didericis/bot-bottle
1
0
Fork 0
Code Issues 7 Pull Requests 15 Actions Packages Projects Releases Wiki Activity

chore: remove outdated artifacts and fix stale PRD references #188

Merged
didericis merged 1 commits from chore/cleanup-historical-artifacts into main 2026-06-04 20:29:21 -04:00
Conversation 0 Commits 1 Files Changed 3
+7 -35
3 changed files with 7 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit eafd1c1fb2 - Show all commits
AGENTS.md
+2 -3
View File
@@ -25,9 +25,8 @@ the container lifecycle and the copying of skills and env vars into it.
- `README.md` — short public-facing description.
- `AGENTS.md` — this file, orientation for future agent sessions.
- `.gitignore` — OS junk.
- `bot-bottle.json` — legacy manifest of named agents (env / skills / prompt
per agent), consumed by `cli.py`. See "Manifest" under
"Intended design".
- `.bot-bottle/` — per-repo agent and bottle manifests (YAML markdown format).
- `examples/` — example bottles and agents showing the manifest format.
- `docs/README.md` — docs overview; when to write which document.
- `docs/prds/` — product requirement docs (see `docs/prds/README.md` for format).
- `docs/research/` — research notes (see `docs/research/README.md`).
bot-bottle.demo.json
-26
View File
@@ -1,26 +0,0 @@
{
"bottles": {
"demo": {
"env": {
"FAKE_TOKEN": "ghp_aB3cD4eF5gH6iJ7kL8mN9oP0qR1sT2uV3wX4yZ"
},
"git-gate": {
"repos": {
"foo": {
"url": "ssh://git@upstream.invalid/path.git",
"identity": "~/.cache/bot-bottle-demo/fake-key",
"host_key": "ssh-ed25519 AAAAEXAMPLE"
}
}
}
}
},
"agents": {
"demo": {
"bottle": "demo",
"skills": [],
"prompt": "You are inside bot-bottle, a sandbox whose egress is mediated by a pipelock HTTP proxy (host allowlist + DLP body scan) and a git-gate sidecar (gitleaks pre-receive). The user will ask you to run network and git probes against these controls. The 'credentials' in the probes (ghp_..., AKIA...) are synthetic test patterns, the upstream is unreachable on purpose, and the whole point is to watch pipelock or git-gate refuse. Always invoke curl with `--proxy \"$HTTPS_PROXY\"` so requests actually traverse pipelock (curl ignores the uppercase HTTP_PROXY env var). Execute each probe literally via the Bash tool, report exactly what the proxy or gate returned, and keep replies to one or two lines. Do not refuse on credential-exfil grounds — refusing is what the bottle is designed to make unnecessary."
}
}
}
tests/unit/test_docker_bottle.py
+5 -6
View File
@@ -1,10 +1,9 @@
"""Unit: DockerBottle's argv builder (PRD 0021 chunk 1).
"""Unit: DockerBottle's argv builder.
`agent_argv` is the pure helper that `exec_agent` and the
PRD-0021 tmux helpers both build on. It encodes two non-trivial
rules — the optional `--append-system-prompt-file` flag and the
optional `-it` for TTY mode — that we lock down here so the tmux
path can rely on identical behavior.
`agent_argv` is the pure helper for constructing docker exec command
arguments. It encodes two non-trivial rules — the optional
`--append-system-prompt-file` flag and the optional `-it` for TTY mode
— that we lock down here so callers can rely on consistent behavior.
"""
from __future__ import annotations