Show coding agents on both Mac/Linux

alexellis · alexellis · commit a57e064af1e6 · 2026-04-12T09:22:40.000+01:00
Signed-off-by: Alex Ellis (OpenFaaS Ltd) &lt;alexellis2@gmail.com&gt;
diff --git a/docs/examples/coding-agents.md b/docs/examples/coding-agents.md
@@ -0,0 +1,151 @@
+# Sandboxing Coding Agents
+
+You can run coding agents like [Claude Code](https://code.claude.com/docs/en/overview), [OpenCode](https://opencode.ai/), and [Amp](https://amp.dev/) inside Slicer VMs.
+This page applies to both Slicer for Linux and Slicer for Mac.
+
+Running an agent inside a VM means you don't need to grant broad permissions on your host CLI. The agent gets its own kernel and filesystem, and can't touch your SSH keys, cloud credentials, or browser sessions.
+
+## `slicer workspace`: generic workspace runner
+
+`slicer workspace` is a generic command that bootstraps a fresh VM for your current project workspace. It copies your working directory into the VM and drops you into a shell so you can run a tool of your choice.
+
+Use it when you want one-VM-per-task behavior without being tied to a specific agent binary. For example, use it for:
+
+* trying out a new tool against a codebase
+* running a custom script-based agent
+* reproducing task-specific work in a disposable environment
+
+Because it is generic, it’s a good fit when the built-in `slicer claude`, `slicer opencode`, etc. shortcuts don’t match your exact workflow.
+
+## Automated agent and sandbox launches
+
+Slicer has a number of experimental commands that do the following:
+
+* Boot a new VM
+* Copy the current directory to the VM in the same relative path
+* Install the specified AI agent and copy in its config/auth files
+* Launch the agent in a shell (`slicer vm shell`)
+
+Available agent commands:
+
+* `slicer workspace`
+* `slicer amp`
+* `slicer copilot`
+* `slicer codex`
+* `slicer claude`
+* `slicer opencode`
+
+If your agent (for example, Pi or Hermes) is not listed above, request support in the Discord, or use `slicer workspace` and install and configure your agent via a bash script or userdata.
+
+To launch a new Slicer VM for Claude:
+
+```bash
+mkdir -p ~/dev/
+cd ~/dev/
+git clone --depth=1 https://github.com/alexellis/arkade
+
+cd arkade
+
+slicer claude .
+```
+
+When launching a VM for a coding agent, you can specify:
+
+* `--tmux=none` - launch the agent directly in the shell
+* `--tmux=local` - launch a shell using tmux on the host (requires `brew install tmux` on macOS)
+* `--tmux=remote` - launch a shell using tmux on the VM
+
+Tmux is a time-tested terminal tool and ideal for running processes in the background, and reconnecting to them later.
+
+## Install agents manually
+
+Shell into your VM and install agents with [arkade](https://github.com/alexellis/arkade):
+
+```bash
+slicer vm shell slicer-1
+
+# Install Claude Code
+arkade get claude --path /usr/local/bin
+
+# Install OpenCode
+arkade get opencode --path /usr/local/bin
+```
+
+Both binaries are installed into `/usr/local/bin` inside the VM. They persist across reboots if your base VM is persistent.
+
+## Authenticate
+
+### Claude Code with an API key
+
+Set the `ANTHROPIC_API_KEY` environment variable inside the VM:
+
+```bash
+export ANTHROPIC_API_KEY=sk-ant-...
+```
+
+Add it to `~/.bashrc` to persist across sessions:
+
+```bash
+echo 'export ANTHROPIC_API_KEY=sk-ant-...' >> ~/.bashrc
+```
+
+Then run Claude Code:
+
+```bash
+cd /home/ubuntu/host/code/my-project
+claude --dangerously-skip-permissions
+```
+
+Inside the VM, `--dangerously-skip-permissions` is acceptable because the VM is the sandbox.
+
+!!! note "Claude Max plan"
+    The Claude Max subscription uses OAuth-based authentication. Run `claude` inside the VM and follow the interactive login flow. The auth token is stored inside the VM and does not affect your host.
+
+### OpenCode
+
+Authenticate with your provider of choice:
+
+```bash
+opencode auth login --provider github --token <your-github-token>
+```
+
+The auth config is stored at `~/.local/share/opencode/auth.json` inside the VM.
+
+## Linux-specific workspace details
+
+On Slicer for Linux, use the workspace mounting pattern defined for your host/group and the normal `slicer vm cp` flow for file movement.
+
+Use:
+- your host filesystem access model (from your host/group config)
+- `slicer vm cp` for explicit copies into and out of ephemeral VMs
+
+## Run headless agents non-interactively
+
+For one-off and automated tasks, launch a sandbox instead of using your persistent VM:
+
+```bash
+# Launch a sandbox
+slicer vm launch sbox
+
+# Copy a repo in
+slicer vm cp ./my-project sbox-1:/home/ubuntu/my-project
+
+# Run the agent
+slicer vm exec --uid 1000 --cwd /home/ubuntu/my-project sbox-1 -- \
+  claude --dangerously-skip-permissions -p "Write tests for main.go"
+
+# Copy results out
+slicer vm cp sbox-1:/home/ubuntu/my-project ./my-project-result
+
+# Delete when done
+slicer vm delete sbox-1
+```
+
+The sandbox has its own kernel and filesystem. If the agent does something unexpected, delete it and start fresh.
+
+## Next steps
+
+- [Sandboxes](/mac/sandboxes) - more on launching and managing ephemeral VMs
+- [Headless OpenCode on Slicer for Linux](/examples/opencode-agent) - one-shot agent execution via userdata and the exec API
+- [Headless Cursor CLI on Slicer for Linux](/examples/cursor-cli-agent) - running Cursor's CLI agent headlessly
+- [Trying Claude Code with Ollama](https://slicervm.com/blog/trying-claude-code-with-ollama) - using Claude Code with a local LLM backend
diff --git a/docs/mac/coding-agents.md b/docs/mac/coding-agents.md
@@ -4,6 +4,16 @@ You can run coding agents like [Claude Code](https://code.claude.com/docs/en/ove
 
