@kokorolx/ai-sandbox-wrapper 3.4.1 → 3.4.3-beta.2

package/bin/ai-run

@@ -141,6 +141,293 @@ else
   TOOL=""
 fi
 
+# ────────────────────────────────────────────────────────────────
+# OPEN-DESIGN SERVICE-TYPE TOOL DISPATCHER
+# Unlike ephemeral CLI tools, open-design is a long-running daemon.
+# Routes init/start/stop/restart/status/logs subcommands and exits.
+# ────────────────────────────────────────────────────────────────
+if [[ "$TOOL" == "open-design" ]]; then
+  OD_CONTAINER_NAME="ai-open-design"
+  OD_IMAGE="ai-open-design:latest"
+  OD_NETWORK="ai-sandbox"
+  OD_VOLUME="ai-open-design-data"
+  OD_ENV_FILE="$HOME/.ai-sandbox/env"
+  OD_DEFAULT_URL="http://ai-open-design:7456"
+
+  od_print_help() {
+    cat <<HLP
+Usage: ai-run open-design <subcommand> [options]
+
+Subcommands:
+  init [--force]              One-time setup: generate API token, create network/volume
+  start [--expose] [--port N] Boot daemon (detached). --expose publishes port to host
+  stop                        Stop daemon (preserves container for restart)
+  restart [start-flags...]    Stop then start
+  status                      Show daemon state, network, port, token, health
+  logs [-f|--follow]          Show daemon logs (-f to follow)
+  --help, -h                  Show this help
+
+Examples:
+  ai-run open-design init
+  ai-run open-design start
+  ai-run open-design start --expose            # publishes 7456 to host
+  ai-run open-design start --expose --port 17456
+  ai-run open-design status
+HLP
+  }
+
+  od_env_has_token() {
+    [[ -f "$OD_ENV_FILE" ]] && grep -q "^OD_API_TOKEN=" "$OD_ENV_FILE"
+  }
+
+  od_read_token() {
+    [[ -f "$OD_ENV_FILE" ]] && grep "^OD_API_TOKEN=" "$OD_ENV_FILE" | head -1 | cut -d= -f2-
+  }
+
+  od_init() {
+    local force=false
+    if [[ "${1:-}" == "--force" ]]; then
+      force=true
+    fi
+
+    mkdir -p "$(dirname "$OD_ENV_FILE")"
+    touch "$OD_ENV_FILE"
+    chmod 600 "$OD_ENV_FILE"
+
+    if od_env_has_token && [[ "$force" != "true" ]]; then
+      echo "ℹ️  OD_API_TOKEN already set in $OD_ENV_FILE — nothing to do"
+      echo "    Use 'ai-run open-design init --force' to regenerate (will invalidate running sessions)"
+    else
+      if [[ "$force" == "true" ]] && od_env_has_token; then
+        printf "⚠️  This will replace the existing OD_API_TOKEN. Continue? [y/N] "
+        read -r confirm
+        if [[ "$confirm" != "y" && "$confirm" != "Y" ]]; then
+          echo "Aborted."
+          exit 0
+        fi
+        # Strip existing OD_API_TOKEN line
+        if [[ "$(uname)" == "Darwin" ]]; then
+          sed -i '' '/^OD_API_TOKEN=/d' "$OD_ENV_FILE"
+        else
+          sed -i '/^OD_API_TOKEN=/d' "$OD_ENV_FILE"
+        fi
+      fi
+      if ! command -v openssl >/dev/null 2>&1; then
+        echo "❌ ERROR: 'openssl' is required to generate a token" >&2
+        exit 1
+      fi
+      local token
+      token="$(openssl rand -hex 32)"
+      # Ensure trailing newline before append to avoid joining with previous line
+      if [[ -s "$OD_ENV_FILE" && -n "$(tail -c 1 "$OD_ENV_FILE" 2>/dev/null)" ]]; then
+        echo "" >> "$OD_ENV_FILE"
+      fi
+      echo "OD_API_TOKEN=$token" >> "$OD_ENV_FILE"
+      echo "✅ Generated OD_API_TOKEN (256-bit, written to $OD_ENV_FILE)"
+    fi
+
+    # Ensure OD_DAEMON_URL line
+    if ! grep -q "^OD_DAEMON_URL=" "$OD_ENV_FILE"; then
+      if [[ -s "$OD_ENV_FILE" && -n "$(tail -c 1 "$OD_ENV_FILE" 2>/dev/null)" ]]; then
+        echo "" >> "$OD_ENV_FILE"
+      fi
+      echo "OD_DAEMON_URL=$OD_DEFAULT_URL" >> "$OD_ENV_FILE"
+      echo "✅ Set OD_DAEMON_URL=$OD_DEFAULT_URL in $OD_ENV_FILE"
+    fi
+
+    chmod 600 "$OD_ENV_FILE"
+
+    # Ensure network
+    if ensure_network "$OD_NETWORK"; then
+      echo "✅ Docker network '$OD_NETWORK' ready"
+    fi
+
+    # Ensure volume
+    if ! docker volume inspect "$OD_VOLUME" >/dev/null 2>&1; then
+      docker volume create "$OD_VOLUME" >/dev/null
+      echo "✅ Docker volume '$OD_VOLUME' created"
+    else
+      echo "ℹ️  Docker volume '$OD_VOLUME' already exists"
+    fi
+
+    echo ""
+    echo "Next: ai-run open-design start"
+  }
+
+  od_start() {
+    local expose=false
+    local host_port=7456
+
+    while [[ $# -gt 0 ]]; do
+      case "$1" in
+        --expose) expose=true; shift ;;
+        --port)
+          shift
+          if [[ $# -gt 0 && "$1" =~ ^[0-9]+$ ]]; then
+            if (( $1 < 1 || $1 > 65535 )); then
+              echo "❌ ERROR: --port value '$1' out of range (1-65535)" >&2; exit 1
+            fi
+            host_port="$1"
+            shift
+          else
+            echo "❌ ERROR: --port requires a numeric value (e.g. 7456)" >&2; exit 1
+          fi
+          ;;
+        *) echo "❌ ERROR: unknown start flag: $1" >&2; exit 1 ;;
+      esac
+    done
+
+    if ! od_env_has_token; then
+      echo "❌ ERROR: OD_API_TOKEN not found in $OD_ENV_FILE"
+      echo "    Run: ai-run open-design init"
+      exit 1
+    fi
+
+    if ! docker image inspect "$OD_IMAGE" >/dev/null 2>&1; then
+      echo "❌ ERROR: image '$OD_IMAGE' not built"
