Sandbox containers (Sprites)
Run commands remotely
sprite exec echo hello # run a command on the spritesprite x echo hello # shorthandsprite console # interactive shellsprite c # shorthandsprite helpPiping & redirection gotcha
>, >>, < are parsed by your local shell before sprite exec runs.
# WRONG: writes to local hello.txtsprite exec echo 42 >> hello.txt
# RIGHT: wrap in bash -c so redirect happens remotelysprite exec bash -c 'echo 42 >> hello.txt'
# BETTER: use pipe + tee, no quoting neededecho 42 | sprite exec tee hello.txt > /dev/nullecho 42 | sprite exec tee -a hello.txt > /dev/null # appendCopy files to a sprite
cat local-file.txt | sprite exec tee /remote/path.txt > /dev/nullCopy credentials (Claude Code auth)
cat ~/.claude/.credentials.json | sprite exec tee ~/.claude/.credentials.json > /dev/nullPersistent sessions (tmux)
sprite exec tmux new -s claude # start a named session# Ctrl+B, D to detachsprite exec tmux attach -t claude # reattach laterGitHub auth (for push, PRs, issues)
Create a fine-grained PAT: https://github.com/settings/personal-access-tokens/new
Scope it to the repos you want the agent to access. Required permissions:
- Contents: Read and write (clone, push)
- Pull requests: Read and write (create/update PRs)
- Issues: Read and write (optional, for reading/creating issues)
- Metadata: Read (auto-selected)
- Actions: Read (optional, for checking CI status)
sprite exec fish -c "set -Ux GITHUB_TOKEN <your-pat>"sprite exec fish -c "gh auth login --with-token <<< \$GITHUB_TOKEN"Debug output
sprite --debug exec cmd # debug to stdout (flows back to you)sprite --debug=./debug.log exec cmd # debug to file on the spritesprite exec cmd 2>local.log # capture remote stderr locally