor mode.
Fixes#1058Fixes#1047Fixes#1048
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
- test/mock.sh: Extract _tracked_assert and _categorize_failure from run_test (86->74 lines)
- ionos/lib/common.sh: Extract _ionos_validate_create_params and _ionos_require_ubuntu_image from create_server (51->28 lines)
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com>
- Extract `readPromptFile` from `resolvePrompt` in index.ts (60 -> 40 lines),
isolating prompt-file validation and reading into a standalone helper
- Extract `formatCredStatusLine` from `buildCredentialStatusLines` in
commands.ts, replacing repetitive set/not-set formatting with a reusable
helper
- Extract `_aliyun_validate_create_params` and `_aliyun_run_instances` from
`create_server` in alibabacloud/lib/common.sh (69 -> 34 lines), separating
validation, API call, and orchestration concerns
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com>
Users on exec-based clouds (Fly, Render, Koyeb, Northflank, Railway,
Modal, Daytona, E2B, CodeSandbox, GitHub Codespaces) got no warning
when their session ended that their service was still running and
incurring charges. This adds:
- _show_exec_post_session_summary() in shared/common.sh for non-SSH
providers that use CLI exec commands instead of direct SSH
- SPAWN_DASHBOARD_URL for all 10 exec-based clouds so users get
actionable dashboard links
- Post-session summary calls in each cloud's interactive_session()
- 33 new tests covering the exec post-session summary feature
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Convert getSignalGuidance from switch statement to data-driven lookup
table (SIGNAL_GUIDANCE), separating signal metadata from rendering logic.
Extract optionalDashboardLine helper to deduplicate the conditional
dashboard URL spreading in getScriptFailureGuidance. Extract
formatCredentialIndicator from cmdClouds to clarify the nested ternary
credential status formatting.
All 92 script-failure-guidance tests and 216 related tests pass with
zero regressions.
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Both clouds had custom `interactive_session` functions that called
`ssh` directly, bypassing the shared `ssh_interactive_session` which
shows the post-session server-still-running warning. Users ending
sessions on these clouds got no reminder to delete their server,
risking ongoing charges.
Changes:
- alibabacloud: replace custom SSH functions with shared helpers,
add SPAWN_DASHBOARD_URL pointing to ECS console
- gcp: set SSH_USER to GCP_USERNAME, replace custom SSH functions
with shared helpers, add SPAWN_DASHBOARD_URL pointing to
Compute Engine console
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
koyeb/nanoclaw.sh embedded the API key directly in a run_server command
string using single quotes. If the key contained a single quote, it could
break out and enable command injection. Replaced with the safe mktemp +
upload_file pattern used by all other nanoclaw scripts.
Also added chmod 600 before mv on remote /tmp/nanoclaw_env in 8 nanoclaw
scripts to restrict permissions on the credential file during transfer.
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Civo tests failed because networks.json, disk_images.json, and
correctly-named sshkeys.json fixtures were missing. Hetzner tests
failed because datacenters.json was missing (needed for server type
validation). Scaleway tests failed because SCW_DEFAULT_PROJECT_ID
was missing from env, images.json had no Ubuntu images, and
create_server.json fixture was absent.
Also adds Civo and Scaleway to mock's _synthetic_active_response
for instance polling, and fixes Scaleway account API URL stripping.
Results: 435 passed, 0 failed, 1 skipped (previously 270/165/1).
Agent: pr-maintainer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The auth field used "and" separator instead of "+" which caused
key-request.sh to crash during QA cycle Phase 0.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- discovery: every 30 min → every 3 days
- refactor: every 5 min → hourly
- security: every 5 min → every 30 min
Co-authored-by: Security Reviewer <security-reviewer@spawn.dev>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(security): harden weak crypto fallbacks, key validation, and temp paths
- CSRF state generation: fail instead of using predictable date+$RANDOM
fallback when openssl and /dev/urandom are unavailable (OAuth CSRF bypass)
- Kamatera password: fail instead of using predictable date-based password
when no secure random source available
- key-server validKeyVal: enforce 8-512 char limits and ASCII-only check
to block malformed/oversized values (Fixes#969)
- upload_config_file: use mktemp-derived randomness for remote temp paths
instead of predictable $RANDOM (symlink attack on remote server)
Agent: security-auditor
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(test): update assertions for upload_config_file mktemp-derived paths
The upload_config_file function now uses mktemp-derived basenames
(spawn_config_tmp.XXX) instead of the original filename for remote temp
paths. Update test/run.sh assertions to:
- Match "spawn_config" in the -file upload path
- Verify mv commands move files to correct final destinations
(settings.json, .claude.json)
Addresses reviewer feedback on PR #1039.
Agent: pr-maintainer
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The README hero line and matrix table were stale -- showing 36 clouds
and 514 combinations when the actual manifest has 38 clouds and 531
combinations. Adds missing Webdock and Alibaba Cloud columns and
updates all agent rows to reflect current implementation status.
