sandbox-cli:sandbox-setup

This skill should be used when the user asks to "install sandbox-cli", "setup sandbox", "configure sandbox-cli", "get sandbox-cli working", "download sandbox-cli", or "I don't have sandbox-cli installed".

12 stars

Best use case

sandbox-cli:sandbox-setup is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

This skill should be used when the user asks to "install sandbox-cli", "setup sandbox", "configure sandbox-cli", "get sandbox-cli working", "download sandbox-cli", or "I don't have sandbox-cli installed".

Teams using sandbox-cli:sandbox-setup should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/sandbox-setup/SKILL.md --create-dirs "https://raw.githubusercontent.com/rhpds/rhdp-skills-marketplace/main/sandbox-cli/skills/sandbox-setup/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/sandbox-setup/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How sandbox-cli:sandbox-setup Compares

Feature / Agentsandbox-cli:sandbox-setupStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

This skill should be used when the user asks to "install sandbox-cli", "setup sandbox", "configure sandbox-cli", "get sandbox-cli working", "download sandbox-cli", or "I don't have sandbox-cli installed".

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

---
context: main
---

# Skill: sandbox-setup

**Name:** Sandbox CLI Setup
**Description:** Install and configure the sandbox-cli tool for managing OCP shared clusters via the RHDP Sandbox API.

---

## Purpose

Guide the user through installing sandbox-cli and authenticating with the Sandbox API. This skill handles platform detection, binary download, VPN verification, and initial login.

## Workflow

### Step 1: Detect Platform

Determine the user's OS and architecture:

```bash
uname -s   # Darwin or Linux
uname -m   # arm64 or x86_64
```

Map to binary name:
- macOS Apple Silicon: `sandbox-cli-darwin-arm64`
- macOS Intel: `sandbox-cli-darwin-amd64`
- Linux x86_64: `sandbox-cli-linux-amd64`
- Linux ARM: `sandbox-cli-linux-arm64`

### Step 2: Check if Already Installed

```bash
which sandbox-cli && sandbox-cli version
```

If already installed, check if it's up to date by running `sandbox-cli status` and skip to Step 4.

### Step 3: Download and Install

Download the latest release from GitHub:

```bash
# Get latest release URL
PLATFORM="darwin-arm64"  # adjust based on Step 1
curl -sL "https://github.com/rhpds/sandbox/releases/latest/download/sandbox-cli-${PLATFORM}" -o /usr/local/bin/sandbox-cli
chmod +x /usr/local/bin/sandbox-cli
```

If `/usr/local/bin` requires sudo, suggest:
```bash
curl -sL "https://github.com/rhpds/sandbox/releases/latest/download/sandbox-cli-${PLATFORM}" -o ~/bin/sandbox-cli
chmod +x ~/bin/sandbox-cli
# Ensure ~/bin is in PATH
```

Verify installation:
```bash
sandbox-cli version
```

### Step 4: Verify Red Hat VPN Connection

**CRITICAL:** The sandbox API is IP-restricted. The user MUST be on Red Hat VPN. Always verify VPN connectivity before any sandbox-cli operation.

Run this check:

```bash
host squid.redhat.com
```

**If the DNS resolves** (returns an IP address like `10.x.x.x`), the user is on VPN. Proceed.

**If it fails** with `NXDOMAIN`, `not found`, or `connection timed out`, the user is NOT on VPN. Stop and tell them:

> You are NOT connected to the Red Hat VPN. The sandbox API is IP-restricted and all commands will fail with EOF errors. Please connect to the Red Hat VPN before proceeding.

Do NOT proceed with login or any sandbox-cli commands until VPN is confirmed.

### Step 5: Login

Ask the user for:
1. **Server URL** - The sandbox API endpoint (default: `https://restricted-babylon-sandbox-api.apps.infra-us-east-1.infra.demo.redhat.com`)
2. **Login Token** - A JWT token issued by a sandbox admin

Then run:
```bash
sandbox-cli login --server <SERVER_URL> --token <TOKEN>
```

Expected output on success:
```
Authenticating with <SERVER_URL>...
Using Red Hat VPN proxy (squid.redhat.com:3128)
Login successful. Access token saved to ~/.local/sandbox-cli/config.json
Token expires: <date>
```

If you get an `EOF` error, the VPN check in Step 4 may have given a false positive. Ask the user to verify their VPN connection and retry.

### Step 6: Verify

```bash
sandbox-cli status
```

This shows client version, server connection, proxy status, and authentication state.

## Troubleshooting

| Error | Cause | Fix |
|-------|-------|-----|
| `EOF` error on login | Not on VPN | Connect to Red Hat VPN, verify with `host squid.redhat.com` |
| `authentication failed` | Invalid or expired token | Get a new token from a sandbox admin |
| `command not found` | Binary not in PATH | Check install location and PATH |
| `permission denied` | Binary not executable | Run `chmod +x /path/to/sandbox-cli` |

## Important Notes

- Configuration is saved to `~/.local/sandbox-cli/config.json`
- Access tokens auto-refresh when expired
- The CLI auto-detects Red Hat VPN and uses squid proxy (`squid.redhat.com:3128`)
- Requires Go 1.22+ if building from source

Related Skills

We are still matching the closest adjacent skills for this page. In the meantime, continue through the full directory.