+      echo "    Run: bash lib/install-open-design.sh"
+      exit 1
+    fi
+
+    ensure_network "$OD_NETWORK" || exit 1
+    docker volume inspect "$OD_VOLUME" >/dev/null 2>&1 || docker volume create "$OD_VOLUME" >/dev/null
+
+    # If a container with this name exists, handle it gracefully
+    if docker ps -a --format '{{.Names}}' | grep -q "^${OD_CONTAINER_NAME}$"; then
+      if docker ps --format '{{.Names}}' | grep -q "^${OD_CONTAINER_NAME}$"; then
+        echo "ℹ️  '$OD_CONTAINER_NAME' is already running"
+        echo "    Use 'ai-run open-design restart' to apply new flags"
+        return 0
+      else
+        echo "🔄 Removing stopped container '$OD_CONTAINER_NAME' to recreate with current flags..."
+        docker rm "$OD_CONTAINER_NAME" >/dev/null
+      fi
+    fi
+
+    local run_args=(
+      run -d
+      --name "$OD_CONTAINER_NAME"
+      --network "$OD_NETWORK"
+      --restart unless-stopped
+      -v "$OD_VOLUME:/app/.od"
+      --env-file "$OD_ENV_FILE"
+    )
+
+    if [[ "$expose" == "true" ]]; then
+      run_args+=(-p "${host_port}:7456")
+    fi
+
+    run_args+=("$OD_IMAGE")
+
+    echo "🔄 Starting $OD_CONTAINER_NAME..."
+    docker "${run_args[@]}" >/dev/null
+    echo "✅ $OD_CONTAINER_NAME running on network '$OD_NETWORK'"
+    if [[ "$expose" == "true" ]]; then
+      echo "   Published to host: http://localhost:${host_port}"
+    else
+      echo "   Internal-only: reachable from sandbox containers as http://ai-open-design:7456"
+    fi
+  }
+
+  od_stop() {
+    if docker ps --format '{{.Names}}' | grep -q "^${OD_CONTAINER_NAME}$"; then
+      echo "🔄 Stopping $OD_CONTAINER_NAME..."
+      docker stop "$OD_CONTAINER_NAME" >/dev/null
+      echo "✅ $OD_CONTAINER_NAME stopped (data preserved in volume '$OD_VOLUME')"
+    else
+      echo "ℹ️  $OD_CONTAINER_NAME is not running"
+    fi
+  }
+
+  od_restart() {
+    od_stop
+    od_start "$@"
+  }
+
+  od_status() {
+    echo "Container : $OD_CONTAINER_NAME"
+    if docker ps --format '{{.Names}}' | grep -q "^${OD_CONTAINER_NAME}$"; then
+      echo "State     : running"
+      local uptime
+      uptime="$(docker inspect -f '{{.State.StartedAt}}' "$OD_CONTAINER_NAME" 2>/dev/null || echo unknown)"
+      echo "Started   : $uptime"
+      local ports
+      ports="$(docker inspect -f '{{json .NetworkSettings.Ports}}' "$OD_CONTAINER_NAME" 2>/dev/null || echo '{}')"
+      echo "Ports     : $ports"
+    elif docker ps -a --format '{{.Names}}' | grep -q "^${OD_CONTAINER_NAME}$"; then
+      echo "State     : stopped"
+      echo "   Hint   : ai-run open-design start"
+    else
+      echo "State     : not installed"
+      echo "   Hint   : ai-run open-design init && ai-run open-design start"
+    fi
+
+    echo "Network   : $OD_NETWORK"
+    echo "Volume    : $OD_VOLUME"
+    if od_env_has_token; then
+      local tok
+      tok="$(od_read_token)"
+      echo "API token : set (***${tok: -4})"
+    else
+      echo "API token : (unset — run 'ai-run open-design init')"
+    fi
+
+    # Try health check (only meaningful if container is running)
+    if docker ps --format '{{.Names}}' | grep -q "^${OD_CONTAINER_NAME}$"; then
+      # Try in-container curl first (fast path); fall back to one-off container on same network
+      # because upstream daemon image may not bundle curl
+      local health_ok=false
+      if docker exec "$OD_CONTAINER_NAME" sh -c 'command -v curl' >/dev/null 2>&1; then
+        if docker exec "$OD_CONTAINER_NAME" curl -sf --max-time 3 http://127.0.0.1:7456/api/health >/dev/null 2>&1; then
+          health_ok=true
+        fi
+      else
+        # Fallback: probe via a tiny one-off container in the same network
+        if docker run --rm --network "$OD_NETWORK" curlimages/curl:latest \
+            -sf --max-time 3 "http://${OD_CONTAINER_NAME}:7456/api/health" >/dev/null 2>&1; then
+          health_ok=true
+        fi
+      fi
+      if [[ "$health_ok" == "true" ]]; then
+        echo "Health    : OK"
+      else
+        echo "Health    : FAIL (daemon not responding on /api/health)"
+      fi
+    fi
+  }
+
+  od_logs() {
+    if ! docker ps -a --format '{{.Names}}' | grep -q "^${OD_CONTAINER_NAME}$"; then
+      echo "❌ ERROR: container '$OD_CONTAINER_NAME' does not exist" >&2
+      exit 1
+    fi
+    docker logs "$@" "$OD_CONTAINER_NAME"
+  }
+
+  # Dispatch subcommand
+  SUBCMD="${1:-}"
+  if [[ -n "$SUBCMD" ]]; then shift; fi
+  case "$SUBCMD" in
+    init)    od_init "$@" ;;
+    start)   od_start "$@" ;;
+    stop)    od_stop ;;
+    restart) od_restart "$@" ;;
+    status)  od_status ;;
+    logs)    od_logs "$@" ;;
+    --help|-h|"") od_print_help ;;
+    *)
+      echo "❌ ERROR: unknown subcommand '$SUBCMD'" >&2
+      echo ""
+      od_print_help
+      exit 1
+      ;;
+  esac
+  exit 0
+fi
+# ────────────────────────────────────────────────────────────────
+# END OPEN-DESIGN DISPATCHER
+# ────────────────────────────────────────────────────────────────
+
 # Handle no tool specified
 if [[ -z "$TOOL" ]]; then
   if [[ ! -t 0 ]] || [[ ! -t 1 ]]; then
@@ -810,6 +1097,20 @@ unset -f _pmcp_resolve_script_dir
 