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Merge printAgentQuickStart and printCloudQuickStart into a single
printQuickStart function, eliminating duplicated credential-checking and
auth-var-line printing logic. Extract buildDashboardHint from the
identical pattern repeated in getSignalGuidance and getScriptFailureGuidance.
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The post-session summary (shown after every SSH session ends) now:
- Displays the server name when available, so users can find it in their
cloud dashboard (e.g., "Your server 'spawn-claude-abc' is still running")
- Adds explicit billing reminder ("Remember to delete it to avoid charges")
- Uses green (log_info) for reconnect instructions instead of yellow
(log_warn), since reconnect info is helpful guidance, not a warning
No changes to individual cloud scripts needed -- all scripts already set
SERVER_NAME before calling interactive_session.
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix(ci): propagate mock test exit code and fix broken pipe in summary
The test workflow had three issues:
- mock.sh exit code was swallowed by tee (no pipefail), so the check
always passed even with 165 failures
- grep|head pipe caused "write error: Broken pipe" in post summary
- Summary was noisy with 100+ individual result lines
Now uses PIPESTATUS[0] to capture the real exit code, shows a clean
results line plus collapsible failures list, and fails the check when
tests fail.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(ci): report test results without blocking PRs
Pre-existing failures (165) shouldn't block unrelated PRs. The summary
still shows pass/fail counts and a collapsible failures list so the bot
can see the results.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* perf(ci): increase QA cycle frequency from daily to every 4 hours
Daily runs meant breakage could go undetected for up to 24 hours.
Every 4 hours gives 6 runs/day (00:00, 04:00, 08:00, 12:00, 16:00,
20:00 UTC) with a max 4-hour feedback loop.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(ci): add missing Check results step to fail on test errors
Addresses review feedback:
- The exit code was captured via PIPESTATUS[0] into GITHUB_OUTPUT but
no subsequent step consumed it, so the workflow always passed even
when tests failed. Added a "Check results" step that reads the
captured exit code and fails the job accordingly.
- Reverted QA cron schedule change (every 4 hours back to daily at
06:00 UTC) as it was unrelated to the test exit code fix and should
be proposed separately if desired.
Agent: pr-maintainer
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Cover the _show_post_session_summary function and updated
ssh_interactive_session integration from PR #1037. Tests verify:
- Summary warns user their server is still running with IP
- Dashboard URL shown when SPAWN_DASHBOARD_URL is set
- Generic message when no dashboard URL is available
- Reconnect command uses correct SSH_USER and IP
- SSH exit code preserved through the summary display
- All 25 SSH-based cloud providers set SPAWN_DASHBOARD_URL
- SPAWN_DASHBOARD_URL uses HTTPS and is defined before usage
- Detects custom interactive_session implementations missing summary
(alibabacloud flagged as known gap)
Agent: test-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Extract `_aliyun_json_list_first` helper for flat JSON lists (unlike
`_aliyun_json_field` which handles lists of dicts)
- Extract `_aliyun_extract_instance_id` to replace inline Python parser
- Extract `_ensure_network_infrastructure` to consolidate VPC/vSwitch/SG setup
- Use `_log_diagnostic` for structured error reporting (consistent with
patterns in shared/common.sh)
Reduces create_server from 86 to 69 lines and eliminates inline Python.
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
5 improvements to the QA cycle:
1. Fix agents now get structured failure context — categorized failures
(exit_code, missing_api_call, missing_env, no_fixture) instead of
raw 500-line test output, plus a passing agent for comparison
2. Fix agent changes are verified before committing — re-runs mock tests
after the agent finishes and only commits if results actually improved,
discarding bad fixes that would create noise PRs
3. Test results now include failure categories — mock.sh records
cloud/agent:fail:reason instead of just cloud/agent:fail, enabling
smarter failure routing
4. Mock curl logs NO_FIXTURE warnings when no fixture matches a GET
request, surfacing false-confidence gaps where tests pass with
synthetic fallback data
5. Phase 3 (code fix) failures now escalate to GitHub issues after 3
consecutive cycles, matching the Phase 1 escalation pattern
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
After an interactive SSH session ends, users are now shown:
- A warning that their server is still running (and may incur charges)
- A link to the cloud provider's dashboard to manage/delete it
- The SSH command to reconnect
This prevents users from unknowingly leaving servers running after
exiting their agent session. Covers all 25 SSH-based cloud providers.
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Unquoted `<< EOF` heredocs in nanoclaw .env file creation cause shell
expansion of the API key value. If an API key contains `$`, backticks,
or `\`, the value is silently corrupted or could trigger command
execution. Replace with `printf '%s'` which safely writes the value
without interpretation.
Also fix unquoted variable expansion in upload_config_file's mv command
and the github-codespaces/openclaw.sh config heredoc.
Fixes 34 scripts across all cloud providers.
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add validate_branch_name() and validate_cloud_name() to qa-cycle.sh to
prevent command injection via unvalidated strings passed to git/gh
commands. Cloud names parsed from test/record.sh output via sed were
used directly in branch names, git push, git worktree, and gh pr create
commands without validation.
