agent-template / Sandbox automation
Repo Review Agent
Reusable repo-review agent pattern for sandboxed coding automations. It is intentionally separate from source watchers and scheduled digest agents.
Repo reviewSandboxAudit
Inputs4required context
Outputs4expected products
Secrets1credential gates
Tools3declared access
Targets2install surfaces
Contract
Runs sandboxed code review with file scope, patch output, credentials, and audit artifacts separated from normal agents.
Reusable asSandboxed repo review worker
Runner adaptersandbox:repo-reviewer
Artifact contractReview runs must retain findings, patches, logs, and test output per run.
Event contractEmit review-started, findings-written, patch-produced, tests-passed, blocked, and failed events.
Runbook
Create a manifest, run the repo reviewer in a sandbox, collect findings and patches, run tests, and attach all evidence.
GuardrailKeep file access manifest-bound.
GuardrailDo not share credentials with normal scheduled agents.
GuardrailAttach every patch and test result as an artifact.
Installations
Project-scoped instances created from this reusable template.
No installations yetInstall this template into a project to start tracking a concrete instance.
Inputs
What an installation or run must provide.
Inputrepo path
Inputreview scope
Inputallowed files
Inputtest command
Outputs
What the template should leave behind.
Outputreview findings
Outputpatch artifact
Outputtest log
Outputrun summary
Allowed tools
Capabilities this template can use.
Allowed toolVercel Sandbox
Allowed toolOpenAI Agents SDK
Allowed tooltest runner
Verification
Checks before treating the template as ready.
VerificatioManifest limits file access.
VerificatioMissing credentials surface as blockers.
VerificatioFindings include file and line references.