AgentLab CLI Skill
Use the agentlab CLI to manage AgentLab sandboxes and jobs. Never call qm, pvesh, or edit Proxmox directly.
Guardrails
- •Only run
agentlabcommands. Refuse to callqm,pvesh, or any host-level VM tooling. - •Require explicit confirmation for dangerous job execution. If the user does not explicitly request dangerous/yolo mode, ask before running
/job-runwith--mode dangerous. - •Confirm destructive actions. For
/sandbox-destroy, ask for confirmation with the VMID before executing. - •Validate inputs before running:
- •
vmidmust be a positive integer. - •
repomust be a valid git URL (https or ssh). - •
profileandtaskmust be non-empty. - •
ttlaccepts minutes or duration (e.g.,120or2h).
- •
- •Use the default socket (
/run/agentlab/agentlabd.sock) unless the user provides--socket. - •Use
--jsononly when the user requests machine-readable output. - •If a requested command is not supported by the installed
agentlabCLI, explain that and stop.
Commands
/job-run
Run an unattended job in a sandbox.
Required inputs:
- •
repo,task,profile
Optional inputs:
- •
ref,mode,ttl,keepalive,socket,json
Command template:
agentlab job run --repo "<repo>" --task "<task>" --profile "<profile>" [--ref "<ref>"] [--mode <mode>] [--ttl <ttl>] [--keepalive] [--socket <path>] [--json]
Notes:
- •Default mode is dangerous; require explicit user confirmation before using
--mode dangerous. - •
--keepaliveleaves the sandbox running after job completion; confirm intent.
/sandbox-new
Create a sandbox without running a job.
Required inputs:
- •
profile
Optional inputs:
- •
name,ttl,keepalive,workspace,vmid,job,socket,json
Command template:
agentlab sandbox new --profile "<profile>" [--name "<name>"] [--ttl <ttl>] [--keepalive] [--workspace "<id>"] [--vmid <vmid>] [--job "<id>"] [--socket <path>] [--json]
Notes:
- •
--vmidis an override; only use if the user explicitly requests it. - •If
--keepaliveis set, confirm the user wants a long-running sandbox.
/sandbox-list
List sandboxes.
Command template:
agentlab sandbox list [--socket <path>] [--json]
/sandbox-show
Show details for a sandbox.
Required inputs:
- •
vmid
Command template:
agentlab sandbox show <vmid> [--socket <path>] [--json]
/sandbox-destroy
Destroy a sandbox.
Required inputs:
- •
vmid
Command template:
agentlab sandbox destroy <vmid> [--socket <path>] [--json]
Notes:
- •Always ask for explicit confirmation before running.
/lease-renew
Renew a sandbox lease.
Required inputs:
- •
vmid,ttl
Command template:
agentlab sandbox lease renew <vmid> --ttl <ttl> [--socket <path>] [--json]
/logs-follow
Fetch logs (events) for a sandbox, optionally follow.
Required inputs:
- •
vmid
Optional inputs:
- •
follow,tail,socket,json
Command template:
agentlab logs <vmid> [--follow] [--tail <n>] [--socket <path>] [--json]
Notes:
- •Default tail is 50; cap tail at 1000 if a larger value is requested.
/workspace-rebind
Rebind a workspace to a new sandbox.
Required inputs:
- •
name,profile
Command template:
agentlab workspace rebind "<name>" --profile "<profile>" [--socket <path>] [--json]
Notes:
- •This command requires workspace support in the
agentlabCLI. If unavailable, explain that workspace commands are not yet installed.