 if [[ "$TOOL" == "opencode" ]] && command -v jq &>/dev/null && [[ -f "$AI_SANDBOX_CONFIG" ]] && declare -f pmcp::sanitize_name >/dev/null; then
   PLAYWRIGHT_HOST_CHROME=$(jq -r '.mcp.chromePath // empty' "$AI_SANDBOX_CONFIG" 2>/dev/null)
+  if [[ -n "$PLAYWRIGHT_HOST_CHROME" ]] && [[ -f "$PLAYWRIGHT_HOST_CHROME" ]]; then
+    # Ask user whether to open host Chrome browser
+    if [[ -t 0 ]]; then
+      echo ""
+      echo "🌐 Host Chrome browser is configured: $PLAYWRIGHT_HOST_CHROME"
+      printf "   Open browser for AI agent? [y/N] "
+      read -r -t 10 OPEN_CHROME_ANSWER || OPEN_CHROME_ANSWER=""
+      echo ""
+      if [[ ! "$OPEN_CHROME_ANSWER" =~ ^[Yy]$ ]]; then
+        echo "   ⏭️  Skipping host Chrome (using container Chromium if available)"
+        PLAYWRIGHT_HOST_CHROME=""
+      fi
+    fi
+  fi
   if [[ -n "$PLAYWRIGHT_HOST_CHROME" ]] && [[ -f "$PLAYWRIGHT_HOST_CHROME" ]]; then
     HOST_CHROME_CDP=true
     echo "🌐 Host Chrome CDP mode: $PLAYWRIGHT_HOST_CHROME"
@@ -1000,6 +1301,19 @@ get_network_containers() {
   docker network inspect "$network" --format '{{range .Containers}}{{.Name}} {{end}}' 2>/dev/null | xargs | tr ' ' ', '
 }
 
