@hasna/sandboxes 0.1.22 → 0.1.24

package/dist/cli/index.js

@@ -12059,6 +12059,50 @@ var init_config2 = __esm(() => {
   };
 });
 
+// src/lib/archive.ts
+import { existsSync as existsSync7, statSync } from "fs";
+function shellQuote(value) {
+  return "'" + value.replace(/'/g, "'\\''") + "'";
+}
+async function tarDirectory(localDir, opts) {
+  if (!existsSync7(localDir) || !statSync(localDir).isDirectory()) {
+    throw new Error(`tarDirectory: not a directory: ${localDir}`);
+  }
+  const excludes = opts?.exclude ?? DEFAULT_UPLOAD_EXCLUDES;
+  const args = ["-czf", "-"];
+  for (const ex of excludes)
+    args.push(`--exclude=${ex}`);
+  args.push("-C", localDir, ".");
+  const proc = Bun.spawn(["tar", ...args], { stdout: "pipe", stderr: "pipe" });
+  const [buf, stderr, exitCode] = await Promise.all([
+    new Response(proc.stdout).arrayBuffer(),
+    new Response(proc.stderr).text(),
+    proc.exited
+  ]);
+  if (exitCode !== 0) {
+    throw new Error(`tarDirectory: tar exited ${exitCode}: ${stderr.trim()}`);
+  }
+  return Buffer.from(buf);
+}
+function buildUntarCommand(remoteTarPath, remoteDir) {
+  const tar = shellQuote(remoteTarPath);
+  const dir = shellQuote(remoteDir);
+  return `mkdir -p ${dir} && tar -xzf ${tar} -C ${dir} && rm -f ${tar}`;
+}
+var DEFAULT_UPLOAD_EXCLUDES;
+var init_archive = __esm(() => {
+  DEFAULT_UPLOAD_EXCLUDES = [
+    "node_modules",
+    ".git",
+    "dist",
+    ".next",
+    ".turbo",
+    ".cache",
+    ".venv",
+    "__pycache__"
+  ];
+});
+
 // src/providers/e2b.ts
 var exports_e2b = {};
 __export(exports_e2b, {
@@ -12207,6 +12251,22 @@ class E2BProvider {
       throw new ProviderError("e2b", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      const data = archive.buffer.slice(archive.byteOffset, archive.byteOffset + archive.byteLength);
+      await sandbox.files.write(remoteTar, data);
+      const result = await sandbox.commands.run(buildUntarCommand(remoteTar, remoteDir));
+      if ((result.exitCode ?? 0) !== 0) {
+        throw new Error(result.stderr || `untar exited with code ${result.exitCode}`);
+      }
+      return { bytes: archive.length };
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = await this.getInstance(sandboxId);
     try {
@@ -12257,6 +12317,7 @@ class E2BProvider {
 var instanceCache;
 var init_e2b = __esm(() => {
   init_types2();
+  init_archive();
   instanceCache = new Map;
 });
 
@@ -12387,6 +12448,21 @@ class DaytonaProvider {
       throw new ProviderError("daytona", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      await sandbox.fs.uploadFile(archive, remoteTar);
+      const result = await sandbox.process.executeCommand(buildUntarCommand(remoteTar, remoteDir));
+      if (result.exitCode !== 0) {
+        throw new Error(result.result || `untar exited with code ${result.exitCode}`);
+      }
+      return { bytes: archive.length };
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = await this.getInstance(sandboxId);
     try {
@@ -12427,6 +12503,7 @@ class DaytonaProvider {
 var instanceCache2;
 var init_daytona = __esm(() => {
   init_types2();
+  init_archive();
   instanceCache2 = new Map;
 });
 
@@ -12624,6 +12701,32 @@ class ModalProvider {
       throw new ProviderError("modal", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const b64 = archive.toString("base64");
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      const remoteB64 = `${remoteTar}.b64`;
+      const execChecked = async (cmd) => {
+        const result = await this.exec(sandboxId, `sh -c ${this.shellEscape(cmd)}`);
+        if (result.exit_code !== 0) {
+          throw new Error(result.stderr || `command exited with code ${result.exit_code}`);
+        }
+      };
+      await execChecked(`: > ${remoteB64}`);
+      const CHUNK = 60000;
+      for (let i = 0;i < b64.length; i += CHUNK) {
+        const chunk = b64.slice(i, i + CHUNK);
+        await execChecked(`printf '%s' ${this.shellEscape(chunk)} >> ${remoteB64}`);
+      }
+      await execChecked(`base64 -d ${remoteB64} > ${remoteTar} && ${buildUntarCommand(remoteTar, remoteDir)} && rm -f ${remoteB64}`);
+      return { bytes: archive.length };
+    } catch (err) {
+      if (err instanceof ProviderError)
+        throw err;
+      throw new ProviderError("modal", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = this.getSandbox(sandboxId);
     try {
@@ -12690,6 +12793,7 @@ class ModalProvider {
 var sandboxCache;
 var init_modal = __esm(() => {
   init_types2();
+  init_archive();
   sandboxCache = new Map;
 });
 
@@ -12809,6 +12913,34 @@ var init_runtime_state = __esm(() => {
   init_sandboxes();
 });
 
+// src/lib/agents/claude.ts
+class ClaudeDriver {
+  name = "claude";
+  requiredEnvVars = ["ANTHROPIC_API_KEY"];
+  async install(provider, providerSandboxId) {
+    const check = await provider.exec(providerSandboxId, "which claude 2>/dev/null || echo MISSING");
+    if (check.stdout.trim() !== "MISSING")
+      return;
+    const bunCheck = await provider.exec(providerSandboxId, "which bun 2>/dev/null || echo MISSING");
+    if (bunCheck.stdout.trim() !== "MISSING") {
+      await provider.exec(providerSandboxId, "bun install -g @anthropic-ai/claude-code 2>&1");
+    } else {
+      await provider.exec(providerSandboxId, "npm install -g @anthropic-ai/claude-code 2>&1 || sudo npm install -g @anthropic-ai/claude-code 2>&1");
+    }
+  }
+  async configure(provider, providerSandboxId, _envVars) {
+    const config = JSON.stringify({
+      hasCompletedOnboarding: true,
+      hasTrustDialogAccepted: true,
+      bypassPermissionsModeAccepted: true
+    });
+    await provider.exec(providerSandboxId, `mkdir -p ~/.claude && echo '${config}' > ~/.claude.json`);
+  }
+  buildCommand(prompt) {
+    return `claude --dangerously-skip-permissions -p ${JSON.stringify(prompt)}`;
+  }
+}
+
 // src/lib/agents/codex.ts
 class CodexDriver {
   name = "codex";
@@ -12921,6 +13053,7 @@ function getAgentDriver(name) {
 var DRIVERS, DRIVER_MAP;
 var init_agents = __esm(() => {
   DRIVERS = [
+    new ClaudeDriver,
     new CodexDriver,
     new GeminiDriver,
     new OpenCodeDriver,
@@ -13034,7 +13167,7 @@ async function stopAgent(sandboxId) {
     return;
   const provider = await getProvider(sandbox.provider);
   try {
-    await provider.exec(sandbox.provider_sandbox_id, "pkill -f 'codex\\|gemini\\|opencode\\|pi\\|takumi' || true");
+    await provider.exec(sandbox.provider_sandbox_id, "pkill -f 'claude\\|codex\\|gemini\\|opencode\\|pi\\|takumi' || true");
   } catch {}
   emitLifecycleEvent(sandbox.id, "Agent stopped by user");
 }
@@ -13047,6 +13180,49 @@ var init_agent_runner = __esm(() => {
   init_runtime_state();
 });
 
