ralph-cli-sandboxed 0.2.6 → 0.2.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +185 -3
- package/dist/commands/docker.js +103 -2
- package/dist/commands/help.js +2 -1
- package/dist/commands/init.js +30 -2
- package/dist/commands/once.js +174 -15
- package/dist/commands/run.js +189 -18
- package/dist/config/cli-providers.json +28 -3
- package/dist/config/skills.json +12 -0
- package/dist/templates/prompts.d.ts +13 -0
- package/dist/templates/prompts.js +17 -0
- package/dist/utils/config.d.ts +6 -0
- package/dist/utils/config.js +5 -1
- package/dist/utils/notification.d.ts +28 -0
- package/dist/utils/notification.js +69 -0
- package/dist/utils/stream-json.d.ts +132 -0
- package/dist/utils/stream-json.js +662 -0
- package/docs/SECURITY.md +21 -6
- package/package.json +1 -1
package/docs/SECURITY.md
CHANGED
|
@@ -6,15 +6,30 @@ Ralph automates AI agents that execute code and modify files autonomously. This
|
|
|
6
6
|
|
|
7
7
|
**It is strongly recommended to run ralph inside a Docker container for security.** The Ralph Wiggum technique involves running an AI agent autonomously, which means granting it elevated permissions to execute code and modify files without manual approval for each action.
|
|
8
8
|
|
|
9
|
-
##
|
|
9
|
+
## Autonomous Mode Flags
|
|
10
10
|
|
|
11
|
-
When running inside a container, ralph automatically passes the
|
|
11
|
+
When running inside a container, ralph automatically passes the appropriate autonomous mode flag to the CLI provider. This allows the AI agent to execute commands and modify files without prompting for permission.
|
|
12
12
|
|
|
13
|
-
|
|
14
|
-
- Is **only** enabled when ralph detects it's running inside a container
|
|
15
|
-
- Is required for autonomous operation (otherwise Claude would pause for approval on every action)
|
|
13
|
+
### Provider Support
|
|
16
14
|
|
|
17
|
-
|
|
15
|
+
| Provider | Autonomous Flag | Status |
|
|
16
|
+
|----------|-----------------|--------|
|
|
17
|
+
| Claude Code | `--dangerously-skip-permissions` | ✅ Supported |
|
|
18
|
+
| Gemini CLI | `-y` | ✅ Supported |
|
|
19
|
+
| Codex CLI | `--approval-mode full-auto` | ✅ Supported |
|
|
20
|
+
| AMP | `--dangerously-allow-all` | ✅ Supported |
|
|
21
|
+
| Aider | `--yes-always` | ✅ Supported |
|
|
22
|
+
| Goose | (none needed) | ✅ Supported |
|
|
23
|
+
| OpenCode | `--yolo` | ❌ Not yet implemented |
|
|
24
|
+
|
|
25
|
+
For providers without autonomous mode support, you may need to manually approve actions during execution.
|
|
26
|
+
|
|
27
|
+
### How It Works
|
|
28
|
+
|
|
29
|
+
- Autonomous mode is **only** enabled when ralph detects it's running inside a container
|
|
30
|
+
- It is required for fully autonomous operation (otherwise the CLI would pause for approval on every action)
|
|
31
|
+
|
|
32
|
+
**Warning:** Autonomous mode gives the AI agent full control over the environment. This is why container isolation is critical:
|
|
18
33
|
|
|
19
34
|
- The container provides a sandbox boundary
|
|
20
35
|
- Network access is restricted to essential services (GitHub, npm, Anthropic API)
|