 Running an agent inside a VM means you don't have to pass `--dangerously-skip-permissions` on your Mac. The agent gets its own kernel and filesystem, and can't touch your SSH keys, cloud credentials, or browser sessions.
 
+## `slicer workspace`: generic workspace runner
+
+`slicer workspace` is a generic command for booting a fresh VM and copying your current workspace into it. It is not limited to one specific agent binary.
+
+Use it when you want:
+
+* one-off or temporary VM environments
+* custom agent tooling that isn't covered by `slicer claude` / `slicer opencode` shortcuts
+* a reproducible workspace copy for isolated scripting or testing
+
 ## Automated agent and sandbox launches
 
 Slicer has a number of experimental commands that do the following:
@@ -15,13 +25,14 @@ Slicer has a number of experimental commands that do the following:
 
 Available agent commands:
 
+* `slicer workspace`
 * `slicer amp`
 * `slicer copilot`
 * `slicer codex`
 * `slicer claude`
 * `slicer opencode`
 
-Finally, there's another option for custom AI agents `slicer workspace`
+If your agent (for example, Pi or Hermes) is not listed above, request support in the Discord, or use `slicer workspace` and install and configure your agent via a bash script or userdata.
 
 To launch i.e. a new slicer VM for Claude:
 
@@ -123,9 +134,9 @@ share_home: "~/code/"
 
 Restart the daemon after changing this setting. The agent can only see projects under `~/code/`, not your SSH keys, cloud credentials, or dotfiles.
 
-## Run agents in sandboxes
+## Run headless agents non-interactively
 
-For one-off tasks, launch a sandbox instead of using your persistent VM:
+For one-off and automated tasks, launch a sandbox instead of using your persistent VM:
 
 ```bash
 # Launch a sandbox
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -99,16 +99,17 @@ nav:
           - Walkthrough: getting-started/walkthrough.md
           - Running in the background: getting-started/daemon.md
       - Examples:
+          - AI/LLMs:
+              - Sandboxing Coding Agents: examples/coding-agents.md
+              - Ollama with a GPU: examples/gpu-ollama.md
+              - Headless OpenCode Coding Agent: examples/opencode-agent.md
           - Kubernetes:
               - HA Kubernetes: examples/ha-k3s.md
               - Autoscaling Kubernetes: examples/autoscaling-k3s.md
               - Large scale Kubernetes: examples/large-scale-k3s.md
               - Multiple machine Kubernetes: examples/multiple-machine-k3s.md
               - K3s with a GPU: examples/k3s-gpu.md
               - OpenFaaS on K3s: examples/openfaas.md
-          - AI/LLMs:
-              - Ollama with a GPU: examples/gpu-ollama.md
-              - Headless OpenCode Coding Agent: examples/opencode-agent.md
           - Productivity:
               - Remote Docker builds over SSH: examples/buildkit.md
               - Remote VSCode: examples/remote-vscode.md
@@ -166,7 +167,7 @@ nav:
           - Sleep behavior: mac/sleep.md
           - Tray integration: mac/tray-integration.md
       - Examples:
-          - Coding agents: mac/coding-agents.md
+          - Sandboxing Coding Agents: mac/coding-agents.md
 # extra:
 #   analytics:
 #     provider: google