+// src/lib/secrets.ts
+var exports_secrets = {};
+__export(exports_secrets, {
+  resolveSecretSpecs: () => resolveSecretSpecs,
+  resolveSecretEnv: () => resolveSecretEnv,
+  parseSecretMapping: () => parseSecretMapping,
+  cliSecretResolver: () => cliSecretResolver
+});
+function parseSecretMapping(spec) {
+  const idx = spec.indexOf("=");
+  if (idx <= 0) {
+    throw new Error(`Invalid secret mapping "${spec}" (expected ENV_NAME=vault/key)`);
+  }
+  const env = spec.slice(0, idx).trim();
+  const key = spec.slice(idx + 1).trim();
+  if (!env || !key) {
+    throw new Error(`Invalid secret mapping "${spec}" (expected ENV_NAME=vault/key)`);
+  }
+  return { env, key };
+}
+async function resolveSecretEnv(mappings, resolver = cliSecretResolver) {
+  const env = {};
+  for (const mapping of mappings) {
+    env[mapping.env] = await resolver(mapping.key);
+  }
+  return env;
+}
+async function resolveSecretSpecs(specs, resolver = cliSecretResolver) {
+  return resolveSecretEnv(specs.map(parseSecretMapping), resolver);
+}
+var cliSecretResolver = async (key) => {
+  const proc = Bun.spawn(["secrets", "get", key], { stdout: "pipe", stderr: "pipe" });
+  const [out, errText, code] = await Promise.all([
+    new Response(proc.stdout).text(),
+    new Response(proc.stderr).text(),
+    proc.exited
+  ]);
+  if (code !== 0) {
+    throw new Error(`secrets get ${key} failed: ${errText.trim() || `exit ${code}`}`);
+  }
+  return out.replace(/\r?\n$/, "");
+};
+
 // node_modules/commander/esm.mjs
 var import__ = __toESM(require_commander(), 1);
 var {
@@ -13457,15 +13633,32 @@ filesCmd.command("write <id> <path>").description("Write content to a file in a
     handleError(err);
   }
 });
+filesCmd.command("sync <id> <localDir> <remoteDir>").description("Upload a local directory into a sandbox (fast archive, no git clone)").option("--exclude <patterns>", "Comma-separated exclude patterns (default: node_modules,.git,dist,\u2026)").action(async (id, localDir, remoteDir, opts) => {
+  try {
+    const sandbox = getSandbox(id);
+    if (!sandbox.provider_sandbox_id) {
+      console.error(chalk.red("Sandbox has no provider ID."));
+      process.exit(1);
+    }
+    const p = await getProvider(sandbox.provider);
+    const exclude = opts.exclude ? opts.exclude.split(",").map((s) => s.trim()).filter(Boolean) : undefined;
+    const result = await p.uploadDir(sandbox.provider_sandbox_id, localDir, remoteDir, exclude ? { exclude } : undefined);
+    console.log(chalk.green(`Uploaded ${localDir} \u2192 ${remoteDir} (${result.bytes} bytes)`));
+  } catch (err) {
+    handleError(err);
+  }
+});
 var agentCmd = program2.command("agent").description("Run and manage AI agents in sandboxes");
-agentCmd.command("run <id>").description("Run an AI agent inside a sandbox").requiredOption("-t, --type <type>", "Agent type: takumi, codex, gemini, opencode, pi, custom").requiredOption("-p, --prompt <prompt>", "Prompt for the agent").option("-n, --name <name>", "Agent name").option("-c, --command <cmd>", "Custom command (for 'custom' type)").action(async (id, opts) => {
+agentCmd.command("run <id>").description("Run an AI agent inside a sandbox").requiredOption("-t, --type <type>", "Agent type: claude, takumi, codex, gemini, opencode, pi, custom").requiredOption("-p, --prompt <prompt>", "Prompt for the agent").option("-n, --name <name>", "Agent name").option("-c, --command <cmd>", "Custom command (for 'custom' type)").option("--secret <mapping>", "Inject a vault secret as an env var: ENV_NAME=vault/key (repeatable)", (val, prev) => [...prev, val], []).action(async (id, opts) => {
   try {
     const { runAgent: runAgent2 } = await Promise.resolve().then(() => (init_agent_runner(), exports_agent_runner));
+    const callEnvVars = opts.secret.length ? await (await Promise.resolve().then(() => exports_secrets)).resolveSecretSpecs(opts.secret) : undefined;
     const session = await runAgent2(id, {
       agentType: opts.type,
       prompt: opts.prompt,
       agentName: opts.name,
       command: opts.command,
+      callEnvVars,
       onStdout: (data) => process.stdout.write(data),
       onStderr: (data) => process.stderr.write(data)
     });

package/dist/index.js

@@ -34,7 +34,7 @@ var init_types = __esm(() => {
     "failed",
     "killed"
   ];
-  AGENT_TYPES = ["codex", "gemini", "opencode", "pi", "takumi", "custom"];
+  AGENT_TYPES = ["claude", "codex", "gemini", "opencode", "pi", "takumi", "custom"];
   EVENT_TYPES = [
     "stdout",
     "stderr",
@@ -87,6 +87,50 @@ var init_types = __esm(() => {
   };
 });
 
+// src/lib/archive.ts
+import { existsSync as existsSync7, statSync } from "fs";
+function shellQuote(value) {
+  return "'" + value.replace(/'/g, "'\\''") + "'";
+}
+async function tarDirectory(localDir, opts) {
+  if (!existsSync7(localDir) || !statSync(localDir).isDirectory()) {
+    throw new Error(`tarDirectory: not a directory: ${localDir}`);
+  }
+  const excludes = opts?.exclude ?? DEFAULT_UPLOAD_EXCLUDES;
+  const args = ["-czf", "-"];
+  for (const ex of excludes)
+    args.push(`--exclude=${ex}`);
+  args.push("-C", localDir, ".");
+  const proc = Bun.spawn(["tar", ...args], { stdout: "pipe", stderr: "pipe" });
+  const [buf, stderr, exitCode] = await Promise.all([
+    new Response(proc.stdout).arrayBuffer(),
+    new Response(proc.stderr).text(),
+    proc.exited
+  ]);
+  if (exitCode !== 0) {
+    throw new Error(`tarDirectory: tar exited ${exitCode}: ${stderr.trim()}`);
+  }
+  return Buffer.from(buf);
+}
+function buildUntarCommand(remoteTarPath, remoteDir) {
+  const tar = shellQuote(remoteTarPath);
+  const dir = shellQuote(remoteDir);
+  return `mkdir -p ${dir} && tar -xzf ${tar} -C ${dir} && rm -f ${tar}`;
+}
+var DEFAULT_UPLOAD_EXCLUDES;
+var init_archive = __esm(() => {
+  DEFAULT_UPLOAD_EXCLUDES = [
+    "node_modules",
+    ".git",
+    "dist",
+    ".next",
+    ".turbo",
+    ".cache",
+    ".venv",
+    "__pycache__"
+  ];
+});
+
 // src/providers/e2b.ts
 var exports_e2b = {};
 __export(exports_e2b, {
@@ -235,6 +279,22 @@ class E2BProvider {
       throw new ProviderError("e2b", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      const data = archive.buffer.slice(archive.byteOffset, archive.byteOffset + archive.byteLength);
+      await sandbox.files.write(remoteTar, data);
+      const result = await sandbox.commands.run(buildUntarCommand(remoteTar, remoteDir));
+      if ((result.exitCode ?? 0) !== 0) {
+        throw new Error(result.stderr || `untar exited with code ${result.exitCode}`);
+      }
+      return { bytes: archive.length };
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = await this.getInstance(sandboxId);
     try {
@@ -285,6 +345,7 @@ class E2BProvider {
 var instanceCache;
 var init_e2b = __esm(() => {
   init_types();
+  init_archive();
   instanceCache = new Map;
 });
 
@@ -415,6 +476,21 @@ class DaytonaProvider {
       throw new ProviderError("daytona", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      await sandbox.fs.uploadFile(archive, remoteTar);
+      const result = await sandbox.process.executeCommand(buildUntarCommand(remoteTar, remoteDir));
+      if (result.exitCode !== 0) {
+        throw new Error(result.result || `untar exited with code ${result.exitCode}`);
+      }
+      return { bytes: archive.length };
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = await this.getInstance(sandboxId);
     try {
@@ -455,6 +531,7 @@ class DaytonaProvider {
 var instanceCache2;
 var init_daytona = __esm(() => {
   init_types();
+  init_archive();
   instanceCache2 = new Map;
 });
 
@@ -652,6 +729,32 @@ class ModalProvider {
       throw new ProviderError("modal", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const b64 = archive.toString("base64");
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      const remoteB64 = `${remoteTar}.b64`;
+      const execChecked = async (cmd) => {
+        const result = await this.exec(sandboxId, `sh -c ${this.shellEscape(cmd)}`);
+        if (result.exit_code !== 0) {
+          throw new Error(result.stderr || `command exited with code ${result.exit_code}`);
+        }
+      };
+      await execChecked(`: > ${remoteB64}`);
+      const CHUNK = 60000;
+      for (let i = 0;i < b64.length; i += CHUNK) {
+        const chunk = b64.slice(i, i + CHUNK);
+        await execChecked(`printf '%s' ${this.shellEscape(chunk)} >> ${remoteB64}`);
+      }
+      await execChecked(`base64 -d ${remoteB64} > ${remoteTar} && ${buildUntarCommand(remoteTar, remoteDir)} && rm -f ${remoteB64}`);
+      return { bytes: archive.length };
+    } catch (err) {
+      if (err instanceof ProviderError)
+        throw err;
+      throw new ProviderError("modal", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = this.getSandbox(sandboxId);
     try {
@@ -718,6 +821,7 @@ class ModalProvider {
 var sandboxCache;
 var init_modal = __esm(() => {
   init_types();
+  init_archive();
   sandboxCache = new Map;
 });
 
@@ -11242,6 +11346,34 @@ function finalizeSandboxProvisionFailure(sandboxId, error) {
   return getErrorMessage(error);
 }
 
+// src/lib/agents/claude.ts
+class ClaudeDriver {
+  name = "claude";
+  requiredEnvVars = ["ANTHROPIC_API_KEY"];
+  async install(provider, providerSandboxId) {
+    const check = await provider.exec(providerSandboxId, "which claude 2>/dev/null || echo MISSING");
+    if (check.stdout.trim() !== "MISSING")
+      return;
+    const bunCheck = await provider.exec(providerSandboxId, "which bun 2>/dev/null || echo MISSING");
+    if (bunCheck.stdout.trim() !== "MISSING") {
+      await provider.exec(providerSandboxId, "bun install -g @anthropic-ai/claude-code 2>&1");
+    } else {
+      await provider.exec(providerSandboxId, "npm install -g @anthropic-ai/claude-code 2>&1 || sudo npm install -g @anthropic-ai/claude-code 2>&1");
+    }
+  }
+  async configure(provider, providerSandboxId, _envVars) {
+    const config = JSON.stringify({
+      hasCompletedOnboarding: true,
+      hasTrustDialogAccepted: true,
+      bypassPermissionsModeAccepted: true
+    });
+    await provider.exec(providerSandboxId, `mkdir -p ~/.claude && echo '${config}' > ~/.claude.json`);
+  }
+  buildCommand(prompt) {
+    return `claude --dangerously-skip-permissions -p ${JSON.stringify(prompt)}`;
+  }
+}
+
 // src/lib/agents/codex.ts
 class CodexDriver {
   name = "codex";
@@ -11349,6 +11481,7 @@ class TakumiDriver {
 
 // src/lib/agents/index.ts
 var DRIVERS = [
+  new ClaudeDriver,
   new CodexDriver,
   new GeminiDriver,
   new OpenCodeDriver,
@@ -11363,6 +11496,27 @@ function listAgentDrivers() {
   return DRIVERS;
 }
 
+// src/lib/secrets.ts
+var cliSecretResolver = async (key) => {
+  const proc = Bun.spawn(["secrets", "get", key], { stdout: "pipe", stderr: "pipe" });
+  const [out, errText, code] = await Promise.all([
+    new Response(proc.stdout).text(),
+    new Response(proc.stderr).text(),
+    proc.exited
+  ]);
+  if (code !== 0) {
+    throw new Error(`secrets get ${key} failed: ${errText.trim() || `exit ${code}`}`);
+  }
+  return out.replace(/\r?\n$/, "");
+};
+async function resolveSecretEnv(mappings, resolver = cliSecretResolver) {
+  const env = {};
+  for (const mapping of mappings) {
+    env[mapping.env] = await resolver(mapping.key);
+  }
+  return env;
+}
+
 // src/sdk.ts
 function isExecHandle(value) {
   return typeof value.wait === "function";
@@ -11482,10 +11636,22 @@ class SandboxesSDK {
     const provider = await this.getProvider(sandbox.provider);
     return provider.listFiles(sandbox.provider_sandbox_id, path, opts);
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    const sandbox = this.requireProviderSandbox(sandboxId);
+    const provider = await this.getProvider(sandbox.provider);
+    const result = await provider.uploadDir(sandbox.provider_sandbox_id, localDir, remoteDir, opts);
+    emitLifecycleEvent(sandbox.id, `uploaded ${localDir} -> ${remoteDir} (${result.bytes} bytes)`);
+    return result;
+  }
   async runAgent(sandboxId, opts) {
     const sandbox = this.requireProviderSandbox(sandboxId);
     const provider = await this.getProvider(sandbox.provider);
-    const env = mergeEnv(sandbox.env_vars, opts.callEnvVars);
+    let callEnvVars = opts.callEnvVars;
+    if (opts.secrets && opts.secrets.length > 0) {
+      const secretEnv = await resolveSecretEnv(opts.secrets, opts.secretResolver);
+      callEnvVars = { ...secretEnv, ...opts.callEnvVars };
+    }
+    const env = mergeEnv(sandbox.env_vars, callEnvVars);
     let command;
     const driver = opts.agentType !== "custom" ? getAgentDriver(opts.agentType) : undefined;
     if (opts.command) {

package/dist/lib/agents/claude.d.ts

@@ -0,0 +1,9 @@
+import type { SandboxProvider } from "../../providers/types.js";
+import type { AgentDriver } from "./types.js";
+export declare class ClaudeDriver implements AgentDriver {
+    readonly name = "claude";
+    readonly requiredEnvVars: string[];
+    install(provider: SandboxProvider, providerSandboxId: string): Promise<void>;
+    configure(provider: SandboxProvider, providerSandboxId: string, _envVars: Record<string, string>): Promise<void>;
+    buildCommand(prompt: string): string;
+}

package/dist/lib/archive.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Directories that are almost never worth shipping into a sandbox and that
+ * dominate upload size. Callers can override via `TarDirectoryOptions.exclude`.
+ */
+export declare const DEFAULT_UPLOAD_EXCLUDES: string[];
+export interface TarDirectoryOptions {
+    /**
+     * Path/glob patterns to exclude (matched by `tar --exclude`). A bare name
+     * like `node_modules` excludes that directory and its contents at any depth
+     * on both bsdtar (macOS) and GNU tar (Linux). Defaults to
+     * {@link DEFAULT_UPLOAD_EXCLUDES}; pass `[]` to include everything.
+     */
+    exclude?: string[];
+}
+/** Single-quote a value for safe POSIX shell interpolation. */
+export declare function shellQuote(value: string): string;
+/**
+ * Create a gzipped tar of a local directory's contents and return it as a Buffer.
+ *
+ * The archive is rooted at the directory contents (members are relative, e.g.
+ * `./src/index.ts`), so it extracts cleanly into any target with
+ * `tar -xzf - -C <dir>`. Uses the system `tar`, which is present on macOS
+ * (bsdtar) and Linux (GNU tar).
+ */
+export declare function tarDirectory(localDir: string, opts?: TarDirectoryOptions): Promise<Buffer>;
+/**
+ * Build the shell command that unpacks an uploaded tarball into `remoteDir`
+ * and removes the tarball afterward. Shared by providers that upload a single
+ * archive then extract it in-sandbox.
+ */
+export declare function buildUntarCommand(remoteTarPath: string, remoteDir: string): string;

package/dist/lib/secrets.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Resolve credentials from the @hasna/secrets vault and inject them into agents
+ * as per-call environment variables — never persisted to the sandbox record.
+ */
+export type SecretResolver = (key: string) => Promise<string>;
+export interface SecretMapping {
+    /** Environment variable name to expose inside the sandbox (e.g. ANTHROPIC_API_KEY). */
+    env: string;
+    /** Vault key to read (e.g. hasnaxyz/anthropic/live/api_key). */
+    key: string;
+}
+/** Parse an `ENV_NAME=vault/key` spec into a {@link SecretMapping}. */
+export declare function parseSecretMapping(spec: string): SecretMapping;
+/**
+ * Default resolver: read a secret value from the @hasna/secrets vault via the
+ * globally-installed `secrets` CLI (`secrets get <key>`).
+ */
+export declare const cliSecretResolver: SecretResolver;
+/**
+ * Resolve secret mappings to an `{ ENV_NAME: value }` record using the vault.
+ * The returned record is meant to be passed as per-call env vars (callEnvVars),
+ * so resolved secret values are never written to the persisted sandbox record.
+ */
+export declare function resolveSecretEnv(mappings: SecretMapping[], resolver?: SecretResolver): Promise<Record<string, string>>;
+/** Convenience: parse `ENV=key` specs and resolve them in one step. */
+export declare function resolveSecretSpecs(specs: string[], resolver?: SecretResolver): Promise<Record<string, string>>;

package/dist/mcp/index.js

@@ -60,6 +60,50 @@ var init_types2 = __esm(() => {
   };
 });
 
+// src/lib/archive.ts
+import { existsSync as existsSync7, statSync } from "fs";
+function shellQuote(value) {
+  return "'" + value.replace(/'/g, "'\\''") + "'";
+}
+async function tarDirectory(localDir, opts) {
+  if (!existsSync7(localDir) || !statSync(localDir).isDirectory()) {
+    throw new Error(`tarDirectory: not a directory: ${localDir}`);
+  }
+  const excludes = opts?.exclude ?? DEFAULT_UPLOAD_EXCLUDES;
+  const args = ["-czf", "-"];
+  for (const ex of excludes)
+    args.push(`--exclude=${ex}`);
+  args.push("-C", localDir, ".");
+  const proc = Bun.spawn(["tar", ...args], { stdout: "pipe", stderr: "pipe" });
+  const [buf, stderr, exitCode] = await Promise.all([
+    new Response(proc.stdout).arrayBuffer(),
+    new Response(proc.stderr).text(),
+    proc.exited
+  ]);
+  if (exitCode !== 0) {
+    throw new Error(`tarDirectory: tar exited ${exitCode}: ${stderr.trim()}`);
+  }
+  return Buffer.from(buf);
+}
+function buildUntarCommand(remoteTarPath, remoteDir) {
+  const tar = shellQuote(remoteTarPath);
+  const dir = shellQuote(remoteDir);
+  return `mkdir -p ${dir} && tar -xzf ${tar} -C ${dir} && rm -f ${tar}`;
+}
+var DEFAULT_UPLOAD_EXCLUDES;
+var init_archive = __esm(() => {
+  DEFAULT_UPLOAD_EXCLUDES = [
+    "node_modules",
+    ".git",
+    "dist",
+    ".next",
+    ".turbo",
+    ".cache",
+    ".venv",
+    "__pycache__"
+  ];
+});
+
 // src/providers/e2b.ts
 var exports_e2b = {};
 __export(exports_e2b, {
@@ -208,6 +252,22 @@ class E2BProvider {
       throw new ProviderError("e2b", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      const data = archive.buffer.slice(archive.byteOffset, archive.byteOffset + archive.byteLength);
+      await sandbox.files.write(remoteTar, data);
+      const result = await sandbox.commands.run(buildUntarCommand(remoteTar, remoteDir));
+      if ((result.exitCode ?? 0) !== 0) {
+        throw new Error(result.stderr || `untar exited with code ${result.exitCode}`);
+      }
+      return { bytes: archive.length };
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = await this.getInstance(sandboxId);
     try {
@@ -258,6 +318,7 @@ class E2BProvider {
 var instanceCache;
 var init_e2b = __esm(() => {
   init_types2();
+  init_archive();
   instanceCache = new Map;
 });
 
@@ -388,6 +449,21 @@ class DaytonaProvider {
       throw new ProviderError("daytona", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      await sandbox.fs.uploadFile(archive, remoteTar);
+      const result = await sandbox.process.executeCommand(buildUntarCommand(remoteTar, remoteDir));
+      if (result.exitCode !== 0) {
+        throw new Error(result.result || `untar exited with code ${result.exitCode}`);
+      }
+      return { bytes: archive.length };
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = await this.getInstance(sandboxId);
     try {
@@ -428,6 +504,7 @@ class DaytonaProvider {
 var instanceCache2;
 var init_daytona = __esm(() => {
   init_types2();
+  init_archive();
   instanceCache2 = new Map;
 });
 
@@ -625,6 +702,32 @@ class ModalProvider {
       throw new ProviderError("modal", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const b64 = archive.toString("base64");
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      const remoteB64 = `${remoteTar}.b64`;
+      const execChecked = async (cmd) => {
+        const result = await this.exec(sandboxId, `sh -c ${this.shellEscape(cmd)}`);
+        if (result.exit_code !== 0) {
+          throw new Error(result.stderr || `command exited with code ${result.exit_code}`);
+        }
+      };
+      await execChecked(`: > ${remoteB64}`);
+      const CHUNK = 60000;
+      for (let i = 0;i < b64.length; i += CHUNK) {
+        const chunk = b64.slice(i, i + CHUNK);
+        await execChecked(`printf '%s' ${this.shellEscape(chunk)} >> ${remoteB64}`);
+      }
+      await execChecked(`base64 -d ${remoteB64} > ${remoteTar} && ${buildUntarCommand(remoteTar, remoteDir)} && rm -f ${remoteB64}`);
+      return { bytes: archive.length };
+    } catch (err) {
+      if (err instanceof ProviderError)
+        throw err;
+      throw new ProviderError("modal", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = this.getSandbox(sandboxId);
     try {
@@ -691,9 +794,53 @@ class ModalProvider {
 var sandboxCache;
 var init_modal = __esm(() => {
   init_types2();
+  init_archive();
   sandboxCache = new Map;
 });
 
+// src/lib/secrets.ts
+var exports_secrets = {};
+__export(exports_secrets, {
+  resolveSecretSpecs: () => resolveSecretSpecs,
+  resolveSecretEnv: () => resolveSecretEnv,
+  parseSecretMapping: () => parseSecretMapping,
+  cliSecretResolver: () => cliSecretResolver
+});
+function parseSecretMapping(spec) {
+  const idx = spec.indexOf("=");
+  if (idx <= 0) {
+    throw new Error(`Invalid secret mapping "${spec}" (expected ENV_NAME=vault/key)`);
+  }
+  const env = spec.slice(0, idx).trim();
+  const key = spec.slice(idx + 1).trim();
+  if (!env || !key) {
+    throw new Error(`Invalid secret mapping "${spec}" (expected ENV_NAME=vault/key)`);
+  }
+  return { env, key };
+}
+async function resolveSecretEnv(mappings, resolver = cliSecretResolver) {
+  const env = {};
+  for (const mapping of mappings) {
+    env[mapping.env] = await resolver(mapping.key);
+  }
+  return env;
+}
+async function resolveSecretSpecs(specs, resolver = cliSecretResolver) {
+  return resolveSecretEnv(specs.map(parseSecretMapping), resolver);
+}
+var cliSecretResolver = async (key) => {
+  const proc = Bun.spawn(["secrets", "get", key], { stdout: "pipe", stderr: "pipe" });
+  const [out, errText, code] = await Promise.all([
+    new Response(proc.stdout).text(),
+    new Response(proc.stderr).text(),
+    proc.exited
+  ]);
+  if (code !== 0) {
+    throw new Error(`secrets get ${key} failed: ${errText.trim() || `exit ${code}`}`);
+  }
+  return out.replace(/\r?\n$/, "");
+};
+
 // src/mcp/index.ts
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
@@ -15650,6 +15797,34 @@ function emitLifecycleEvent(sandboxId, message) {
   notifyListeners(sandboxId, "lifecycle", message);
 }
 