+# Ensure shared Docker network exists for cross-container service discovery
+# (e.g., agent containers reaching the open-design daemon by name)
+ensure_network() {
+  local net="${1:-ai-sandbox}"
+  if ! docker network inspect "$net" >/dev/null 2>&1; then
+    docker network create "$net" >/dev/null 2>&1 || {
+      echo "⚠️  WARNING: failed to create Docker network '$net'" >&2
+      return 1
+    }
+  fi
+  return 0
+}
+
 # Interactive network selection menu (multi-select)
 show_network_menu() {
   local compose_nets=()
@@ -2597,7 +2911,15 @@ fi
 
 # Nano-brain targeted preflight + auto-repair wrapper
 if [[ "$SHELL_MODE" == "true" ]] && [[ "$NANO_BRAIN_AUTO_REPAIR" == "true" ]] && [[ "${DOCKER_COMMAND[0]:-}" == "-c" ]]; then
-  DOCKER_COMMAND[1]="$NANO_BRAIN_SHELL_HOOK ${DOCKER_COMMAND[1]}"
+  # Separate hook from following command with newline so bash parses them
+  # as distinct statements. Without this, the hook's trailing `export -f`
+  # line gets joined with the next `echo` call, producing:
+  #   export -f nano_brain_shell_wrapper npx echo ''; echo '...'
+  # which makes bash try to `export -f echo` (a builtin, not a function)
+  # and `export -f ''` (empty name), emitting two harmless but ugly errors:
+  #   bash: line 68: export: echo: not a function
+  #   bash: line 68: export: : not a function
+  DOCKER_COMMAND[1]="$NANO_BRAIN_SHELL_HOOK"$'\n'"${DOCKER_COMMAND[1]}"
 fi
 
