vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-08 10:09:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
spawn/northflank
History
A f586e19790
fix(security): replace unquoted heredocs with printf to prevent shell expansion in API keys (#1031) 
Unquoted `<< EOF` heredocs in nanoclaw .env file creation cause shell
expansion of the API key value. If an API key contains `$`, backticks,
or `\`, the value is silently corrupted or could trigger command
execution. Replace with `printf '%s'` which safely writes the value
without interpretation.

Also fix unquoted variable expansion in upload_config_file's mv command
and the github-codespaces/openclaw.sh config heredoc.

Fixes 34 scripts across all cloud providers.

Agent: security-auditor

Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-02-13 19:41:10 -05:00
..
lib fix: harden upload_file path validation with strict allowlist regex across 10 clouds (#993) 2026-02-13 12:20:40 -08:00
aider.sh fix: validate MODEL_ID from environment to prevent command injection (#548) 2026-02-11 15:41:10 -08:00
amazonq.sh fix: use log_step (cyan) for progress messages instead of log_warn (yellow) (#534) 2026-02-11 14:37:43 -08:00
claude.sh fix: add actionable guidance to agent installation failures across 126 scripts (#966) 2026-02-13 10:14:03 -08:00
cline.sh fix: use log_step (cyan) for progress messages instead of log_warn (yellow) (#534) 2026-02-11 14:37:43 -08:00
codex.sh fix: use log_step (cyan) for progress messages instead of log_warn (yellow) (#534) 2026-02-11 14:37:43 -08:00
continue.sh fix: use log_step (cyan) for progress messages instead of log_warn (yellow) (#534) 2026-02-11 14:37:43 -08:00
gemini.sh fix: use log_step (cyan) for progress messages instead of log_warn (yellow) (#534) 2026-02-11 14:37:43 -08:00
goose.sh fix: add actionable guidance to agent installation failures across 126 scripts (#966) 2026-02-13 10:14:03 -08:00
gptme.sh fix: add actionable guidance to agent installation failures across 126 scripts (#966) 2026-02-13 10:14:03 -08:00
interpreter.sh fix: use log_step (cyan) for progress messages instead of log_warn (yellow) (#534) 2026-02-11 14:37:43 -08:00
kilocode.sh fix: add actionable guidance to agent installation failures across 126 scripts (#966) 2026-02-13 10:14:03 -08:00
nanoclaw.sh fix(security): replace unquoted heredocs with printf to prevent shell expansion in API keys (#1031) 2026-02-13 19:41:10 -05:00
openclaw.sh fix: use log_step (cyan) for progress messages instead of log_warn (yellow) (#534) 2026-02-11 14:37:43 -08:00
opencode.sh fix: add actionable guidance to agent installation failures across 126 scripts (#966) 2026-02-13 10:14:03 -08:00
plandex.sh fix: add actionable guidance to agent installation failures across 126 scripts (#966) 2026-02-13 10:14:03 -08:00
README.md refactor: replace Python with jq in Hetzner lib, fix /lab → /labs URLs (#827) 2026-02-12 23:14:11 -08:00

README.md

Northflank

Northflank container platform via CLI with exec access. Northflank

Uses Northflank CLI for container exec. Free tier: 2 services. Pay-per-second pricing.

Agents

Claude Code

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/claude.sh)

OpenClaw

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/openclaw.sh)

Aider

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/aider.sh)

NanoClaw

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/nanoclaw.sh)

Goose

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/goose.sh)

Codex CLI

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/codex.sh)

Open Interpreter

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/interpreter.sh)

Gemini CLI

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/gemini.sh)

Amazon Q CLI

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/amazonq.sh)

Cline

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/cline.sh)

gptme

bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/gptme.sh)

Setup

  1. Create a Northflank account at https://northflank.com
  2. Generate an API token at https://northflank.com/account/settings/api/tokens
  3. Install the Northflank CLI:
npm install -g @northflank/cli

Non-Interactive Mode

NORTHFLANK_SERVICE_NAME=spawn-dev \
NORTHFLANK_PROJECT_NAME=spawn-project \
NORTHFLANK_TOKEN=your-token \
OPENROUTER_API_KEY=sk-or-v1-xxxxx \
  bash <(curl -fsSL https://openrouter.ai/labs/spawn/northflank/claude.sh)

Environment Variables

Variable Description Default
NORTHFLANK_TOKEN Northflank API token (prompted)
NORTHFLANK_SERVICE_NAME Service name (prompted)
NORTHFLANK_PROJECT_NAME Project name spawn-project
OPENROUTER_API_KEY OpenRouter API key (OAuth or prompted)

Free Tier

Northflank offers a Developer Sandbox with:

  • 2 free services
  • 2 free cron jobs
  • 1 free database/add-on

Perfect for testing and hobby projects. Production apps should use pay-as-you-go pricing.

Pricing

Pay-per-second usage-based pricing after free tier:

  • Compute: $0.01667 per vCPU/hour, $0.00833 per GB memory/hour
  • Disk: $0.30/GB per month
  • Network egress: $0.15/GB