{"id":41729380,"url":"https://github.com/xcanwin/manyoyo","last_synced_at":"2026-05-03T20:04:48.941Z","repository":{"id":334074100,"uuid":"1139911761","full_name":"xcanwin/manyoyo","owner":"xcanwin","description":"AI Agent CLI Security Sandbox. 一款AI智能体安全沙箱，保障PC安全，可以随心所欲运行YOLO/SOLO模式，例如claude --dangerously-skip-permissions","archived":false,"fork":false,"pushed_at":"2026-04-02T22:47:16.000Z","size":2134,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-03T04:53:09.796Z","etag":null,"topics":["agent","claude","claude-code","codex","gemini","llm","solo","yolo"],"latest_commit_sha":null,"homepage":"https://xcanwin.github.io/manyoyo/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xcanwin.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-01-22T15:25:21.000Z","updated_at":"2026-04-02T22:47:18.000Z","dependencies_parsed_at":"2026-01-29T03:08:18.490Z","dependency_job_id":null,"html_url":"https://github.com/xcanwin/manyoyo","commit_stats":null,"previous_names":["xcanwin/manyoyo"],"tags_count":109,"template":false,"template_full_name":null,"purl":"pkg:github/xcanwin/manyoyo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xcanwin%2Fmanyoyo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xcanwin%2Fmanyoyo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xcanwin%2Fmanyoyo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xcanwin%2Fmanyoyo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xcanwin","download_url":"https://codeload.github.com/xcanwin/manyoyo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xcanwin%2Fmanyoyo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31448219,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-05T15:22:31.103Z","status":"ssl_error","status_checked_at":"2026-04-05T15:22:00.205Z","response_time":75,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent","claude","claude-code","codex","gemini","llm","solo","yolo"],"created_at":"2026-01-24T23:22:18.951Z","updated_at":"2026-05-03T20:04:48.934Z","avatar_url":"https://github.com/xcanwin.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"./assets/manyoyo-logo-09-cyberpunk-terminal.svg\" alt=\"MANYOYO logo\" width=\"560\" /\u003e\n\u003c/p\u003e\n\n# \u003cp align=\"center\"\u003e\u003ca href=\"https://github.com/xcanwin/manyoyo\"\u003eMANYOYO（慢悠悠）\u003c/a\u003e\u003c/p\u003e\n\u003cp align=\"center\"\u003e面向 AI Agent CLI 的 Docker / Podman 安全沙箱。\u003c/p\u003e\n\u003cp align=\"center\"\u003e用于隔离 Claude Code、Codex、Gemini、OpenCode 等命令行智能体，降低宿主机风险，并保持可复现的运行环境。