Skip to main content

Summary and Next Steps

What you builtโ€‹

In this track you went from running agents directly to packaging sandbox environments as declarative, shareable kits.

What you didHow
Shipped a Claude Code skill into the sandboxMixin kit with files/workspace/ injection
Understood proxy-managed credential injectioncredentials.sources + serviceAuth
Forked the built-in claude agentAgent kit with custom entrypoint
Stacked two kits on one sandbox--kit --kit
Pulled a kit from the community repogit+https://github.com/docker/sbx-kits-contrib.git#dir=โ€ฆ

The files you createdโ€‹

kits/
โ”œโ”€โ”€ docker-review/
โ”‚ โ”œโ”€โ”€ spec.yaml
โ”‚ โ””โ”€โ”€ files/
โ”‚ โ””โ”€โ”€ workspace/
โ”‚ โ””โ”€โ”€ .claude/skills/docker-review/SKILL.md
โ””โ”€โ”€ claude-safe/
โ””โ”€โ”€ spec.yaml

These are real, working kits. Commit them to this repo and anyone can use them with a single --kit flag.


What kits give you that shell scripts don'tโ€‹

  • Credentials never enter the VM - the proxy reads them from the host and injects per-request
  • Composable egress rules - stack kits without mutating a shared allowlist file
  • Shareable via Git URL or OCI registry - no clone, no setup doc, no config dance
  • Validated before run - sbx kit validate catches spec errors before they waste a sandbox creation
  • TCK-testable - write a Go test file using tck.NewSuiteFromDir and CI validates your kit against a real container

Next stepsโ€‹