vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-13 07:10:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
spawn/sprite
History
A d8785c3d0b
security: fix command injection in cline auth via remote env var expansion (#1473) 
All 9 cline.sh scripts embedded OPENROUTER_API_KEY directly into the
cloud_run command string, allowing shell metacharacter injection on the
remote server. Fix by escaping the dollar sign (\${OPENROUTER_API_KEY})
so the variable is expanded on the remote machine where it's already
set via agent_env_vars()/generate_env_config, not locally before being
passed to cloud_run.

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-19 12:25:16 -05:00
..
.claude/rules Sprite setup scripts for Claude Code and OpenClaw 2026-02-05 13:25:30 -06:00
lib fix: broken error message in multi-creds validation, predictable temp path (#1442) 2026-02-18 07:51:28 -05:00
aider.sh fix: prevent SSH hangs, fix command escaping, pin Python 3.12 for aider (#1439) 2026-02-18 04:23:15 -05:00
amazonq.sh fix: harden agent reliability + security across all clouds (#1468) 2026-02-19 08:36:24 -05:00
claude.sh feat: add server lifecycle management (reconnect + delete) (#1363) 2026-02-16 17:06:49 -08:00
cline.sh security: fix command injection in cline auth via remote env var expansion (#1473) 2026-02-19 12:25:16 -05:00
codex.sh refactor: introduce cloud adapter + spawn_agent runner system (#1340) 2026-02-16 16:25:44 -08:00
continue.sh refactor: introduce cloud adapter + spawn_agent runner system (#1340) 2026-02-16 16:25:44 -08:00
gemini.sh fix: install_agent double-escaping + github-auth reliability (#1460) 2026-02-19 05:21:55 -05:00
goose.sh refactor: introduce cloud adapter + spawn_agent runner system (#1340) 2026-02-16 16:25:44 -08:00
gptme.sh fix: use uv --upgrade to ensure Python 3.13-compatible Pillow across all clouds (#1436) 2026-02-18 03:21:59 -05:00
interpreter.sh fix: harden agent reliability + security across all clouds (#1468) 2026-02-19 08:36:24 -05:00
kilocode.sh refactor: introduce cloud adapter + spawn_agent runner system (#1340) 2026-02-16 16:25:44 -08:00
nanoclaw.sh fix: harden agent reliability + security across all clouds (#1468) 2026-02-19 08:36:24 -05:00
openclaw.sh fix: harden agent reliability + security across all clouds (#1468) 2026-02-19 08:36:24 -05:00
opencode.sh refactor: introduce cloud adapter + spawn_agent runner system (#1340) 2026-02-16 16:25:44 -08:00
plandex.sh refactor: introduce cloud adapter + spawn_agent runner system (#1340) 2026-02-16 16:25:44 -08:00
README.md refactor: replace Python with jq in Hetzner lib, fix /lab → /labs URLs (#827) 2026-02-12 23:14:11 -08:00

README.md

Sprite

Sprites.dev managed VMs with CLI. Sprite

Agents

Claude Code

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/claude.sh)

OpenClaw

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/openclaw.sh)

NanoClaw

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/nanoclaw.sh)

Aider

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/aider.sh)

Goose

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/goose.sh)

Codex CLI

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/codex.sh)

Open Interpreter

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/interpreter.sh)

Gemini CLI

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/gemini.sh)

Amazon Q CLI

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/amazonq.sh)

Cline

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/cline.sh)

gptme

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/gptme.sh)

OpenCode

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/opencode.sh)

Plandex

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/plandex.sh)

Kilo Code

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/kilocode.sh)

Continue

bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/continue.sh)

Non-Interactive Mode

SPRITE_NAME=dev-mk1 \
OPENROUTER_API_KEY=sk-or-v1-xxxxx \
  bash <(curl -fsSL https://openrouter.ai/labs/spawn/sprite/claude.sh)