mirror of
https://github.com/OpenRouterTeam/spawn.git
synced 2026-05-06 08:10:48 +00:00
d76c8dba0f
* refactor: Simplify API call retry logic in generic_cloud_api Extract duplicated retry handling into focused helper functions: - handle_api_network_error(): Handles curl errors with retry logic - handle_api_transient_error(): Handles 429/503 HTTP errors - _call_cloud_api(): Internal curl wrapper separating concerns Reduces cyclomatic complexity of generic_cloud_api from 9 to 3. Lines reduced from 89 to 54 (40% reduction). Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * Security: fix critical command injection vulnerabilities in container providers CRITICAL SECURITY FIX - Command injection vulnerabilities Fixed command injection in bash -c calls across all container/sandbox providers. These functions were passing commands directly to bash -c without proper escaping, allowing potential remote code execution via crafted inputs. Files fixed: - sprite/lib/common.sh: run_sprite(), upload_file_sprite() - e2b/lib/common.sh: run_server(), upload_file(), interactive_session() - daytona/lib/common.sh: run_server(), upload_file(), interactive_session() - railway/lib/common.sh: run_server(), upload_file(), interactive_session() Fix: Use printf %q to properly escape all command arguments before passing to bash -c. This prevents command injection while maintaining functionality. Severity: CRITICAL (CVSS 9.8) Impact: Remote code execution, full system compromise Mitigation: Proper shell escaping using printf %q All modified files pass bash -n syntax validation. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> --------- Co-authored-by: Sprite <noreply@sprite.dev> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| lib | ||
| aider.sh | ||
| amazonq.sh | ||
| claude.sh | ||
| cline.sh | ||
| codex.sh | ||
| gemini.sh | ||
| goose.sh | ||
| gptme.sh | ||
| interpreter.sh | ||
| nanoclaw.sh | ||
| openclaw.sh | ||
| opencode.sh | ||
| plandex.sh | ||
| README.md | ||
Daytona
Daytona sandboxed environments for AI code execution. Daytona
Sub-90ms sandbox creation. True SSH support via
daytona ssh. RequiresDAYTONA_API_KEYfrom https://app.daytona.io.
Agents
Claude Code
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/claude.sh)
OpenClaw
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/openclaw.sh)
NanoClaw
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/nanoclaw.sh)
Aider
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/aider.sh)
Goose
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/goose.sh)
Codex CLI
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/codex.sh)
Open Interpreter
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/interpreter.sh)
Gemini CLI
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/gemini.sh)
Amazon Q CLI
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/amazonq.sh)
Cline
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/cline.sh)
gptme
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/gptme.sh)
OpenCode
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/opencode.sh)
Plandex
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/plandex.sh)
Non-Interactive Mode
DAYTONA_SANDBOX_NAME=dev-mk1 \
DAYTONA_API_KEY=your-api-key \
OPENROUTER_API_KEY=sk-or-v1-xxxxx \
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/claude.sh)
Environment Variables
| Variable | Description | Default |
|---|---|---|
DAYTONA_API_KEY |
Daytona API key | (prompted) |
DAYTONA_SANDBOX_NAME |
Sandbox name | (prompted) |
DAYTONA_CPU |
Number of vCPUs | 2 |
DAYTONA_MEMORY |
Memory in MB | 2048 |
DAYTONA_DISK |
Disk size in GB | 5 |
OPENROUTER_API_KEY |
OpenRouter API key | (OAuth or prompted) |