Skip to content

Document shared agent skills#25588

Open
dvdksn wants to merge 1 commit into
docker:mainfrom
dvdksn:codex/document-shared-agent-skills
Open

Document shared agent skills#25588
dvdksn wants to merge 1 commit into
docker:mainfrom
dvdksn:codex/document-shared-agent-skills

Conversation

@dvdksn

@dvdksn dvdksn commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

Summary

Document how sbx imports host agent skills and shares them through a persistent, writable store. Update security and lifecycle guidance to describe the cross-sandbox trust boundary and per-sandbox opt-out.

Generated by Codex

The Sandboxes docs did not explain how to import host agent skills or account for the writable store in the security model. Document the supported paths and behavior, clarify the narrow cross-sandbox trust boundary, and update related security, lifecycle, and FAQ guidance.

Co-Authored-By: Codex <noreply@openai.com>
@netlify

netlify Bot commented Jul 17, 2026

Copy link
Copy Markdown

Deploy Preview for docsdocker ready!

Name Link
🔨 Latest commit 381fe54
🔍 Latest deploy log https://app.netlify.com/projects/docsdocker/deploys/6a5a2b19faf1a40008f093a2
😎 Deploy Preview https://deploy-preview-25588--docsdocker.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@dvdksn dvdksn added the status/review Pull requests that are ready for review label Jul 17, 2026
@dvdksn
dvdksn requested a review from a team July 17, 2026 13:16
@dvdksn dvdksn added this to the sbx/v0.37.0 milestone Jul 17, 2026

@docker-agent docker-agent left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Assessment: 🟢 APPROVE

The documentation changes are clean and well-written. Content accurately describes the shared agent skills feature across architecture, FAQ, security, and usage files. No Vale-flagged style violations, no missing front matter, no broken references, and the sbx skills import command is properly cross-referenced in workflows.md.

@docker-agent docker-agent left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Assessment: 🟡 NEEDS ATTENTION

communicate directly over the network. Raw TCP, UDP, and ICMP are blocked at
the network layer.

![Sandbox security model showing the hypervisor boundary between the sandbox VM and the host system. The workspace directory is shared read-write. The agent process, Docker Engine, packages, and VM filesystem are inside the VM. Host filesystem, processes, Docker Engine, and network are outside the VM and not accessible. A proxy enforces allow/deny policies and injects credentials into outbound requests.](../images/sbx-security.png)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[MEDIUM] Security diagram alt-text is now incomplete after adding shared agent skills to the boundary description

The PR adds the shared agent skills store to the trust-boundary bullet lists ("What crosses the boundary into the VM" and "What crosses the boundary back to the host"), but the alt-text of the diagram image directly below remains unchanged. It still says only "The workspace directory is shared read-write" — it no longer mentions the shared skills store as a second cross-boundary share.

This leaves the diagram description inaccurate for screen-reader users and anyone relying on the alt-text alone. Consider updating the alt-text to reflect both shared paths, for example:

"…The workspace directory and shared agent skills store are shared read-write. Host filesystem, processes, Docker Engine, and network are outside the VM and not accessible. A proxy enforces allow/deny policies and injects credentials into outbound requests."

If the diagram image itself will be updated in a follow-up PR, a brief note in the alt-text (or a caption) that the diagram predates the shared skills feature would also address this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/ai status/review Pull requests that are ready for review

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants