@kokorolx/ai-sandbox-wrapper 1.0.0

package/bin/ai-run

@@ -0,0 +1,631 @@
+#!/usr/bin/env bash
+set -e
+
+TOOL="$1"
+shift
+
+# Parse flags
+SHELL_MODE=false
+TOOL_ARGS=()
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --shell|-s)
+      SHELL_MODE=true
+      shift
+      ;;
+    *)
+      TOOL_ARGS+=("$1")
+      shift
+      ;;
+  esac
+done
+
+WORKSPACES_FILE="$HOME/.ai-workspaces"
+CURRENT_DIR="$(pwd)"
+ENV_FILE="$HOME/.ai-env"
+
+# Check if workspaces file exists
+if [[ ! -f "$WORKSPACES_FILE" ]]; then
+  echo "❌ Workspaces not configured. Run setup.sh first."
+  exit 1
+fi
+
+# Check if current directory is inside any whitelisted workspace
+ALLOWED=false
+while IFS= read -r ws; do
+  if [[ "$CURRENT_DIR" == "$ws"* ]]; then
+    ALLOWED=true
+    break
+  fi
+done < "$WORKSPACES_FILE"
+
+if [[ "$ALLOWED" != "true" ]]; then
+  echo "⚠️  SECURITY WARNING: You are running $TOOL outside a whitelisted workspace."
+  echo "   Current path: $CURRENT_DIR"
+  echo ""
+  echo "Allowing this path gives the AI container access to this folder."
+
+  # Only prompt if running interactively (TTY attached)
+  if [[ -t 0 ]]; then
+    read -p "Do you want to whitelist the current directory? [y/N]: " CONFIRM
+    if [[ "$CONFIRM" =~ ^[Yy]$ ]]; then
+      echo "$CURRENT_DIR" >> "$WORKSPACES_FILE"
+      echo "✅ Added $CURRENT_DIR to $WORKSPACES_FILE"
+    else
+      echo "❌ Operation cancelled. Access denied."
+      echo "📁 Allowed workspaces:"
+      cat "$WORKSPACES_FILE"
+      exit 1
+    fi
+  else
+    # Non-interactive: fail securely
+    echo "❌ Access denied (non-interactive mode). Please add this path manually:"
+    echo "   echo '$CURRENT_DIR' >> $WORKSPACES_FILE"
+    echo "📁 Allowed workspaces:"
+    cat "$WORKSPACES_FILE"
+    exit 1
+  fi
+fi
+
+# Image source selection: local or registry (GitLab)
+# Set AI_IMAGE_SOURCE=registry in ~/.ai-env to use pre-built images
+AI_IMAGE_SOURCE="${AI_IMAGE_SOURCE:-local}"
+
+if [[ "$AI_IMAGE_SOURCE" == "registry" ]]; then
+  IMAGE="registry.gitlab.com/kokorolee/ai-sandbox-wrapper/ai-${TOOL}:latest"
+else
+  IMAGE="ai-${TOOL}:latest"
+fi
+
+CACHE_DIR="$HOME/.ai-cache/$TOOL"
+HOME_DIR="$HOME/.ai-home/$TOOL"
+
+mkdir -p "$CACHE_DIR" "$HOME_DIR"
+
+# Build volume mounts for all whitelisted workspaces
+VOLUME_MOUNTS=""
+while IFS= read -r ws; do
+  VOLUME_MOUNTS="$VOLUME_MOUNTS -v $ws:$ws:delegated"
+done < "$WORKSPACES_FILE"
+
+# Tool-specific config mounts (project-level takes precedence over global)
+CONFIG_MOUNT=""
+PROJECT_CONFIG="$CURRENT_DIR/.$TOOL.json"
+
+if [[ -f "$PROJECT_CONFIG" ]]; then
+  # Use project-level config if it exists
+  CONFIG_MOUNT="-v $PROJECT_CONFIG:$CURRENT_DIR/.$TOOL.json:delegated"
+else
+  # Use global configs based on tool
+  case "$TOOL" in
+    amp)
+      CONFIG_DIR="$HOME/.config/amp"
+      DATA_DIR="$HOME/.local/share/amp"
+      mkdir -p "$CONFIG_DIR" "$DATA_DIR"
+      CONFIG_MOUNT="-v $CONFIG_DIR:/home/agent/.config/amp:delegated -v $DATA_DIR:/home/agent/.local/share/amp:delegated"
+      ;;
+    opencode)
+      CONFIG_DIR="$HOME/.config/opencode"
+      mkdir -p "$CONFIG_DIR"
+      CONFIG_MOUNT="-v $CONFIG_DIR:/home/agent/.config/opencode:delegated"
+      ;;
+    claude)
+      CONFIG_DIR="$HOME/.claude"
+      mkdir -p "$CONFIG_DIR"
+      CONFIG_MOUNT="-v $CONFIG_DIR:/home/agent/.claude:delegated"
+      ;;
+    droid)
+      CONFIG_DIR="$HOME/.config/droid"
+      mkdir -p "$CONFIG_DIR"
+      CONFIG_MOUNT="-v $CONFIG_DIR:/home/agent/.config/droid:delegated"
+      ;;
+    qoder)
+      CONFIG_DIR="$HOME/.config/qoder"
+      mkdir -p "$CONFIG_DIR"
+      CONFIG_MOUNT="-v $CONFIG_DIR:/home/agent/.config/qoder:delegated"
+      ;;
+    auggie)
+      CONFIG_DIR="$HOME/.config/auggie"
+      mkdir -p "$CONFIG_DIR"
+      CONFIG_MOUNT="-v $CONFIG_DIR:/home/agent/.config/auggie:delegated"
+      ;;
+    codebuddy)
+      CONFIG_DIR="$HOME/.config/codebuddy"
+      mkdir -p "$CONFIG_DIR"
+      CONFIG_MOUNT="-v $CONFIG_DIR:/home/agent/.config/codebuddy:delegated"
+      ;;
+    jules)
+      CONFIG_DIR="$HOME/.config/jules"
+      mkdir -p "$CONFIG_DIR"
+      CONFIG_MOUNT="-v $CONFIG_DIR:/home/agent/.config/jules:delegated"
+      ;;
+    shai)
+      CONFIG_DIR="$HOME/.config/shai"
+      mkdir -p "$CONFIG_DIR"
+      CONFIG_MOUNT="-v $CONFIG_DIR:/home/agent/.config/shai:delegated"
+      ;;
+  esac
+fi
+
+# Git access control (opt-in per workspace)
+GIT_MOUNTS=""
+GIT_ALLOWED_FILE="$HOME/.ai-git-allowed"
+GIT_CACHE_DIR="$HOME/.ai-cache/git"
+touch "$GIT_ALLOWED_FILE"
+
+# Network configuration for Docker network access
+NETWORK_FILE="$HOME/.ai-networks"
+NETWORK_MOUNTS=""
+NETWORK_OPTIONS=""
+HOST_ACCESS_ARGS=""
+METAMCP_JOINED=false
+
+# Read configured networks (with deduplication)
+if [[ -f "$NETWORK_FILE" ]]; then
+  while IFS= read -r network; do
+    [ -z "$network" ] && continue
+    
+    # Skip if already added to NETWORK_OPTIONS (deduplication)
+    if [[ "$NETWORK_OPTIONS" == *"--network $network"* ]]; then
+      continue
+    fi
+    
+    # Check if network exists
+    if docker network inspect "$network" >/dev/null 2>&1; then
+      NETWORK_OPTIONS="$NETWORK_OPTIONS --network $network"
+      
+      # Check if this network requires host access
+      if [[ "$network" == *"metamcp"* ]]; then
+        # Add host.docker.internal for host service access (Linux requires --add-host)
+        # Docker Desktop on Mac/Windows has this by default
+        HOST_ACCESS_ARGS="--add-host=host.docker.internal:host-gateway"
+        METAMCP_JOINED=true
+      fi
+    else
+      echo "⚠️  Network '$network' not found (may have been removed)"
+    fi
+  done < "$NETWORK_FILE"
+fi
+
+# Check if we should prompt about detected MetaMCP network
+# Only prompt if: network exists AND not already joined AND interactive mode
+if [[ "$METAMCP_JOINED" != "true" ]] && docker network inspect "metamcp_metamcp-network" >/dev/null 2>&1; then
+  if [[ -t 0 ]]; then
+    # Interactive arrow-key menu
+    cursor=0
+    options=("Join network (container-to-container)" "Use host.docker.internal (host access)")
+    
+    tput civis
+    trap 'tput cnorm; exit' INT TERM
+    
+    while true; do
+      clear
+      echo "🔗 MetaMCP Network Configuration"
+      echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+      echo "A Docker network 'metamcp_metamcp-network' was detected."
+      echo ""
+      echo "Choose how AI tools should access MetaMCP:"
+      echo ""
+      
+      for i in "${!options[@]}"; do
+        if [ "$i" -eq "$cursor" ]; then
+          prefix="➔ "
+          tput setaf 6
+        else
+          prefix="  "
+        fi
+        
+        printf "%s %s\n" "$prefix" "${options[$i]}"
+        tput sgr0
+      done
+      
+      echo ""
+      echo "Use ARROWS to move, ENTER to select"
+      
+      IFS= read -rsn1 key
+      if [[ "$key" == $'\x1b' ]]; then
+        read -rsn1 -t 1 next1
+        read -rsn1 -t 1 next2
+        case "$next1$next2" in
+          '[A') ((cursor--)) ;;
+          '[B') ((cursor++)) ;;
+        esac
+      else
+        case "$key" in
+          k) ((cursor--)) ;;
+          j) ((cursor++)) ;;
+          "") break ;;
+          $'\n'|$'\r') break ;;
+        esac
+      fi
+      
+      if [ "$cursor" -lt 0 ]; then cursor=$((${#options[@]} - 1)); fi
+      if [ "$cursor" -ge "${#options[@]}" ]; then cursor=0; fi
+    done
+    
+    tput cnorm
+    
+    if [ "$cursor" -eq 0 ]; then
+      # Join network - but only if not already in file
+      if ! grep -q "^metamcp_metamcp-network$" "$NETWORK_FILE" 2>/dev/null; then
+        echo "metamcp_metamcp-network" >> "$NETWORK_FILE"
+      fi
+      NETWORK_OPTIONS="$NETWORK_OPTIONS --network metamcp_metamcp-network"
+      HOST_ACCESS_ARGS="--add-host=host.docker.internal:host-gateway"
+      METAMCP_JOINED=true
+      echo ""
+      echo "✅ Network joined. Both host.docker.internal and MetaMCP network enabled."
+    else
+      # Use host.docker.internal
+      HOST_ACCESS_ARGS="--add-host=host.docker.internal:host-gateway"
+      echo ""
+      echo "ℹ️  Using host.docker.internal only. MetaMCP accessible at localhost:12008 on host."
+    fi
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo ""
+  else
+    # Non-interactive: just use host.docker.internal
+    HOST_ACCESS_ARGS="--add-host=host.docker.internal:host-gateway"
+  fi
+elif [[ "$METAMCP_JOINED" != "true" ]]; then
+  # No network, but ensure host.docker.internal is available
+  HOST_ACCESS_ARGS="--add-host=host.docker.internal:host-gateway"
+fi
+
+# Check if Git access is allowed for this workspace
+if grep -q "^$CURRENT_DIR$" "$GIT_ALLOWED_FILE" 2>/dev/null; then
+  # Previously allowed for this workspace
+  # Check if saved keys exist for this workspace
+  WORKSPACE_MD5=$(echo "$CURRENT_DIR" | md5sum | cut -c1-8)
+  SAVED_KEYS_FILE="$HOME/.ai-git-keys-$WORKSPACE_MD5"
+
+  if [ -f "$SAVED_KEYS_FILE" ]; then
+    # Use previously saved key selection
+    echo "📋 Syncing Git credentials..."
+    if [ -d "$GIT_CACHE_DIR/ssh" ]; then
+      chmod -R 700 "$GIT_CACHE_DIR/ssh" 2>/dev/null || true
+      rm -rf "$GIT_CACHE_DIR/ssh"
+    fi
+    mkdir -p "$GIT_CACHE_DIR/ssh"
+
+    # Read saved keys and copy them
+    SAVED_KEYS=()
+    while IFS= read -r key; do
+      [ -n "$key" ] && SAVED_KEYS+=("$key")
+    done < "$SAVED_KEYS_FILE"
+
+    for key in "${SAVED_KEYS[@]}"; do
+      [ -z "$key" ] && continue
+      src_file="$HOME/.ssh/$key"
+      dst_file="$GIT_CACHE_DIR/ssh/$key"
+
+      dst_dir=$(dirname "$dst_file")
+      mkdir -p "$dst_dir"
+      chmod 700 "$dst_dir"
+
+      if [ -f "$src_file" ]; then
+        cp "$src_file" "$dst_file"
+        chmod 600 "$dst_file"
+      fi
+    done
+
+    # Copy filtered SSH config (only hosts needed for this repo)
+    if [ -f "$HOME/.ssh/config" ]; then
+      SETUP_SSH="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/setup-ssh-config"
+      if [ -x "$SETUP_SSH" ]; then
+        # Join SAVED_KEYS into a comma-separated string for --keys
+        KEYS_ARG=$(IFS=,; echo "${SAVED_KEYS[*]}")
+        output=$("$SETUP_SSH" --keys "$KEYS_ARG" 2>&1)
+        TEMP_CONFIG=$(echo "$output" | grep "Config:" | tail -1 | awk '{print $NF}')
+        if [ -f "$TEMP_CONFIG" ]; then
+          cp "$TEMP_CONFIG" "$GIT_CACHE_DIR/ssh/config"
+          chmod 600 "$GIT_CACHE_DIR/ssh/config"
+        else
+          cp "$HOME/.ssh/config" "$GIT_CACHE_DIR/ssh/config"
+          chmod 600 "$GIT_CACHE_DIR/ssh/config"
+        fi
+      else
+        cp "$HOME/.ssh/config" "$GIT_CACHE_DIR/ssh/config"
+        chmod 600 "$GIT_CACHE_DIR/ssh/config"
+      fi
+    fi
+
+    if [ -f "$HOME/.ssh/known_hosts" ]; then
+      cp "$HOME/.ssh/known_hosts" "$GIT_CACHE_DIR/ssh/known_hosts"
+      chmod 600 "$GIT_CACHE_DIR/ssh/known_hosts"
+    fi
+
+    # Ensure all directories have correct permissions (recursive)
+    chmod 700 "$GIT_CACHE_DIR/ssh"
+    find "$GIT_CACHE_DIR/ssh" -type d -exec chmod 700 {} \;
+    find "$GIT_CACHE_DIR/ssh" -type f ! -name "config" ! -name "known_hosts" -exec chmod 600 {} \;
+
+    GIT_MOUNTS="$GIT_MOUNTS -v $GIT_CACHE_DIR/ssh:/home/agent/.ssh:ro"
+    echo "✅ Git credentials synced"
+  fi
+
+  if [ -f "$HOME/.gitconfig" ]; then
+    # Copy gitconfig to HOME_DIR (can't mount file inside mounted directory)
+    cp "$HOME/.gitconfig" "$HOME_DIR/.gitconfig" 2>/dev/null || true
+  fi
+else
+  # Ask user if they want Git access for this workspace (only in interactive mode)
+  if [[ -t 0 ]] && ([ -d "$HOME/.ssh" ] || [ -f "$HOME/.gitconfig" ]); then
+    echo ""
+    echo "🔐 Git Access Control"
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo "Allow AI tool to access Git credentials for this workspace?"
+    echo "Workspace: $CURRENT_DIR"
+    echo ""
+    echo "  1) Yes, allow once (this session only)"
+    echo "  2) Yes, always allow for this workspace"
+    echo "  3) No, keep Git disabled (secure default)"
+    echo ""
+    read -p "Choice [1-3]: " git_choice
+
+    case "$git_choice" in
+      1|2)
+        # Interactive SSH key selection
+        echo ""
+        echo "🔑 SSH Key Selection"
+        echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+
+        # Source the SSH key selector library
+        # Resolve symlink to get actual project directory
+        SCRIPT_PATH="${BASH_SOURCE[0]}"
+        while [ -L "$SCRIPT_PATH" ]; do
+          SCRIPT_DIR="$(cd "$(dirname "$SCRIPT_PATH")" && pwd)"
+          SCRIPT_PATH="$(readlink "$SCRIPT_PATH")"
+          [[ $SCRIPT_PATH != /* ]] && SCRIPT_PATH="$SCRIPT_DIR/$SCRIPT_PATH"
+        done
+        SCRIPT_DIR="$(cd "$(dirname "$SCRIPT_PATH")" && pwd)"
+        source "$SCRIPT_DIR/../lib/ssh-key-selector.sh"
+
+        # Let user select keys
+        if select_ssh_keys; then
+          if [ ${#SELECTED_SSH_KEYS[@]} -gt 0 ]; then
+            echo "📋 Copying selected credentials to cache..."
