vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-01 21:30:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
spawn/sh/aws
History
A 1097f055c3
fix(security): add --proto '=https' to all curl executable downloads (#2160) 
42 curl calls downloading JS bundles, CLI binaries, and gh CLI tarballs
were missing --proto '=https', allowing protocol downgrade attacks on
hostile networks. PR #2138 fixed bun installer calls; this closes the
remaining gap for executable downloads.

Fixes applied:
- sh/{sprite,aws,gcp,hetzner,daytona,local}/{claude,codex,openclaw,opencode,kilocode,hermes,zeroclaw}.sh (42 files)
- sh/cli/install.sh (cli.js download)
- sh/shared/github-auth.sh (keyring, API, tarball downloads)

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-03 23:38:03 -05:00
..
claude.sh fix(security): add --proto '=https' to all curl executable downloads (#2160) 2026-03-03 23:38:03 -05:00
codex.sh fix(security): add --proto '=https' to all curl executable downloads (#2160) 2026-03-03 23:38:03 -05:00
hermes.sh fix(security): add --proto '=https' to all curl executable downloads (#2160) 2026-03-03 23:38:03 -05:00
kilocode.sh fix(security): add --proto '=https' to all curl executable downloads (#2160) 2026-03-03 23:38:03 -05:00
openclaw.sh fix(security): add --proto '=https' to all curl executable downloads (#2160) 2026-03-03 23:38:03 -05:00
opencode.sh fix(security): add --proto '=https' to all curl executable downloads (#2160) 2026-03-03 23:38:03 -05:00
README.md fix(e2e): add sh/aws/hermes.sh and mark aws/hermes as implemented (#2042) 2026-02-28 20:38:26 -05:00
zeroclaw.sh fix(security): add --proto '=https' to all curl executable downloads (#2160) 2026-03-03 23:38:03 -05:00

README.md

AWS Lightsail

AWS Lightsail instances via AWS CLI. AWS Lightsail

Prerequisites

  1. Enable AWS Lightsail — New AWS accounts must activate Lightsail before first use. Visit the Lightsail console and follow the activation prompt. Without this step, all provisioning commands will fail.

  2. AWS CLI installed and configured — Run aws configure with your Access Key ID and Secret Access Key.

Uses ubuntu user instead of root.

Agents

Claude Code

bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/claude.sh)

OpenClaw

bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/openclaw.sh)

ZeroClaw

bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/zeroclaw.sh)

Codex CLI

bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/codex.sh)

OpenCode

bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/opencode.sh)

Kilo Code

bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/kilocode.sh)

Hermes Agent

bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/hermes.sh)

Non-Interactive Mode

LIGHTSAIL_SERVER_NAME=dev-mk1 \
OPENROUTER_API_KEY=sk-or-v1-xxxxx \
  bash <(curl -fsSL https://openrouter.ai/labs/spawn/aws/claude.sh)