 if [[ "$SHELL_MODE" != "true" ]] && is_nano_brain_command; then
@@ -2739,12 +3061,23 @@ DOCKER_ARGS+=($TOOL_CONFIG_MOUNTS)
 DOCKER_ARGS+=($RG_COMPAT_MOUNT)
 DOCKER_ARGS+=($GIT_MOUNTS)
 DOCKER_ARGS+=($SSH_AGENT_ENV)
+# Default to ai-sandbox network for service discovery if user didn't specify.
+# Only add --network if creation succeeded; otherwise Docker uses its default bridge.
+if [[ -z "$NETWORK_OPTIONS" ]]; then
+  if ensure_network "ai-sandbox" >/dev/null 2>&1; then
+    DOCKER_ARGS+=(--network ai-sandbox)
+  fi
+fi
 DOCKER_ARGS+=($NETWORK_OPTIONS)
 DOCKER_ARGS+=($DISPLAY_FLAGS)
 DOCKER_ARGS+=($HOST_ACCESS_ARGS)
 DOCKER_ARGS+=($PORT_MAPPINGS)
 DOCKER_ARGS+=($OPENCODE_PASSWORD_ENV)
 DOCKER_ARGS+=(-v "$HOME_DIR":/home/agent)
+# Auto-mount open-design data volume read-only so agents can read generated artifacts
+if docker volume inspect ai-open-design-data >/dev/null 2>&1; then
+  DOCKER_ARGS+=(-v "ai-open-design-data:/workspace/.od:ro")
+fi
 DOCKER_ARGS+=($SHARED_CACHE_MOUNTS)
 DOCKER_ARGS+=($NANO_BRAIN_MOUNT)
 DOCKER_ARGS+=(-w "$CURRENT_DIR")
@@ -2763,5 +3096,41 @@ DOCKER_ARGS+=($TERMINAL_SIZE)
 DOCKER_ARGS+=("$IMAGE")
 DOCKER_ARGS+=("${DOCKER_COMMAND[@]}")
 
+# Auto-start open-design daemon if image exists but container not running
+if docker image inspect ai-open-design:latest >/dev/null 2>&1; then
+  if ! docker ps --format '{{.Names}}' | grep -q "^ai-open-design$"; then
+    if [[ -t 0 && -t 1 ]]; then
+      printf "🎨 Open Design daemon is not running. Start it? [Y/n] "
+      read -r OD_ANSWER
+      if [[ ! "$OD_ANSWER" =~ ^[Nn]$ ]]; then
+        OD_ENV_FILE="$HOME/.ai-sandbox/env"
+        OD_NETWORK="ai-sandbox"
+        OD_VOLUME="ai-open-design-data"
+        # Auto-init if token missing
+        if ! grep -q "^OD_API_TOKEN=" "$OD_ENV_FILE" 2>/dev/null; then
+          mkdir -p "$(dirname "$OD_ENV_FILE")"
+          touch "$OD_ENV_FILE"
+          chmod 600 "$OD_ENV_FILE"
+          OD_TOKEN="$(openssl rand -hex 32)"
+          echo "OD_API_TOKEN=$OD_TOKEN" >> "$OD_ENV_FILE"
+          echo "OD_DAEMON_URL=http://ai-open-design:7456" >> "$OD_ENV_FILE"
+          echo "✅ Generated OD_API_TOKEN"
+        fi
+        # Ensure network and volume
+        docker network inspect "$OD_NETWORK" >/dev/null 2>&1 || docker network create "$OD_NETWORK" >/dev/null
+        docker volume inspect "$OD_VOLUME" >/dev/null 2>&1 || docker volume create "$OD_VOLUME" >/dev/null
+        # Remove stopped container if exists
+        if docker ps -a --format '{{.Names}}' | grep -q "^ai-open-design$"; then
+          docker rm ai-open-design >/dev/null 2>&1 || true
+        fi
+        docker run -d --name ai-open-design --network "$OD_NETWORK" \
+          --restart unless-stopped -v "$OD_VOLUME:/app/.od" \
+          --env-file "$OD_ENV_FILE" ai-open-design:latest >/dev/null
+        echo "✅ Open Design daemon started (http://ai-open-design:7456)"
+      fi
+    fi
+  fi
+fi
+
 # Execute docker run with proper argument handling
 docker run "${DOCKER_ARGS[@]}"

package/bin/cli.js

@@ -8,7 +8,7 @@ const readline = require('readline');
 
 const args = process.argv.slice(2);
 const packageRoot = path.resolve(__dirname, '..');
-const flags = { noCache: args.includes('--no-cache') };
+const flags = { noCache: args.includes('--no-cache') || args.includes('--fresh') };
 const positionalArgs = args.filter(arg => !arg.startsWith('--'));
 const command = positionalArgs[0];
 
