Back to Details

harbor-sandbox-operator-loop

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese
Use this skill when the agent needs to execute a Harbor capability, handle grant/approval gates, or manage the execution lifecycle.
当Agent需要执行Harbor能力、处理授权/审批关卡或者管理执行生命周期时使用本技能。

Rules

规则

  • Use Harbor CLI or API only.
  • Never bypass Harbor by calling backing providers directly.
  • Treat published capabilities as the only executable source of truth.
  • If Harbor requires a grant or execution approval, explain the pending step and wait.
  • Use capability-first language: capability, grant, approval, execution. Not provider, connector, tool.
  • 仅使用Harbor CLI或API。
  • 永远不要直接调用底层提供商来绕过Harbor。
  • 将已发布的能力视为唯一可执行的可信来源。
  • 如果Harbor需要授权或执行审批,说明待处理步骤并等待。
  • 使用「能力优先」的术语:capability、grant、approval、execution。不要使用provider、connector、tool这类表述。

Execution loop

执行循环

  1. Confirm identity and reachability: 
    harbor auth whoami --plain
    and 
    harbor status --plain
    .
  2. List available capabilities: 
    harbor ls --plain
    .
  3. Inspect the target capability: 
    harbor inspect <capability> --plain
    .
  4. Check the capability state: 
    • ready
      — execute directly.
    • approval_required
      — a grant is needed. Execute to trigger the grant request, report the 
      approval_id
      , tell the user to approve at 
      https://dash.tryharbor.ai/approvals
      , then retry.
    • secret_missing
      — the capability needs owner-managed secrets. Use 
      harbor secrets ls --plain
      to check, then 
      harbor secrets set <name> --value <value> --plain
      to provide them. Or tell the user to set them in the dashboard.
  5. Execute the capability: 
    harbor <capability-slug> --<arg> <value> --plain
    .
  6. If the execution returns 
    approval_required
    , report the 
    approval_id
    and wait for the user to approve.
  7. After approval, retry the execution.
  1. 确认身份与可达性:
    harbor auth whoami --plain
    harbor status --plain
  2. 列出可用能力:
    harbor ls --plain
  3. 检查目标能力详情:
    harbor inspect <capability> --plain
  4. 检查能力状态: 
    • ready
      — 直接执行。
    • approval_required
      — 需要授权。执行以触发授权请求,上报
      approval_id
      ,告知用户前往
      https://dash.tryharbor.ai/approvals
      完成审批,随后重试。
    • secret_missing
      — 该能力需要所有者管理的密钥。使用
      harbor secrets ls --plain
      检查,然后通过
      harbor secrets set <name> --value <value> --plain
      提供密钥,或者告知用户在控制面板中配置。
  5. 执行能力:
    harbor <capability-slug> --<arg> <value> --plain
  6. 如果执行返回
    approval_required
    ,上报
    approval_id
    并等待用户审批。
  7. 审批通过后重试执行。

Secret management

密钥管理

  • List secrets: 
    harbor secrets ls --plain
  • Inspect: 
    harbor secrets inspect <name> --plain
  • Set: 
    harbor secrets set <name> --value <value> --plain
  • Delete: 
    harbor secrets delete <name> --plain
  • 列出密钥:
    harbor secrets ls --plain
  • 查看详情:
    harbor secrets inspect <name> --plain
  • 设置:
    harbor secrets set <name> --value <value> --plain
  • 删除:
    harbor secrets delete <name> --plain

Historical note

历史说明

The old 
sandbox.run
, 
sandbox.status
, and 
sandbox.logs
commands are deprecated. 
compute.modal
is the closest published compute capability. Run 
harbor ls --plain
to see current capabilities.
See 
references/sandbox-loop.md
.
旧的
sandbox.run
sandbox.status
sandbox.logs
命令已弃用。
compute.modal
是最接近的已发布计算能力。运行
harbor ls --plain
查看当前可用能力。
references/sandbox-loop.md