Fixes#1028
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Validates CloudSigma's unique architecture: region-based API URLs,
HTTP Basic Auth (email + password), drive cloning workflow, python3
JSON construction, SSRF-preventing region validation, and SSH with
'cloudsigma' user. Covers lib/common.sh API surface, all 8 agent
scripts, manifest consistency, and test infrastructure (mock.sh +
record.sh).
Agent: test-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When spawn scripts fail or are interrupted, error messages now include
the cloud provider's actual dashboard URL instead of generic "check your
cloud provider dashboard" text. This helps users quickly navigate to
their provider to check server status, clean up orphaned resources, or
debug provisioning failures.
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The interactive flow (bare `spawn`) was missing the preflight credential
warning that the direct `spawn <agent> <cloud>` path already had. Users
who picked an agent and cloud interactively would not be warned about
missing credentials, leading to confusing failures from the cloud
provider script. Now both paths warn about missing credentials before
launching.
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Extract _aliyun_load_or_prompt_credentials and _aliyun_configure_cli from
the 68-line ensure_aliyun_credentials function, reducing it to 16 lines.
Extract _aliyun_instance_public_ip to replace inline Python in
_wait_for_aliyun_instance, making IP extraction reusable and consistent
with the existing _aliyun_json_field helper pattern.
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add path validation to --prompt-file to block reading sensitive files
(SSH keys, cloud credentials, .env files, etc.) whose contents would be
sent to remote agents. Also adds file size validation (1MB limit) and
stat-based file type checking.
Fixes#991
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When users run `spawn` interactively, the agent picker now shows how many
clouds each agent supports and how many have credentials ready. This helps
users quickly identify which agents they can deploy immediately.
Before: "Claude Code AI coding assistant"
After: "Claude Code 2 clouds, 1 ready"
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
When running `spawn claude` or `spawn hetzner`, the "Loading manifest..."
spinner appeared twice: once in showInfoOrError() and again in
cmdAgentInfo/cmdCloudInfo via validateAndGetEntity(). Pass the
pre-loaded manifest to avoid the redundant load and spinner flash.
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Extract validation, error handling, and response parsing from
create_server into dedicated helpers following the pattern from PR #1016.
Latitude helpers: _latitude_validate_inputs, _latitude_check_create_error,
_latitude_extract_server_id
Contabo helpers: _contabo_validate_inputs, _contabo_check_create_error,
_contabo_extract_instance_id
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add validate_resource_name check for ALIYUN_IMAGE_ID env var in
alibabacloud create_server, consistent with other providers (Contabo,
Webdock) that validate user-controllable image identifiers
- Move HOSTKEY location validation before _pick_instance_preset call,
which uses the location in an API request — validates input before
use rather than after
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Extract _ensure_vpc, _ensure_vswitch, _aliyun_json_field, and
_aliyun_json_top_field from the 182-line create_server function.
This reduces create_server to 85 lines and eliminates repeated
inline Python JSON parsing across multiple functions.
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add regex validation (^[a-z0-9][a-z0-9._-]{0,63}$) to invalidate_cloud_key()
in shared/key-request.sh to prevent path traversal attacks that could delete
arbitrary files via crafted provider names (e.g., ../../etc/important)
- Improve validKeyVal() in key-server.ts to block control characters
(U+0000-U+001F, U+007F-U+009F) and enforce a 4096-byte max length on
API key values, preventing injection of null bytes, newlines, and
excessively long values
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
webdock/lib/common.sh:
- Extract _webdock_get_public_key_ids() for SSH key ID fetching
- Extract _webdock_validate_inputs() for input validation
- Extract _webdock_handle_create_response() for response parsing and error reporting
- create_server reduced from 53 to 24 lines
koyeb/lib/common.sh:
- Extract _koyeb_detect_os() for OS detection
- Extract _koyeb_detect_arch() for architecture detection
- Extract _koyeb_install_cli() for download and PATH setup
- ensure_koyeb_cli reduced from 51 to 13 lines
Agent: complexity-hunter
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When a spawn script is killed by a signal (SIGKILL, SIGTERM, SIGHUP, etc.),
Node.js returns exit code null. Previously this produced the confusing message
"Script exited with code null". Now detects the actual signal and shows
signal-specific guidance: OOM suggestions for SIGKILL, terminal reconnection
tips for SIGHUP, spot instance warnings for SIGTERM.
Fixes#1011
Agent: ux-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Webdock was added in PR #1001 with zero dedicated test coverage.
This adds comprehensive tests validating:
- lib/common.sh API surface (required + provider-specific functions)
- API base URL and constants
- Credential handling (ensure_api_token_with_provider pattern)
- SSH key management (json_escape for injection prevention)
- Server lifecycle (generic_cloud_api, generic_wait_for_instance)
- SSH delegation pattern (ssh_run_server, ssh_upload_file, etc.)
- Security conventions (no echo -e, no set -u, validate_resource_name)
- Agent script patterns (claude, aider, cline)
- Manifest consistency (type, auth, exec_method, defaults)
- Test infrastructure coverage (mock.sh and record.sh entries)
Agent: test-engineer
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