+// src/lib/agents/claude.ts
+class ClaudeDriver {
+  name = "claude";
+  requiredEnvVars = ["ANTHROPIC_API_KEY"];
+  async install(provider, providerSandboxId) {
+    const check = await provider.exec(providerSandboxId, "which claude 2>/dev/null || echo MISSING");
+    if (check.stdout.trim() !== "MISSING")
+      return;
+    const bunCheck = await provider.exec(providerSandboxId, "which bun 2>/dev/null || echo MISSING");
+    if (bunCheck.stdout.trim() !== "MISSING") {
+      await provider.exec(providerSandboxId, "bun install -g @anthropic-ai/claude-code 2>&1");
+    } else {
+      await provider.exec(providerSandboxId, "npm install -g @anthropic-ai/claude-code 2>&1 || sudo npm install -g @anthropic-ai/claude-code 2>&1");
+    }
+  }
+  async configure(provider, providerSandboxId, _envVars) {
+    const config = JSON.stringify({
+      hasCompletedOnboarding: true,
+      hasTrustDialogAccepted: true,
+      bypassPermissionsModeAccepted: true
+    });
+    await provider.exec(providerSandboxId, `mkdir -p ~/.claude && echo '${config}' > ~/.claude.json`);
+  }
+  buildCommand(prompt) {
+    return `claude --dangerously-skip-permissions -p ${JSON.stringify(prompt)}`;
+  }
+}
+
 // src/lib/agents/codex.ts
 class CodexDriver {
   name = "codex";
@@ -15757,6 +15932,7 @@ class TakumiDriver {
 
 // src/lib/agents/index.ts
 var DRIVERS = [
+  new ClaudeDriver,
   new CodexDriver,
   new GeminiDriver,
   new OpenCodeDriver,
@@ -15882,7 +16058,7 @@ async function stopAgent(sandboxId) {
     return;
   const provider = await getProvider(sandbox.provider);
   try {
-    await provider.exec(sandbox.provider_sandbox_id, "pkill -f 'codex\\|gemini\\|opencode\\|pi\\|takumi' || true");
+    await provider.exec(sandbox.provider_sandbox_id, "pkill -f 'claude\\|codex\\|gemini\\|opencode\\|pi\\|takumi' || true");
   } catch {}
   emitLifecycleEvent(sandbox.id, "Agent stopped by user");
 }
@@ -15969,6 +16145,7 @@ var TOOL_CATALOG = [
   { name: "read_file", description: "Read a file from a sandbox" },
   { name: "write_file", description: "Write a file to a sandbox" },
   { name: "list_files", description: "List files in a sandbox directory" },
+  { name: "upload_dir", description: "Upload a local directory into a sandbox (fast archive, no git clone)" },
   { name: "get_session", description: "Get session details and exit code (useful for background commands)" },
   { name: "get_logs", description: "Get sandbox/session event logs" },
   { name: "register_agent", description: "Register an agent (idempotent, auto-heartbeat)" },
@@ -16281,6 +16458,27 @@ server.tool("list_files", "List files in a sandbox directory", {
     return err(e);
   }
 });
+server.tool("upload_dir", "Upload a local directory into a sandbox as a single archive (fast, no git clone)", {
+  sandbox_id: exports_external2.string().describe("Sandbox ID or partial ID"),
+  local_dir: exports_external2.string().describe("Local directory path on the host to upload"),
+  remote_dir: exports_external2.string().describe("Destination directory inside the sandbox"),
+  exclude: exports_external2.array(exports_external2.string()).optional().describe("Patterns to exclude (defaults to node_modules, .git, dist, \u2026)")
+}, async (params) => {
+  try {
+    const sandbox = getSandbox(params.sandbox_id);
+    if (!sandbox.provider_sandbox_id)
+      throw new Error("Sandbox has no provider ID");
+    const provider = await getProvider(sandbox.provider);
+    const result = await provider.uploadDir(sandbox.provider_sandbox_id, params.local_dir, params.remote_dir, params.exclude ? { exclude: params.exclude } : undefined);
+    return ok({
+      local_dir: params.local_dir,
+      remote_dir: params.remote_dir,
+      bytes: result.bytes
+    });
+  } catch (e) {
+    return err(e);
+  }
+});
 server.tool("get_session", "Get session details and exit code (useful for polling background command results)", {
   session_id: exports_external2.string().describe("Session ID")
 }, async (params) => {
@@ -16408,21 +16606,28 @@ server.tool("search_tools", "Search tools by keyword", {
 });
 server.tool("run_agent", "Run an AI agent inside a sandbox", {
   sandbox_id: exports_external2.string().describe("Sandbox ID"),
-  agent_type: exports_external2.enum(["codex", "gemini", "opencode", "pi", "takumi", "custom"]).describe("Agent type"),
+  agent_type: exports_external2.enum(["claude", "codex", "gemini", "opencode", "pi", "takumi", "custom"]).describe("Agent type"),
   prompt: exports_external2.string().describe("Prompt for the agent"),
   agent_name: exports_external2.string().optional().describe("Agent name"),
   command: exports_external2.string().optional().describe("Custom command (for 'custom' type)"),
   env_vars: exports_external2.record(exports_external2.string()).optional().describe("Per-call environment variables (merged with sandbox env_vars, not persisted)"),
+  secrets: exports_external2.array(exports_external2.string()).optional().describe("Vault secrets to inject as env vars: array of 'ENV_NAME=vault/key' (resolved from @hasna/secrets at call time, never persisted)"),
   webhook_url: exports_external2.string().optional().describe("URL to POST result to when agent finishes"),
   webhook_events: exports_external2.array(exports_external2.enum(["start", "complete", "error"])).optional().describe("Which events to notify on (default: all)")
 }, async (params) => {
   try {
+    let callEnvVars = params.env_vars;
+    if (params.secrets && params.secrets.length > 0) {
+      const { resolveSecretSpecs: resolveSecretSpecs2 } = await Promise.resolve().then(() => exports_secrets);
+      const secretEnv = await resolveSecretSpecs2(params.secrets);
+      callEnvVars = { ...secretEnv, ...params.env_vars };
+    }
     const session = await runAgent(params.sandbox_id, {
       agentType: params.agent_type,
       prompt: params.prompt,
       agentName: params.agent_name,
       command: params.command,
-      callEnvVars: params.env_vars,
+      callEnvVars,
       webhookUrl: params.webhook_url,
       webhookEvents: params.webhook_events
     });

