Sandbox Authentication

Pass a workspace or repo token to sandboxed environments via the GITHOSTED_TOKEN environment variable. The SDK auto-reads it.

Quickstart

# Your orchestrator code
from githosted import Client

client = Client()
token = "gw_your_workspace_token"  # or create a scoped repo token

# Pass to your sandbox platform
sandbox.create(env_vars={"GITHOSTED_TOKEN": token})

Inside the sandbox:

from githosted import Client

# Auto-reads GITHOSTED_TOKEN from env — no config needed
client = Client()
repo = client.repo("my-project")
files = repo.ls("/")

Platform Examples

Modal

import modal

sandbox = modal.Sandbox.create(
    secrets=[modal.Secret.from_dict({"GITHOSTED_TOKEN": "gw_xxx"})],
    image=modal.Image.debian_slim().pip_install("githosted"),
)

Vercel AI SDK

const sandbox = await Sandbox.create({
  env: { GITHOSTED_TOKEN: "gw_xxx" },
});

Daytona

sandbox = daytona.create(env_vars={"GITHOSTED_TOKEN": "gw_xxx"})

Least-Privilege Tokens

For sandboxes, prefer repo-scoped tokens (gr_) over workspace tokens (gw_). If a sandbox is compromised, the attacker gets access to only the specific repos you scoped — not your entire workspace.

Repo tokens can be created via the API with a short TTL:

from githosted import Client

client = Client()  # workspace token (gw_)

# Create a 2-hour read-write token scoped to one repo
result = client.create_token(
    "sandbox-run-42",
    kind="repo",
    permission="write",
    repo_allowlist=["my-repo"],
    ttl_hours=2,
)

sandbox.create(env_vars={"GITHOSTED_TOKEN": result.token})

Next Steps

• Authentication
• Getting Started