@@ -21,6 +21,7 @@ Usage:
 
 Commands:
   setup                 Run interactive setup (configure workspaces, select tools)
+  rebuild [--fresh]     Rebuild Docker image using existing config (no menu required)
   update                Interactive menu to manage config (workspaces, git, networks)
   clean                 Interactive cleanup for caches/configs
   clean cache [type]    Clear shared package caches (npm, bun, pip, playwright-browsers)
@@ -44,13 +45,16 @@ Commands:
   help                  Show this help message
 
 Options:
-  --no-cache    Build Docker images without using cache (fresh build)
+  --fresh       Build Docker image without using layer cache (full rebuild)
+  --no-cache    Alias for --fresh (note: use --fresh when running via npx)
   --json        Output in JSON format (for config show)
   --global      Apply to global scope (for network commands)
   --workspace   Apply to specific workspace (for network commands)
 
 Examples:
   npx @kokorolx/ai-sandbox-wrapper setup
+  npx @kokorolx/ai-sandbox-wrapper rebuild
+  npx @kokorolx/ai-sandbox-wrapper rebuild --fresh
   npx @kokorolx/ai-sandbox-wrapper update
   npx @kokorolx/ai-sandbox-wrapper config show --json
   npx @kokorolx/ai-sandbox-wrapper config tool claude
@@ -108,6 +112,71 @@ function runSetup() {
   });
 }
 
+function runRebuild() {
+  const buildScript = path.join(packageRoot, 'lib', 'build-sandbox.sh');
+
+  if (!fs.existsSync(buildScript)) {
+    console.error('❌ Error: lib/build-sandbox.sh not found at', buildScript);
+    process.exit(1);
+  }
+
+  const config = readConfig();
+  const toolsInstalled = (config.tools && config.tools.installed) || [];
+  const mcpInstalled = (config.mcp && config.mcp.installed) || [];
+
+  if (toolsInstalled.length === 0) {
+    console.error('❌ No tools found in ~/.ai-sandbox/config.json');
+    console.error('   Run `npx @kokorolx/ai-sandbox-wrapper setup` first.');
+    process.exit(1);
+  }
+
+  const hasMcp = (name) => mcpInstalled.includes(name);
+  const useHostChrome = !!(config.mcp && config.mcp.chromePath);
+
+  const buildEnv = {
+    ...process.env,
+    TOOLS: toolsInstalled.join(','),
+    INSTALL_PLAYWRIGHT_MCP: hasMcp('playwright') ? '1' : '0',
+    INSTALL_CHROME_DEVTOOLS_MCP: hasMcp('chrome-devtools') ? '1' : '0',
+    INSTALL_PLAYWRIGHT_HOST: useHostChrome ? '1' : '0',
+    INSTALL_RTK: '0',
+    INSTALL_PUP: '0',
+    INSTALL_OD_HELPERS: '1',
+    INSTALL_SPEC_KIT: '0',
+    INSTALL_UX_UI_PROMAX: '0',
+    INSTALL_OPENSPEC: '0',
+    INSTALL_PLAYWRIGHT: '0',
+    INSTALL_RUBY: '0'
+  };
+  if (flags.noCache) {
+    buildEnv.DOCKER_NO_CACHE = '1';
+  }
+
+  console.log('🔨 Rebuilding Docker image with current config...');
+  console.log(`   Tools: ${toolsInstalled.join(', ')}`);
+  if (mcpInstalled.length > 0) {
+    console.log(`   MCP: ${mcpInstalled.join(', ')}`);
+  }
+  if (flags.noCache) {
+    console.log('   --no-cache: skipping Docker layer cache');
+  }
+
+  const child = spawn('bash', [buildScript], {
+    cwd: packageRoot,
+    stdio: 'inherit',
+    env: buildEnv
+  });
+
+  child.on('error', (err) => {
+    console.error('❌ Error running rebuild:', err.message);
+    process.exit(1);
+  });
+
+  child.on('close', (code) => {
+    process.exit(code || 0);
+  });
+}
+
 function expandHome(inputPath) {
   if (!inputPath) {
     return inputPath;
@@ -1313,6 +1382,9 @@ switch (command) {
   case undefined:
     runSetup();
     break;
+  case 'rebuild':
+    runRebuild();
+    break;
   case 'help':
   case '--help':
   case '-h':

package/lib/build-sandbox.sh

@@ -18,6 +18,8 @@ echo "🔄 Generating unified sandbox Dockerfile..."
 echo "   Tools: $TOOLS"
 
