agentkernel 0.18.1

Run AI coding agents in secure, isolated microVMs
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

# OpenCode sandbox template
# Pre-configured for running OpenCode inside an isolated sandbox

[sandbox]
name = "opencode-sandbox"
base_image = "node:22-alpine"
init_script = """
set -e
apk add --no-cache git bash curl python3 ripgrep fd jq
curl -fsSL https://opencode.ai/install | bash
export PATH="$HOME/.opencode/bin:$PATH"
"""

[agent]
preferred = "opencode"

[resources]
vcpus = 2
memory_mb = 1024

[secrets]
ANTHROPIC_API_KEY = "api.anthropic.com"
OPENAI_API_KEY = "api.openai.com"

[security]
profile = "moderate"

[security.domains]
allow = ["api.openai.com", "api.anthropic.com"]

[template]
description = "OpenCode agent sandbox"
category = "Agent Sandboxes"
help_text = """
How to use: Start the sandbox and run your workflow inside /workspace.
Example command: ls -la /workspace
Binaries available: node, npm, npx, opencode, git, python3, ripgrep, fd, jq
Services and ports: No long-running service is configured by default; only explicitly mapped ports are exposed.
"""