+            if [ -d "$GIT_CACHE_DIR/ssh" ]; then
+              chmod -R 700 "$GIT_CACHE_DIR/ssh" 2>/dev/null || true
+              rm -rf "$GIT_CACHE_DIR/ssh"
+            fi
+            mkdir -p "$GIT_CACHE_DIR/ssh"
+
+            # Copy selected SSH keys (preserve directory structure exactly)
+            for key in "${SELECTED_SSH_KEYS[@]}"; do
+              echo "  → Copying $key..."
+              src_file="$HOME/.ssh/$key"
+              dst_file="$GIT_CACHE_DIR/ssh/$key"
+
+              # Create parent directory with correct permissions
+              dst_dir=$(dirname "$dst_file")
+              mkdir -p "$dst_dir"
+              chmod 700 "$dst_dir"
+
+              # Copy the file and set permissions
+              if [ -f "$src_file" ]; then
+                cp "$src_file" "$dst_file"
+                chmod 600 "$dst_file"
+              else
+                echo "    ⚠️  Warning: $src_file not found, skipping"
+              fi
+            done
+
+            # Copy filtered SSH config (only hosts needed for this repo)
+            if [ -f "$HOME/.ssh/config" ]; then
+              echo "  → Generating filtered SSH config..."
+              # Run setup-ssh-config to get filtered config
+              SETUP_SSH="$SCRIPT_DIR/setup-ssh-config"
+              if [ -x "$SETUP_SSH" ]; then
+                # Join SELECTED_SSH_KEYS into a comma-separated string for --keys
+                KEYS_ARG=$(IFS=,; echo "${SELECTED_SSH_KEYS[*]}")
+                # Run it and capture the filtered config path
+                output=$("$SETUP_SSH" --keys "$KEYS_ARG" 2>&1)
+                TEMP_CONFIG=$(echo "$output" | grep "Config:" | tail -1 | awk '{print $NF}')
+                if [ -f "$TEMP_CONFIG" ]; then
+                  cp "$TEMP_CONFIG" "$GIT_CACHE_DIR/ssh/config"
+                  chmod 600 "$GIT_CACHE_DIR/ssh/config"
+                else
+                  # Fallback to copying full config if setup-ssh-config fails
+                  cp "$HOME/.ssh/config" "$GIT_CACHE_DIR/ssh/config"
+                  chmod 600 "$GIT_CACHE_DIR/ssh/config"
+                fi
+              else
+                # Fallback: copy full config
+                cp "$HOME/.ssh/config" "$GIT_CACHE_DIR/ssh/config"
+                chmod 600 "$GIT_CACHE_DIR/ssh/config"
+              fi
+            fi
+
+            if [ -f "$HOME/.ssh/known_hosts" ]; then
+              echo "  → Copying known_hosts..."
+              cp "$HOME/.ssh/known_hosts" "$GIT_CACHE_DIR/ssh/known_hosts"
+              chmod 600 "$GIT_CACHE_DIR/ssh/known_hosts"
+            fi
+
+            # Ensure all directories and files have correct permissions (recursive)
+            chmod 700 "$GIT_CACHE_DIR/ssh"
+            find "$GIT_CACHE_DIR/ssh" -type d -exec chmod 700 {} \;
+            find "$GIT_CACHE_DIR/ssh" -type f ! -name "config" ! -name "known_hosts" -exec chmod 600 {} \;
+
+            GIT_MOUNTS="$GIT_MOUNTS -v $GIT_CACHE_DIR/ssh:/home/agent/.ssh:ro"
+
+            # Copy gitconfig
+            if [ -f "$HOME/.gitconfig" ]; then
+              echo "  → Copying .gitconfig..."