\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://www.npmjs.com/package/@xcanwin/manyoyo\"\u003e\u003cimg alt=\"npm\" src=\"https://img.shields.io/npm/v/@xcanwin/manyoyo?style=flat-square\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/xcanwin/manyoyo/actions/workflows/npm-publish.yml\"\u003e\u003cimg alt=\"Build status\" src=\"https://img.shields.io/github/actions/workflow/status/xcanwin/manyoyo/npm-publish.yml?style=flat-square\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/xcanwin/manyoyo/blob/main/LICENSE\"\u003e\u003cimg alt=\"license\" src=\"https://img.shields.io/badge/License-MIT-yellow.svg\" /\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"README.md\"\u003e\u003cb\u003e中文\u003c/b\u003e\u003c/a\u003e |\n  \u003ca href=\"https://xcanwin.github.io/manyoyo/en/\"\u003eEnglish\u003c/a\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  文档：\u003ca href=\"https://xcanwin.github.io/manyoyo/\"\u003ehttps://xcanwin.github.io/manyoyo/\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n## 生态仓库\n\n| 仓库 | 定位 |\n|------|------|\n| [manyoyo](https://github.com/xcanwin/manyoyo) | CLI + 容器运行时 + Web 服务 |\n| [manyoyo-app](https://github.com/xcanwin/manyoyo-app) | Flutter 原生 UI 客户端（macOS / Windows / iOS / Android） |\n| [manyoyo-studio](https://github.com/xcanwin/manyoyo-studio) | Electron 桌面端 + Capacitor 移动端 |\n\n## 为什么是 MANYOYO\n\nAI Agent CLI 往往需要：\n\n- 访问代码仓库\n- 执行 shell 命令\n- 读写文件\n- 安装依赖或调用容器能力\n\n直接在宿主机上裸跑这些工具，风险边界通常不清晰。**MANYOYO** 的目标不是替代容器平台，而是把常见 Agent CLI 的运行方式收敛到一个更清晰、可复现、可审计的沙箱入口。\n\n你可以把它理解为：\n\n- 面向 Agent CLI 的运行包装层\n- 面向团队协作的配置与镜像约定\n- 面向高风险模式的显式边界说明\n\n## 核心能力\n\n- **多 Agent 支持**：支持 `claude`、`gemini`、`codex`、`opencode`\n- **容器隔离**：基于 Docker / Podman 运行，降低宿主机暴露面\n- **YOLO / SOLO 工作流**：适配跳过权限确认的高效率模式\n- **统一配置入口**：集中管理 `runs.\u003cname\u003e`、环境变量、挂载与镜像参数\n- **命令可预览**：支持查看配置合并结果与最终命令拼装\n- **会话与 Web 模式**：支持容器会话管理与网页访问入口\n- **镜像可定制**：支持 common / full / 自定义工具集镜像\n\n## 快速开始\n\n```bash\nnpm install -g @xcanwin/manyoyo\npodman pull ubuntu:24.04                        # 仅 Podman 需要\nmanyoyo build --iv 1.9.0-common\nmanyoyo init all\nmanyoyo run -r claude\nmanyoyo serve 127.0.0.1:3000 -U admin -P 123456 # Web UI 模式\n```\n\n系统要求：\n\n- Node.js \u003e= 22\n- Podman（推荐）或 Docker\n\n注意：\n\n- `YOLO / SOLO` 会跳过权限确认，只适合在可控环境中使用\n- `sock` 模式会暴露宿主机 Docker socket，不属于强隔离\n\n## 适合什么场景\n\n- 在容器中运行 **Claude Code YOLO / SOLO**\n- 为 **Codex CLI** 提供独立于宿主机的运行边界\n- 隔离运行 **Gemini CLI / OpenCode** 的代码任务\n- 用统一镜像和配置管理团队 Agent 环境\n- 在调试和自动化任务中快速切换 Agent 与 `/bin/bash`\n\n## 裸跑 vs MANYOYO\n\n| 对比项 | 裸跑 Agent CLI | MANYOYO |\n| --- | --- | --- |\n| 宿主机暴露面 | 高 | 更低 |\n| 运行边界 | 分散 | 集中到容器与配置 |\n| 环境复现 | 弱 | 强（镜像 + 配置） |\n| 高风险模式说明 | 通常依赖工具自身 | 明确提示 YOLO / SOLO / sock 风险 |\n| 团队统一性 | 弱 | 更强 |\n\n## 安全边界\n\nMANYOYO 可以降低风险，但不是“绝对安全”：\n\n- 它的主要隔离手段是容器，不是虚拟机\n- `YOLO / SOLO` 仍然可能执行危险命令\n- `sock` 模式本质上会把宿主机容器控制权暴露给容器\n- 自定义挂载、环境变量和网络访问会直接影响实际安全边界\n\n相关文档：\n\n- [AI 