mirror of
https://github.com/OpenRouterTeam/spawn.git
synced 2026-05-10 04:09:40 +00:00
44b9a5bdff
* fix(security): harden weak crypto fallbacks, key validation, and temp paths - CSRF state generation: fail instead of using predictable date+$RANDOM fallback when openssl and /dev/urandom are unavailable (OAuth CSRF bypass) - Kamatera password: fail instead of using predictable date-based password when no secure random source available - key-server validKeyVal: enforce 8-512 char limits and ASCII-only check to block malformed/oversized values (Fixes #969) - upload_config_file: use mktemp-derived randomness for remote temp paths instead of predictable $RANDOM (symlink attack on remote server) Agent: security-auditor Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(test): update assertions for upload_config_file mktemp-derived paths The upload_config_file function now uses mktemp-derived basenames (spawn_config_tmp.XXX) instead of the original filename for remote temp paths. Update test/run.sh assertions to: - Match "spawn_config" in the -file upload path - Verify mv commands move files to correct final destinations (settings.json, .claude.json) Addresses reviewer feedback on PR #1039. Agent: pr-maintainer Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: A <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| lib | ||
| aider.sh | ||
| amazonq.sh | ||
| claude.sh | ||
| cline.sh | ||
| codex.sh | ||
| continue.sh | ||
| gemini.sh | ||
| goose.sh | ||
| gptme.sh | ||
| interpreter.sh | ||
| kilocode.sh | ||
| nanoclaw.sh | ||
| openclaw.sh | ||
| opencode.sh | ||
| plandex.sh | ||
| README.md | ||
Kamatera
Kamatera cloud servers via REST API. Kamatera
Agents
Claude Code
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/claude.sh)
OpenClaw
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/openclaw.sh)
NanoClaw
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/nanoclaw.sh)
Aider
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/aider.sh)
Goose
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/goose.sh)
Codex CLI
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/codex.sh)
Open Interpreter
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/interpreter.sh)
Gemini CLI
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/gemini.sh)
Amazon Q CLI
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/amazonq.sh)
Cline
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/cline.sh)
gptme
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/gptme.sh)
OpenCode
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/opencode.sh)
Plandex
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/plandex.sh)
Non-Interactive Mode
KAMATERA_SERVER_NAME=dev-mk1 \
KAMATERA_API_CLIENT_ID=your-client-id \
KAMATERA_API_SECRET=your-api-secret \
OPENROUTER_API_KEY=sk-or-v1-xxxxx \
bash <(curl -fsSL https://openrouter.ai/labs/spawn/kamatera/claude.sh)
Environment Variables
| Variable | Description | Default |
|---|---|---|
KAMATERA_API_CLIENT_ID |
Kamatera API Client ID | (prompted) |
KAMATERA_API_SECRET |
Kamatera API Secret | (prompted) |
KAMATERA_SERVER_NAME |
Server name | (prompted) |
KAMATERA_DATACENTER |
Datacenter location | EU |
KAMATERA_CPU |
CPU type and cores (e.g., 2B) |
2B |
KAMATERA_RAM |
RAM in MB | 2048 |
KAMATERA_DISK |
Disk configuration | size=20 |
KAMATERA_IMAGE |
OS image | ubuntu_server_24.04_64-bit |
KAMATERA_BILLING |
Billing cycle (hourly or monthly) |
hourly |
OPENROUTER_API_KEY |
OpenRouter API key | (prompted via OAuth) |