diff --git a/advanced/security-model.mdx b/advanced/security-model.mdx index 71c7dcb..3e302a2 100644 --- a/advanced/security-model.mdx +++ b/advanced/security-model.mdx @@ -110,6 +110,7 @@ NanoClaw delegates all credential management to the OneCLI Agent Vault: - The vault intercepts HTTPS traffic and injects registered secrets - Each agent group receives a unique `agentIdentifier` for per-group credential scoping - `ONECLI_URL` (default `http://localhost:10254`) configures the vault address +- The `onecli-gateway` container skill (shipped with `@onecli-sh/sdk`) is mounted into every container alongside the other container skills, instructing the agent to call APIs through the proxy and to surface a `connect_url` to the user on `app_not_connected` errors instead of asking for raw credentials **Not mounted:** diff --git a/concepts/security.mdx b/concepts/security.mdx index 064d9e2..fcd8dc5 100644 --- a/concepts/security.mdx +++ b/concepts/security.mdx @@ -157,6 +157,7 @@ NanoClaw uses the [OneCLI](https://github.com/onecli/onecli) Agent Vault for cen - Secrets are registered once via `onecli secrets create` - Each non-main agent group gets its own OneCLI agent identifier for per-group credential scoping - The `@onecli-sh/sdk` package's `applyContainerConfig()` configures container networking +- The `onecli-gateway` container skill teaches the agent how to call APIs through the proxy, handle `401`/`403`/`app_not_connected` errors with a connect link, and never ask for raw credentials - If the vault is unreachable, the container starts with no credentials and logs a warning diff --git a/integrations/skills-system.mdx b/integrations/skills-system.mdx index b1df7e7..c273121 100644 --- a/integrations/skills-system.mdx +++ b/integrations/skills-system.mdx @@ -91,9 +91,10 @@ The channel fork architecture keeps the upstream `main` branch minimal. Core Nan - Live in `.claude/skills/` on `main` **Container skills** (synced into every container): -- `/agent-browser`, `/capabilities`, `/slack-formatting`, `/status` +- `/onecli-gateway`, `/agent-browser`, `/capabilities`, `/slack-formatting`, `/status` - Live in `container/skills/` and are synced to each group's `.claude/skills/` directory - Available to the agent running inside the container +- `/onecli-gateway` is shipped by `@onecli-sh/sdk` and teaches the agent how the credential proxy works (how to call any API directly, how to handle 401/403 and `app_not_connected` errors, never to ask the user for raw credentials) - Some are restricted to the main channel (e.g., `/capabilities` and `/status` check for the `/workspace/project` mount) ## Applying a skill