+              cp "$HOME/.gitconfig" "$HOME_DIR/.gitconfig" 2>/dev/null || true
+            fi
+
+            if [ "$git_choice" = "2" ]; then
+              # Save workspace and selected keys for future sessions
+              echo "$CURRENT_DIR" >> "$GIT_ALLOWED_FILE"
+              # Save selected keys (one per line for easier parsing)
+              WORKSPACE_MD5=$(echo "$CURRENT_DIR" | md5sum | cut -c1-8)
+              printf "%s\n" "${SELECTED_SSH_KEYS[@]}" > "$HOME/.ai-git-keys-$WORKSPACE_MD5"
+              echo "✅ Git access enabled and saved for: $CURRENT_DIR"
+            else
+              echo "✅ Git access enabled for this session"
+            fi
+          else
+            echo "⚠️  No SSH keys selected. Git access disabled."
+          fi
+        else
+          echo "⚠️  SSH key selection cancelled. Git access disabled."
+        fi
+        ;;
+      *)
+        # Default: no Git access
+        echo "🔒 Git access disabled (secure mode)"
+        ;;
+    esac
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo ""
+  fi
+fi
+
+# Generate container name based on tool and folder
+# Format: {tool}-{sanitized_folder_name}-{random_suffix}
+generate_container_name() {
+  local folder_name=$(basename "$CURRENT_DIR")
+  
+  # Sanitize: keep only alphanumeric, hyphens, underscores
+  # Replace spaces with hyphens, remove special chars
+  folder_name=$(echo "$folder_name" | tr ' ' '-' | tr -cd '[:alnum:]_-' | tr '[:upper:]' '[:lower:]')
+  
+  # Limit length (max 50 chars for container name, leaving room for random suffix)
+  if [[ ${#folder_name} -gt 40 ]]; then
+    folder_name="${folder_name:0:40}"
+  fi
+  
+  # Remove trailing hyphens/underscores
+  folder_name=$(echo "$folder_name" | sed 's/[-_]*$//')
+  
+  # If empty after sanitization, use "workspace"
+  if [[ -z "$folder_name" ]]; then
+    folder_name="workspace"
+  fi
+  
+  # Generate random 6-character suffix (hex)
+  local random_suffix=$(openssl rand -hex 3)
+  
+  echo "${TOOL}-${folder_name}-${random_suffix}"
+}
+
+# Container name and TTY allocation
+CONTAINER_NAME=""
+TTY_FLAGS="-it"  # Default to interactive mode
+
+# Check if we have a proper TTY and are in interactive mode
+if [[ ! -t 0 ]] || [[ ! -t 1 ]]; then
+  # No TTY available or non-interactive mode
+  TTY_FLAGS=""
+  echo "⚠️  Non-interactive mode detected. Terminal interface may be limited."
+elif [[ -n "$CI" ]] || [[ -n "$GITHUB_ACTIONS" ]]; then
+  # CI environment - disable interactive features
+  TTY_FLAGS=""
+  echo "ℹ️  CI environment detected. Running in non-interactive mode."
