vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-09 19:49:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10
spawn/daytona
History
Ahmed Abushagur 05f1905294
fix: Daytona SSH gateway — resource overrides, base64 uploads, connection throttling (#1517) 
* fix: Daytona SSH gateway compatibility — resource overrides, base64 uploads, connection throttling

Daytona's SSH gateway has several limitations that caused hangs and failures:

1. **Resource overrides require image-based creation**: Snapshot-based sandboxes
   reject cpu/memory/disk fields. Use buildInfo.dockerfileContent (FROM image)
   to switch to image-based creation, which unlocks resource overrides.
   Default: 2 vCPU, 4 GiB RAM, 30 GiB disk (configurable via env vars).

2. **SCP/SFTP not supported**: Gateway returns HTTP 404 for SCP subsystem.
   Upload files via base64-encoded SSH command channel instead.

3. **Connection limit (~10-15 per token)**: Consolidated wait_for_cloud_init
   from 6 SSH calls into 1. Added 1s sleep between SSH operations to let
   the gateway release connection slots.

4. **Port flag incompatibility**: Changed -p PORT to -o Port=PORT so the
   port works for both ssh and scp (scp interprets -p as preserve timestamps).

5. **install_claude_code improvements**: Added npm as install method (most
   reliable for global installs), added .npm-global/bin to PATH.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address security review — escape remote_path, validate image name

- upload_file: escape single quotes in remote_path before embedding in
  the SSH command string (b64 content is inherently safe — base64 alphabet
  is [A-Za-z0-9+/=] only, no shell metacharacters)
- create_sandbox: validate DAYTONA_IMAGE against [a-zA-Z0-9./:_-] to
  reject malformed image names before sending to the API

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: harden upload_file() — validate base64 + use printf %q for paths

Address security review feedback on PR #1517:

CRITICAL: Add explicit base64 alphabet validation before embedding
encoded content in SSH command string. While base64 output is
inherently safe ([A-Za-z0-9+/=]), the validation guards against
corrupted/unexpected encoder output.

MEDIUM: Replace manual single-quote escaping for remote_path with
printf %q, which is the standard shell-safe escaping mechanism and
handles all special characters including path traversal attempts.

Tests: 110/110 pass, bash -n clean.

Agent: pr-maintainer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
2026-02-20 05:52:39 -05:00
..
lib fix: Daytona SSH gateway — resource overrides, base64 uploads, connection throttling (#1517) 2026-02-20 05:52:39 -05:00
claude.sh fix: use ~/.spawnrc for env vars instead of inlining into .bashrc (#1362) 2026-02-16 17:05:17 -08:00
codex.sh fix: pin Codex to 0.94.0 + wire_api=chat for multi-turn stability (#1518) 2026-02-20 04:49:35 -05:00
kilocode.sh refactor: introduce cloud adapter + spawn_agent runner system (#1340) 2026-02-16 16:25:44 -08:00
openclaw.sh fix: harden agent reliability + security across all clouds (#1468) 2026-02-19 08:36:24 -05:00
opencode.sh refactor: introduce cloud adapter + spawn_agent runner system (#1340) 2026-02-16 16:25:44 -08:00
README.md fix: sync cloud READMEs with current agent list (#1486) 2026-02-19 17:47:57 -05:00
zeroclaw.sh feat: reorder agents and remove NanoClaw (#1477) 2026-02-19 11:39:03 -08:00

README.md

Daytona

Daytona sandboxed environments for AI code execution. Daytona

Sub-90ms sandbox creation. True SSH support via daytona ssh. Requires DAYTONA_API_KEY from https://app.daytona.io.

Agents

Claude Code

bash <(curl -fsSL https://openrouter.ai/labs/spawn/daytona/claude.sh)

OpenClaw

bash <(curl -fsSL https://openrouter.ai/labs/spawn/daytona/openclaw.sh)

ZeroClaw

bash <(curl -fsSL https://openrouter.ai/labs/spawn/daytona/zeroclaw.sh)

Codex CLI

bash <(curl -fsSL https://openrouter.ai/labs/spawn/daytona/codex.sh)

OpenCode

bash <(curl -fsSL https://openrouter.ai/labs/spawn/daytona/opencode.sh)

Kilo Code

bash <(curl -fsSL https://openrouter.ai/labs/spawn/daytona/kilocode.sh)

Non-Interactive Mode

DAYTONA_SANDBOX_NAME=dev-mk1 \
DAYTONA_API_KEY=your-api-key \
OPENROUTER_API_KEY=sk-or-v1-xxxxx \
  bash <(curl -fsSL https://openrouter.ai/labs/spawn/daytona/claude.sh)

Environment Variables

Variable Description Default
DAYTONA_API_KEY Daytona API key (prompted)
DAYTONA_SANDBOX_NAME Sandbox name (prompted)
DAYTONA_CLASS Sandbox class (e.g. small, medium, large) small
DAYTONA_CPU Number of vCPUs (overrides --class) (unset)
DAYTONA_MEMORY Memory in MB (overrides --class) (unset)
DAYTONA_DISK Disk size in GB (overrides --class) (unset)
OPENROUTER_API_KEY OpenRouter API key (OAuth or prompted)

Note: Daytona rejects explicit --cpu/--memory/--disk flags when using snapshots. Use DAYTONA_CLASS instead. If explicit resource flags fail due to snapshot conflict, spawn automatically retries with --class small.