package/dist/providers/daytona.d.ts

@@ -1,4 +1,4 @@
-import type { ExecResult, ExecHandle, FileInfo } from "../types/index.js";
+import type { ExecResult, ExecHandle, FileInfo, UploadDirOptions, UploadDirResult } from "../types/index.js";
 import type { SandboxProvider, ProviderSandbox, CreateSandboxOpts, ExecOptions } from "./types.js";
 export declare class DaytonaProvider implements SandboxProvider {
     readonly name = "daytona";
@@ -10,6 +10,7 @@ export declare class DaytonaProvider implements SandboxProvider {
     readFile(sandboxId: string, path: string): Promise<string>;
     writeFile(sandboxId: string, path: string, content: string): Promise<void>;
     listFiles(sandboxId: string, path: string): Promise<FileInfo[]>;
+    uploadDir(sandboxId: string, localDir: string, remoteDir: string, opts?: UploadDirOptions): Promise<UploadDirResult>;
     stop(sandboxId: string): Promise<void>;
     delete(sandboxId: string): Promise<void>;
     getPublicUrl(_sandboxId: string, _port: number, _protocol?: string): Promise<string>;

package/dist/providers/e2b.d.ts

@@ -1,4 +1,4 @@
-import type { ExecResult, ExecHandle, FileInfo } from "../types/index.js";
+import type { ExecResult, ExecHandle, FileInfo, UploadDirOptions, UploadDirResult } from "../types/index.js";
 import type { SandboxProvider, ProviderSandbox, CreateSandboxOpts, ExecOptions } from "./types.js";
 export declare class E2BProvider implements SandboxProvider {
     readonly name = "e2b";
@@ -17,6 +17,7 @@ export declare class E2BProvider implements SandboxProvider {
         recursive?: boolean;
         glob?: string;
     }): Promise<FileInfo[]>;
+    uploadDir(sandboxId: string, localDir: string, remoteDir: string, opts?: UploadDirOptions): Promise<UploadDirResult>;
     stop(sandboxId: string): Promise<void>;
     delete(sandboxId: string): Promise<void>;
     pause(sandboxId: string): Promise<void>;

package/dist/providers/modal.d.ts

@@ -1,4 +1,4 @@
-import type { ExecResult, ExecHandle, FileInfo } from "../types/index.js";
+import type { ExecResult, ExecHandle, FileInfo, UploadDirOptions, UploadDirResult } from "../types/index.js";
 import type { SandboxProvider, ProviderSandbox, CreateSandboxOpts, ExecOptions } from "./types.js";
 export declare class ModalProvider implements SandboxProvider {
     readonly name = "modal";
@@ -13,6 +13,7 @@ export declare class ModalProvider implements SandboxProvider {
     readFile(sandboxId: string, path: string): Promise<string>;
     writeFile(sandboxId: string, path: string, content: string): Promise<void>;
     listFiles(sandboxId: string, path: string): Promise<FileInfo[]>;
+    uploadDir(sandboxId: string, localDir: string, remoteDir: string, opts?: UploadDirOptions): Promise<UploadDirResult>;
     stop(sandboxId: string): Promise<void>;
     delete(sandboxId: string): Promise<void>;
     getPublicUrl(_sandboxId: string, _port: number, _protocol?: string): Promise<string>;

package/dist/providers/types.d.ts

@@ -1,4 +1,4 @@
-import type { ExecResult, ExecHandle, FileInfo } from "../types/index.js";
+import type { ExecResult, ExecHandle, FileInfo, UploadDirOptions, UploadDirResult } from "../types/index.js";
 export interface CreateSandboxOpts {
     image?: string;
     timeout?: number;
@@ -34,6 +34,8 @@ export interface SandboxProvider {
         recursive?: boolean;
         glob?: string;
     }): Promise<FileInfo[]>;
+    /** Upload a local directory tree into the sandbox at `remoteDir`, fast (single archive), without a git clone. */
+    uploadDir(sandboxId: string, localDir: string, remoteDir: string, opts?: UploadDirOptions): Promise<UploadDirResult>;
     stop(sandboxId: string): Promise<void>;
     delete(sandboxId: string): Promise<void>;
     keepAlive(sandboxId: string, durationMs?: number): Promise<void>;

package/dist/sdk.d.ts

@@ -2,7 +2,8 @@ import { listSandboxes } from "./db/sandboxes.js";
 import { listEvents } from "./db/events.js";
 import type { SandboxProvider } from "./providers/types.js";
 import type { ExecOptions } from "./providers/types.js";
-import type { AgentType, CreateSandboxInput, ExecResult, FileInfo, Sandbox, SandboxEvent, SandboxProviderName, SandboxSession } from "./types/index.js";
+import type { SecretMapping, SecretResolver } from "./lib/secrets.js";
+import type { AgentType, CreateSandboxInput, ExecResult, FileInfo, Sandbox, SandboxEvent, SandboxProviderName, SandboxSession, UploadDirOptions, UploadDirResult } from "./types/index.js";
 import type { StreamListener } from "./lib/stream.js";
 export type ProviderFactory = (name: SandboxProviderName, apiKey?: string) => Promise<SandboxProvider>;
 export interface SandboxesSDKOptions {
@@ -20,6 +21,10 @@ export interface RunAgentOptions {
     agentName?: string;
     command?: string;
     callEnvVars?: Record<string, string>;
+    /** Secrets to resolve from the vault and inject as per-call env vars (never persisted). */
+    secrets?: SecretMapping[];
+    /** Override the secret resolver (defaults to the `secrets` CLI). Useful for tests. */
+    secretResolver?: SecretResolver;
     onStdout?: (data: string) => void;
     onStderr?: (data: string) => void;
 }
@@ -48,6 +53,7 @@ export declare class SandboxesSDK {
         recursive?: boolean;
         glob?: string;
     }): Promise<FileInfo[]>;
+    uploadDir(sandboxId: string, localDir: string, remoteDir: string, opts?: UploadDirOptions): Promise<UploadDirResult>;
     runAgent(sandboxId: string, opts: RunAgentOptions): Promise<SandboxSession>;
     getSession(sessionId: string): SandboxSession;
     waitForSession(sessionId: string, opts?: WaitForSessionOptions): Promise<SandboxSession>;

package/dist/server/index.js

@@ -60,6 +60,50 @@ var init_types2 = __esm(() => {
   };
 });
 
