From bd25cced996bcfc300d8fbcc20bbd7d577684a08 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Thu, 11 Jun 2026 13:53:28 +0200 Subject: [PATCH] docs(sandboxes): document multiple --host patterns for custom secrets sbx secret set-custom --host is now repeatable, so one secret entry can cover multiple domains. Added a second example showing the multi-host form and updated the prose to reflect that the proxy matches any of the configured hosts. Co-Authored-By: Claude Sonnet 4.6 --- .../ai/sandboxes/security/credentials.md | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/content/manuals/ai/sandboxes/security/credentials.md b/content/manuals/ai/sandboxes/security/credentials.md index 644646f51c..740e3495a6 100644 --- a/content/manuals/ai/sandboxes/security/credentials.md +++ b/content/manuals/ai/sandboxes/security/credentials.md @@ -209,7 +209,7 @@ network policy. For details, see For credentials that don't fit the service-identifier model — for example, when an agent validates the environment variable format at boot, or when the credential lands in a request body rather than a header — use -`sbx secret set-custom`. The secret is keyed on a target domain, an +`sbx secret set-custom`. The secret is keyed on one or more target domains, an environment variable name, and an optional placeholder string, instead of a service identifier. @@ -220,6 +220,18 @@ $ sbx secret set-custom -g \ --value ``` +Repeat `--host` to cover multiple domains with the same secret — useful when +an API is split across related hostnames or when two unrelated endpoints share +a credential: + +```console +$ sbx secret set-custom -g \ + --host api.example.com \ + --host uploads.example.com \ + --env API_KEY \ + --value +``` + > [!WARNING] > Passing the secret as `--value ` records it in your shell history > and exposes it to other processes running as your user. Avoid pasting @@ -228,8 +240,8 @@ $ sbx secret set-custom -g \ > on the command line. Inside the sandbox, `API_KEY` is set to a generated placeholder (for example, -`sbx-cs-`). When a sandboxed process sends a request to -`api.example.com` and the placeholder appears anywhere in the request, the +`sbx-cs-`). When a sandboxed process sends a request to any of the +configured hosts and the placeholder appears anywhere in the request, the proxy replaces it with the real value. The agent never sees the real secret. Prefer the [service-based flow](#stored-secrets) whenever it's an option —