 GENERATE_ONLY=1 INSTALL_RTK="${INSTALL_RTK:-0}" \
+  INSTALL_PUP="${INSTALL_PUP:-0}" \
+  INSTALL_OD_HELPERS="${INSTALL_OD_HELPERS:-1}" \
   INSTALL_PLAYWRIGHT_MCP="${INSTALL_PLAYWRIGHT_MCP:-0}" \
   INSTALL_CHROME_DEVTOOLS_MCP="${INSTALL_CHROME_DEVTOOLS_MCP:-0}" \
   INSTALL_PLAYWRIGHT="${INSTALL_PLAYWRIGHT:-0}" \
@@ -65,6 +67,10 @@ if [[ -d "dockerfiles/base/skills" ]]; then
   cp -r "dockerfiles/base/skills" "$SANDBOX_DIR/"
 fi
 
+if [[ -d "dockerfiles/base/scripts" ]]; then
+  cp -r "dockerfiles/base/scripts" "$SANDBOX_DIR/"
+fi
+
 echo "✅ Dockerfile generated at $SANDBOX_DIR/Dockerfile"
 
 echo "🔨 Building ai-sandbox:latest..."

package/lib/install-base.sh

@@ -67,6 +67,51 @@ COPY skills/rtk-setup/SKILL.md /home/agent/.config/opencode/skills/rtk-setup/SKI
   fi
 fi
 
+if [[ "${INSTALL_PUP:-0}" -eq 1 ]]; then
+  echo "📦 Pup (Datadog CLI) will be installed in base image (multi-stage build)"
+  DOCKERFILE_BUILD_STAGES+='# Build Pup from source (multi-stage: only binary is kept, Rust toolchain discarded)
+FROM rust:bookworm AS pup-builder
+RUN cargo install --git https://github.com/DataDog/pup --locked
+'
+  ADDITIONAL_TOOLS_INSTALL+='# Install Pup - Datadog CLI for AI agents (built from source)
+COPY --from=pup-builder /usr/local/cargo/bin/pup /usr/local/bin/pup
+'
+  # Copy Pup OpenCode skill into build context so it can be COPY'd into the image
+  SCRIPT_BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+  PUP_SKILLS_SRC="${SCRIPT_BASE_DIR}/../skills"
+  if [[ -d "$PUP_SKILLS_SRC/dd-pup" ]]; then
+    mkdir -p "dockerfiles/base/skills/dd-pup"
+    cp "$PUP_SKILLS_SRC/dd-pup/SKILL.md" "dockerfiles/base/skills/dd-pup/SKILL.md"
+    ADDITIONAL_TOOLS_INSTALL+='# Install Pup OpenCode skill (auto-discovered by OpenCode agents)
+RUN mkdir -p /home/agent/.config/opencode/skills/dd-pup
+COPY skills/dd-pup/SKILL.md /home/agent/.config/opencode/skills/dd-pup/SKILL.md
+'
+    echo "  ✅ Pup OpenCode skill will be copied into container"
+  else
+    echo "  ⚠️  Pup skill not found at $PUP_SKILLS_SRC/dd-pup — skipping skill installation"
+  fi
+fi
+
+if [[ "${INSTALL_OD_HELPERS:-1}" -eq 1 ]]; then
+  echo "📦 open-design helper scripts (od-status, od-health) will be installed in base image"
+  # Copy helper scripts into build context so they can be COPY'd into the image
+  SCRIPT_BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+  OD_HELPERS_SRC="${SCRIPT_BASE_DIR}/../scripts"
+  if [[ -f "$OD_HELPERS_SRC/od-status" && -f "$OD_HELPERS_SRC/od-health" ]]; then
+    mkdir -p "dockerfiles/base/scripts"
+    cp "$OD_HELPERS_SRC/od-status" "dockerfiles/base/scripts/od-status"
+    cp "$OD_HELPERS_SRC/od-health" "dockerfiles/base/scripts/od-health"
+    ADDITIONAL_TOOLS_INSTALL+='# Install open-design helper scripts (od-status, od-health) for agent containers
+COPY scripts/od-status /usr/local/bin/od-status
+COPY scripts/od-health /usr/local/bin/od-health
+RUN chmod +x /usr/local/bin/od-status /usr/local/bin/od-health
+'
+    echo "  ✅ open-design helpers will be copied into container"
+  else
+    echo "  ⚠️  open-design helpers not found at $OD_HELPERS_SRC — skipping"
+  fi
+fi
+
 if [[ "${INSTALL_PLAYWRIGHT:-0}" -eq 1 ]]; then
   echo "📦 Playwright will be installed in base image"
   ADDITIONAL_TOOLS_INSTALL+='# Install Playwright system dependencies

