This page describes behavior expected from compatibility wrappers in wrappers/.
- Wrappers expose familiar command names/flags.
- Wrappers do not call host capability directly inside container.
- Wrappers call Portal methods via Unix socket.
- Wrappers forward output as tool-compatible stdout/stderr.
- Wrapper process exit code matches operation result semantics.
AGENT_PORTAL_SOCKETenvironment variable~/.agent-box.toml->[portal].socket_path- Built-in default
/run/user/<uid>/agent-portal/portal.sock
--list-typesreturns a single available image MIME type selected by portal policy.--type <mime> --no-newlinewrites raw image bytes.- If requested MIME does not match available MIME, wrapper errors.
- Forwards argv as
gh.execrequest payload. - Includes a human-readable
reasonstring for prompt/audit context. - Does not prompt in-container.
- Prints portal-returned stdout/stderr and exits with portal-returned exit code.
- Policy decisions and prompts are enforced by
agent-portal-host. - Host service resolves the host-native
ghbinary to avoid wrapper recursion. - Clipboard reads are handled directly in-process via the Wayland clipboard crate.
Current request/response protocol version field is 1.