fix(aca-sandboxes skill): match shipped aca CLI (--rule, --label, secret set)#1748
Open
freezscholte wants to merge 1 commit into
Open
fix(aca-sandboxes skill): match shipped aca CLI (--rule, --label, secret set)#1748freezscholte wants to merge 1 commit into
freezscholte wants to merge 1 commit into
Conversation
Three documented forms hard-error on `aca 1.0.0-preview.1`; corrected to the forms the CLI actually accepts (verified live against the CLI): - egress allow-list: `--host-allow "<host>"` → `--rule "<pattern>:Allow"` (the CLI's own `egress set --help` example and `egress init` template use `--rule`; `--host-allow` returns "unexpected argument"). Fixed in the SKILL.md egress rows + the copilot scenario in scenarios.md. Added an explicit anti-cue. - sandbox labels: `--labels "k=v,k2=v2"` → `--label k=v --label k2=v2` (repeatable; the CLI suggests `--label` and rejects `--labels`). - group secrets: `secret upsert --name X --values "K=V"` → `secret set --name X --key K --value V` (there is no `upsert` subcommand; `secret` exposes list/show/set/remove/delete). The skill was internally inconsistent (one "Try asking" row already used `--rule`), which confirms drift from the shipped CLI rather than a version pin.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The
aca-sandboxesskill documents three command forms that hard-error on the shippedaca 1.0.0-preview.1. This corrects them to what the CLI actually accepts, verified live against the CLI.egress set … --host-allow "*.github.com"error: unexpected argument '--host-allow';egress set --helpexposes only--rule--rule "*.github.com:Allow"sandbox create … --labels "k=v,k2=v2"error: unexpected argument '--labels'…tip: a similar argument exists: '--label'--label k=v --label k2=v2(repeatable)sandboxgroup secret upsert … --values "K=V"upsertsubcommand (secret= list/show/set/remove/delete); no--valuessecret set --name X --key K --value VVerified live against
aca 1.0.0-preview.1:egress showreflects a--rule-built policy (including aTransforminject-from-secret rule);sandbox list -l k=vreturns sandboxes created with--label;secret listshows a bundle created withsecret set.Internal-consistency note: the skill already used the correct
--rule "*.github.com:Allow"in one "Try asking" row while using--host-allowelsewhere — i.e. drift from the shipped CLI rather than a deliberate version pin. Anti-cues were added so the correct forms are taught explicitly.Files
plugin/skills/aca-sandboxes/SKILL.md— egress rows, create knobs, capability table, thesandboxgroupverb list.plugin/skills/aca-sandboxes/references/scenarios.md— the Copilot-agent egress block.