+fi
+
+# Only set container name for interactive mode to avoid conflicts
+if [[ -n "$TTY_FLAGS" ]]; then
+  CONTAINER_NAME="--name $(generate_container_name)"
+fi
+
+# Port exposure configuration
+PORT_MAPPINGS=""
+if [[ -n "${PORT:-}" ]]; then
+  PORT_BIND="${PORT_BIND:-localhost}"
+  BIND_ADDR="127.0.0.1"
+  
+  if [[ "$PORT_BIND" == "all" ]]; then
+    BIND_ADDR="0.0.0.0"
+    echo "⚠️  WARNING: Ports will be accessible from network (PORT_BIND=all)"
+  fi
+  
+  IFS=',' read -ra PORTS <<< "$PORT"
+  for port in "${PORTS[@]}"; do
+    # Trim whitespace
+    port=$(echo "$port" | tr -d ' ')
+    # Validate port number (1-65535)
+    if [[ "$port" =~ ^[0-9]+$ ]] && [ "$port" -ge 1 ] && [ "$port" -le 65535 ]; then
+      PORT_MAPPINGS="$PORT_MAPPINGS -p $BIND_ADDR:$port:$port"
+    else
+      echo "⚠️  WARNING: Invalid port number: $port (skipped)"
+    fi
+  done
+  
+  if [[ -n "$PORT_MAPPINGS" ]]; then
+    echo "🔌 Port mappings: ${PORT//,/ }"
+  fi
+fi
+
+# Debug output (only in verbose mode)
+if [[ "${AI_RUN_DEBUG:-}" == "1" ]]; then
+  echo "🔧 Debug: TTY_FLAGS='$TTY_FLAGS'"
+  echo "🔧 Debug: CONTAINER_NAME='$CONTAINER_NAME'"
+  echo "🔧 Debug: IMAGE='$IMAGE'"
+  echo "🔧 Debug: SHELL_MODE='$SHELL_MODE'"
+  echo "🔧 Debug: TOOL_ARGS='${TOOL_ARGS[@]}'"
+  echo "🔧 Debug: PORT='${PORT:-}'"
+  echo "🔧 Debug: PORT_BIND='${PORT_BIND:-localhost}'"
+  echo "🔧 Debug: PORT_MAPPINGS='$PORT_MAPPINGS'"
+fi
+
+# Prepare command based on mode
+ENTRYPOINT_OVERRIDE=""
+if [[ "$SHELL_MODE" == "true" ]]; then
+  # Shell mode: override entrypoint to bash and show welcome message
+  ENTRYPOINT_OVERRIDE="--entrypoint bash"
+  DOCKER_COMMAND=(
+    "-c"
+    "echo ''; echo '🚀 AI Tool Container - Interactive Shell'; echo '━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━'; echo ''; echo \"Tool available: ${TOOL}\"; echo 'Run the tool: ${TOOL}'; echo 'Exit container: exit or Ctrl+D'; echo ''; echo \"Additional tools:\"; echo '  - specify (spec-kit): Spec-driven development'; echo '  - uipro (ux-ui-promax): UI/UX design intelligence'; echo '  - openspec: OpenSpec workflow'; echo ''; echo '━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━'; echo ''; exec bash"
+  )
+else
+  # Direct mode: use image's default entrypoint with arguments
+  DOCKER_COMMAND=("${TOOL_ARGS[@]}")
+fi
+
+# Detect platform architecture (avoid slow emulation)
+PLATFORM="${AI_RUN_PLATFORM:-}"
+if [[ -z "$PLATFORM" ]]; then
+  case "$(uname -m)" in
+    x86_64)
+      PLATFORM="linux/amd64"
+      ;;
+    aarch64|arm64)
+      PLATFORM="linux/arm64"
+      ;;
+    *)
+      PLATFORM="linux/$(uname -m)"
+      ;;
+  esac
+fi
+
+# Terminal size for TUI apps (important for opencode, aider, etc.)
+TERMINAL_SIZE=""
+if [[ -n "$TTY_FLAGS" ]]; then
+  # Get current terminal size
+  TERM_COLS=$(tput cols 2>/dev/null || echo "120")
+  TERM_LINES=$(tput lines 2>/dev/null || echo "40")
+  TERMINAL_SIZE="-e COLUMNS=$TERM_COLS -e LINES=$TERM_LINES"
+fi
+
+docker run $CONTAINER_NAME --rm $TTY_FLAGS \
+  --init \
+  --platform "$PLATFORM" \
+  $ENTRYPOINT_OVERRIDE \
+  $VOLUME_MOUNTS \
+  $CONFIG_MOUNT \
+  $GIT_MOUNTS \
+  $NETWORK_OPTIONS \
+  $HOST_ACCESS_ARGS \
+  $PORT_MAPPINGS \
+  -v "$CACHE_DIR":/home/agent/.cache \
+  -v "$HOME_DIR":/home/agent \
+  -w "$CURRENT_DIR" \
+  --env-file "$ENV_FILE" \
+  -e TERM="$TERM" \
+  -e COLORTERM="$COLORTERM" \
+  $TERMINAL_SIZE \
+  "$IMAGE" "${DOCKER_COMMAND[@]}"