package/lib/install-open-design.sh

@@ -0,0 +1,60 @@
+#!/usr/bin/env bash
+set -e
+
+dockerfile_snippet() {
+  cat <<'SNIPPET'
+# open-design is a service-type tool (long-running daemon)
+# It uses its own upstream image, not ai-base
+# This snippet is included for convention only; the base image builder
+# does NOT inline open-design (it runs as a separate container)
+SNIPPET
+}
+
+if [[ "${SNIPPET_MODE:-}" == "1" ]]; then
+  return 0 2>/dev/null || exit 0
+fi
+
+TOOL="open-design"
+# NOTE: upstream vanjayak/open-design currently publishes only the 'latest' tag (as of 2026-05).
+# When upstream starts publishing version tags (e.g., 0.8.0-preview), pin via OPEN_DESIGN_IMAGE_TAG
+# or OPEN_DESIGN_IMAGE to avoid breaking changes.
+OPEN_DESIGN_IMAGE_TAG="${OPEN_DESIGN_IMAGE_TAG:-latest}"
+OPEN_DESIGN_IMAGE="${OPEN_DESIGN_IMAGE:-docker.io/vanjayak/open-design:${OPEN_DESIGN_IMAGE_TAG}}"
+OPEN_DESIGN_VERSION="${OPEN_DESIGN_VERSION:-${OPEN_DESIGN_IMAGE_TAG}}"
+
+echo "Installing $TOOL (Open Design daemon — long-running HTTP service)..."
+echo "  Upstream image: $OPEN_DESIGN_IMAGE"
+
+mkdir -p "dockerfiles/$TOOL"
+mkdir -p "$HOME/.ai-sandbox/tools/$TOOL/home"
+
+# Generate Dockerfile (idempotent — overwrites existing)
+cat > "dockerfiles/$TOOL/Dockerfile" <<EOF
+FROM $OPEN_DESIGN_IMAGE
+
+# Force daemon to bind on all interfaces inside the container.
+# Bearer token auth (OD_API_TOKEN env) protects the daemon.
+ENV OD_BIND_HOST=0.0.0.0
+
+# Document the port (publishing is controlled by ai-run --expose)
+EXPOSE 7456
+
+# Daemon entrypoint is provided by upstream image (do not override)
+EOF
+
+# Build image
+echo "Building Docker image for $TOOL..."
+docker build ${DOCKER_NO_CACHE:+--no-cache} -t "ai-$TOOL:latest" "dockerfiles/$TOOL"
+
+echo "✅ $TOOL installed (Open Design daemon)"
+echo ""
+echo "Features:"
+echo "  ✓ Long-running HTTP daemon (port 7456 inside container)"
+echo "  ✓ Bearer token auth (OD_API_TOKEN)"
+echo "  ✓ Persistent state via named volume (ai-open-design-data)"
+echo "  ✓ Internal-only by default (use --expose to publish to host)"
+echo ""
+echo "Usage:"
+echo "  ai-run open-design init     # one-time: generate token, network, volume"
+echo "  ai-run open-design start    # boot daemon"
+echo "  ai-run open-design status   # check health"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kokorolx/ai-sandbox-wrapper",
-  "version": "3.4.1",
+  "version": "3.4.3-beta.2",
   "description": "Docker-based security sandbox for AI coding agents. Isolate Claude, Gemini, Aider, and other AI tools from your host system.",
   "keywords": [
     "ai",