Sandbox (Guarded Actions)
Run a safe, pre‑defined action on the device — no raw shell, no hand‑written JSON. You pick an action, fill in a couple of fields, and it goes through an approval + audit path before the agent runs it.
Run an action
-
Open the device → Sandbox and choose an action:
Action Fields Run a script / command the command/script (e.g. sudo systemctl restart nginx), Run with (interpreter: bash/…), and an optional Undo command for rollbackRestart a service Service name (e.g. nginx) and OSInstall a package Package name (e.g. htop) and package managerRemove a package Package name and package manager -
Fill in the fields (and a rollback command if offered).
-
Submit. The action is tagged with a risk level (Low / Medium / High / Critical).
Approval and execution
Actions move through a clear status flow: Awaiting approval → Approved → Executing → Completed (or Failed / Rejected / Cancelled). Higher‑risk actions wait for approval before the agent picks them up and runs them; the result comes back inline and is logged in Ops Replay.