mirror of
https://github.com/OpenRouterTeam/spawn.git
synced 2026-06-01 22:59:54 +00:00
b0f924b511
- Fix triple-quote injection in SSH keys (Scaleway, UpCloud), userdata (BinaryLane), init scripts (Civo, Kamatera), and GraphQL queries (RunPod) by passing data via stdin/json_escape instead of inline string interpolation - Add input validation for all cloud provider env vars (region, type, plan, etc.) using validate_region_name/validate_resource_name to block shell metacharacters before they reach Python string interpolation - Validate Modal image name as Python identifier to prevent code injection - Validate numeric env vars (RAM, GPU count, disk size) across all providers Affects: 19 cloud provider lib/common.sh files Agent: security-auditor Co-authored-by: A <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| lib | ||
| aider.sh | ||
| amazonq.sh | ||
| claude.sh | ||
| cline.sh | ||
| codex.sh | ||
| gemini.sh | ||
| goose.sh | ||
| gptme.sh | ||
| interpreter.sh | ||
| nanoclaw.sh | ||
| openclaw.sh | ||
| opencode.sh | ||
| plandex.sh | ||
| README.md | ||
Daytona
Daytona sandboxed environments for AI code execution. Daytona
Sub-90ms sandbox creation. True SSH support via
daytona ssh. RequiresDAYTONA_API_KEYfrom https://app.daytona.io.
Agents
Claude Code
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/claude.sh)
OpenClaw
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/openclaw.sh)
NanoClaw
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/nanoclaw.sh)
Aider
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/aider.sh)
Goose
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/goose.sh)
Codex CLI
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/codex.sh)
Open Interpreter
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/interpreter.sh)
Gemini CLI
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/gemini.sh)
Amazon Q CLI
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/amazonq.sh)
Cline
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/cline.sh)
gptme
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/gptme.sh)
OpenCode
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/opencode.sh)
Plandex
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/plandex.sh)
Non-Interactive Mode
DAYTONA_SANDBOX_NAME=dev-mk1 \
DAYTONA_API_KEY=your-api-key \
OPENROUTER_API_KEY=sk-or-v1-xxxxx \
bash <(curl -fsSL https://openrouter.ai/lab/spawn/daytona/claude.sh)
Environment Variables
| Variable | Description | Default |
|---|---|---|
DAYTONA_API_KEY |
Daytona API key | (prompted) |
DAYTONA_SANDBOX_NAME |
Sandbox name | (prompted) |
DAYTONA_CPU |
Number of vCPUs | 2 |
DAYTONA_MEMORY |
Memory in MB | 2048 |
DAYTONA_DISK |
Disk size in GB | 5 |
OPENROUTER_API_KEY |
OpenRouter API key | (OAuth or prompted) |