智能体说明](https://xcanwin.github.io/manyoyo/zh/reference/agents)\n- [容器模式说明](https://xcanwin.github.io/manyoyo/zh/reference/container-modes)\n- [网页认证与安全](https://xcanwin.github.io/manyoyo/zh/advanced/web-server-auth)\n\n## 常用命令\n\n```bash\n# 初始化与迁移\nmanyoyo init all\n\n# 启动常见 Agent\nmanyoyo run -y c\nmanyoyo run -y gm\nmanyoyo run -y cx\nmanyoyo run -y oc\n\n# 更新\nmanyoyo update\n\n# 容器与调试\nmanyoyo ps\nmanyoyo images\nmanyoyo run -n my-dev -x /bin/bash\nmanyoyo rm my-dev\n\n# Web UI 模式\nmanyoyo serve 127.0.0.1:3000\nmanyoyo serve 127.0.0.1:3000 -U admin -P 123456\nmanyoyo serve 127.0.0.1:3000 -U admin -P 123456 -d\nmanyoyo serve 127.0.0.1:3000 -d   # 未设置密码时会打印本次随机密码\nmanyoyo serve 127.0.0.1:3000 --stop   # 停止指定后台服务\nmanyoyo serve 127.0.0.1:3000 -U admin -P 123456 -d --restart   # 重启指定后台服务\n\n# 查看配置与命令拼装\nmanyoyo config show\nmanyoyo config command\n```\n\n## 镜像构建\n\n```bash\n# common 版本\nmanyoyo build --iv 1.9.0-common\n\n# full 版本\nmanyoyo build --iv 1.9.0-full\n\n# 仅更新已有镜像内 Agent CLI 到 latest，不重建 Dockerfile\nmanyoyo build --iv 1.9.0-full --update-agents --yes\n\n# 自定义工具集\nmanyoyo build --iba TOOL=go,codex,java,gemini\n```\n\n说明：\n\n- 首次构建会把依赖缓存到 `docker/cache/`\n- 在缓存有效期内重复构建，通常会更快\n- `imageVersion` 格式必须为 `x.y.z-后缀`\n\n## 配置模型\n\nMANYOYO 的配置重点不是“多”，而是“可预测”：\n\n- 标量值按 `命令行参数 \u003e runs.\u003cname\u003e \u003e 全局配置 \u003e 默认值` 覆盖\n- 数组值按 `全局配置 -\u003e runs.\u003cname\u003e -\u003e 命令行参数` 追加合并\n- `env` 使用 map 合并，按 key 覆盖\n\n相关文档：\n\n- [配置系统概览](https://xcanwin.github.io/manyoyo/zh/configuration/)\n- [配置文件详解](https://xcanwin.github.io/manyoyo/zh/configuration/config-files)\n- [环境变量详解](https://xcanwin.github.io/manyoyo/zh/configuration/environment)\n\n## 文档入口\n\n中文文档：\n\n- [快速开始](https://xcanwin.github.io/manyoyo/zh/guide/quick-start)\n- [安装详解](https://xcanwin.github.io/manyoyo/zh/guide/installation)\n- [CLI 选项](https://xcanwin.github.io/manyoyo/zh/reference/cli-options)\n- [故障排查](https://xcanwin.github.io/manyoyo/zh/troubleshooting/)\n\nEnglish Documentation:\n\n- [Quick Start](https://xcanwin.github.io/manyoyo/en/guide/quick-start)\n- [Installation](https://xcanwin.github.io/manyoyo/en/guide/installation)\n- [CLI Options](https://xcanwin.github.io/manyoyo/en/reference/cli-options)\n- [Troubleshooting](https://xcanwin.github.io/manyoyo/en/troubleshooting/)\n\n## 安装与卸载\n\n安装：\n\n```bash\nnpm install -g @xcanwin/manyoyo\n```\n\n卸载：\n\n```bash\nnpm uninstall -g @xcanwin/manyoyo\nrm -rf ~/.manyoyo/   # 可选\n```\n\n## 许可证\n\nMIT\n\n## 贡献\n\n欢迎提交 Issue 和 Pull Request。\n\n- Issues: \u003chttps://github.com/xcanwin/manyoyo/issues\u003e\n- Repository: \u003chttps://github.com/xcanwin/manyoyo\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxcanwin%2Fmanyoyo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxcanwin%2Fmanyoyo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxcanwin%2Fmanyoyo/lists"}