+// src/lib/archive.ts
+import { existsSync as existsSync7, statSync } from "fs";
+function shellQuote(value) {
+  return "'" + value.replace(/'/g, "'\\''") + "'";
+}
+async function tarDirectory(localDir, opts) {
+  if (!existsSync7(localDir) || !statSync(localDir).isDirectory()) {
+    throw new Error(`tarDirectory: not a directory: ${localDir}`);
+  }
+  const excludes = opts?.exclude ?? DEFAULT_UPLOAD_EXCLUDES;
+  const args = ["-czf", "-"];
+  for (const ex of excludes)
+    args.push(`--exclude=${ex}`);
+  args.push("-C", localDir, ".");
+  const proc = Bun.spawn(["tar", ...args], { stdout: "pipe", stderr: "pipe" });
+  const [buf, stderr, exitCode] = await Promise.all([
+    new Response(proc.stdout).arrayBuffer(),
+    new Response(proc.stderr).text(),
+    proc.exited
+  ]);
+  if (exitCode !== 0) {
+    throw new Error(`tarDirectory: tar exited ${exitCode}: ${stderr.trim()}`);
+  }
+  return Buffer.from(buf);
+}
+function buildUntarCommand(remoteTarPath, remoteDir) {
+  const tar = shellQuote(remoteTarPath);
+  const dir = shellQuote(remoteDir);
+  return `mkdir -p ${dir} && tar -xzf ${tar} -C ${dir} && rm -f ${tar}`;
+}
+var DEFAULT_UPLOAD_EXCLUDES;
+var init_archive = __esm(() => {
+  DEFAULT_UPLOAD_EXCLUDES = [
+    "node_modules",
+    ".git",
+    "dist",
+    ".next",
+    ".turbo",
+    ".cache",
+    ".venv",
+    "__pycache__"
+  ];
+});
+
 // src/providers/e2b.ts
 var exports_e2b = {};
 __export(exports_e2b, {
@@ -208,6 +252,22 @@ class E2BProvider {
       throw new ProviderError("e2b", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      const data = archive.buffer.slice(archive.byteOffset, archive.byteOffset + archive.byteLength);
+      await sandbox.files.write(remoteTar, data);
+      const result = await sandbox.commands.run(buildUntarCommand(remoteTar, remoteDir));
+      if ((result.exitCode ?? 0) !== 0) {
+        throw new Error(result.stderr || `untar exited with code ${result.exitCode}`);
+      }
+      return { bytes: archive.length };
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = await this.getInstance(sandboxId);
     try {
@@ -258,6 +318,7 @@ class E2BProvider {
 var instanceCache;
 var init_e2b = __esm(() => {
   init_types2();
+  init_archive();
   instanceCache = new Map;
 });
 
@@ -388,6 +449,21 @@ class DaytonaProvider {
       throw new ProviderError("daytona", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      await sandbox.fs.uploadFile(archive, remoteTar);
+      const result = await sandbox.process.executeCommand(buildUntarCommand(remoteTar, remoteDir));
+      if (result.exitCode !== 0) {
+        throw new Error(result.result || `untar exited with code ${result.exitCode}`);
+      }
+      return { bytes: archive.length };
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = await this.getInstance(sandboxId);
     try {
@@ -428,6 +504,7 @@ class DaytonaProvider {
 var instanceCache2;
 var init_daytona = __esm(() => {
   init_types2();
+  init_archive();
   instanceCache2 = new Map;
 });
 
@@ -625,6 +702,32 @@ class ModalProvider {
       throw new ProviderError("modal", `Failed to list files at ${path}: ${err.message}`);
     }
   }
+  async uploadDir(sandboxId, localDir, remoteDir, opts) {
+    try {
+      const archive = await tarDirectory(localDir, opts);
+      const b64 = archive.toString("base64");
+      const remoteTar = `/tmp/sandboxes-upload-${Date.now()}.tar.gz`;
+      const remoteB64 = `${remoteTar}.b64`;
+      const execChecked = async (cmd) => {
+        const result = await this.exec(sandboxId, `sh -c ${this.shellEscape(cmd)}`);
+        if (result.exit_code !== 0) {
+          throw new Error(result.stderr || `command exited with code ${result.exit_code}`);
+        }
+      };
+      await execChecked(`: > ${remoteB64}`);
+      const CHUNK = 60000;
+      for (let i = 0;i < b64.length; i += CHUNK) {
+        const chunk = b64.slice(i, i + CHUNK);
+        await execChecked(`printf '%s' ${this.shellEscape(chunk)} >> ${remoteB64}`);
+      }
+      await execChecked(`base64 -d ${remoteB64} > ${remoteTar} && ${buildUntarCommand(remoteTar, remoteDir)} && rm -f ${remoteB64}`);
+      return { bytes: archive.length };
+    } catch (err) {
+      if (err instanceof ProviderError)
+        throw err;
+      throw new ProviderError("modal", `Failed to upload directory to ${remoteDir}: ${err.message}`);
+    }
+  }
   async stop(sandboxId) {
     const sandbox = this.getSandbox(sandboxId);
     try {
@@ -691,6 +794,7 @@ class ModalProvider {
 var sandboxCache;
 var init_modal = __esm(() => {
   init_types2();
+  init_archive();
   sandboxCache = new Map;
 });
 

package/dist/types/index.d.ts

@@ -4,7 +4,7 @@ export declare const SANDBOX_STATUSES: readonly ["creating", "running", "paused"
 export type SandboxStatus = (typeof SANDBOX_STATUSES)[number];
 export declare const SESSION_STATUSES: readonly ["running", "completed", "failed", "killed"];
 export type SessionStatus = (typeof SESSION_STATUSES)[number];
-export declare const AGENT_TYPES: readonly ["codex", "gemini", "opencode", "pi", "takumi", "custom"];
+export declare const AGENT_TYPES: readonly ["claude", "codex", "gemini", "opencode", "pi", "takumi", "custom"];
 export type AgentType = (typeof AGENT_TYPES)[number];
 export declare const EVENT_TYPES: readonly ["stdout", "stderr", "lifecycle", "agent"];
 export type EventType = (typeof EVENT_TYPES)[number];
@@ -176,6 +176,14 @@ export interface FileInfo {
     is_dir: boolean;
     size: number;
 }
+export interface UploadDirOptions {
+    /** Patterns to exclude (passed to `tar --exclude`); defaults applied by the archiver. */
+    exclude?: string[];
+}
+export interface UploadDirResult {
+    /** Number of bytes uploaded (compressed archive size). */
+    bytes: number;
+}
 export interface SandboxesConfig {
     default_provider?: SandboxProviderName;
     default_image?: string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hasna/sandboxes",
-  "version": "0.1.22",
+  "version": "0.1.24",
   "author": "Andrei Hasna <andrei@hasna.com>",
   "repository": {
     "type": "git",