From 1f44006f30805e28637de0a7db66b68e7314e348 Mon Sep 17 00:00:00 2001 From: peterschmidt85 Date: Fri, 6 Feb 2026 18:02:09 +0100 Subject: [PATCH] Update SKILL.md to standardize run name formatting and add permissions guardrail for `dstack attach` --- skills/dstack/SKILL.md | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/skills/dstack/SKILL.md b/skills/dstack/SKILL.md index 97747849f..8bad2b5c7 100644 --- a/skills/dstack/SKILL.md +++ b/skills/dstack/SKILL.md @@ -101,27 +101,29 @@ If you need to prompt for next actions, be explicit about the dstack step and co `dstack attach` runs until interrupted and blocks the terminal. **Agents must avoid indefinite blocking.** If a brief attach is needed, use a timeout to capture initial output (IDE link, SSH alias) and then detach. -Note: `dstack attach` writes SSH alias info under `~/.dstack/ssh/config` (and may update `~/.ssh/config`) to enable `ssh `, IDE connections, port forwarding, and real-time logs (`dstack attach --logs`). If the sandbox cannot write there, the alias will not be created. +Note: `dstack attach` writes SSH alias info under `~/.dstack/ssh/config` (and may update `~/.ssh/config`) to enable `ssh `, IDE connections, port forwarding, and real-time logs (`dstack attach --logs`). If the sandbox cannot write there, the alias will not be created. + +**Permissions guardrail:** If `dstack attach` fails due to sandbox permissions, request permission escalation to run it outside the sandbox. If escalation isn’t approved or attach still fails, ask the user to run `dstack attach` locally and share the IDE link/SSH alias output. **Background attach (non-blocking default for agents):** ```bash -nohup dstack attach --logs > /tmp/.attach.log 2>&1 & echo $! > /tmp/.attach.pid +nohup dstack attach --logs > /tmp/.attach.log 2>&1 & echo $! > /tmp/.attach.pid ``` Then read the output: ```bash -tail -n 50 /tmp/.attach.log +tail -n 50 /tmp/.attach.log ``` Offer live follow only if asked: ```bash -tail -f /tmp/.attach.log +tail -f /tmp/.attach.log ``` Stop the background attach (preferred): ```bash -kill "$(cat /tmp/.attach.pid)" +kill "$(cat /tmp/.attach.pid)" ``` If the PID file is missing, fall back to a specific match (avoid killing all attaches): ```bash -pkill -f "dstack attach " +pkill -f "dstack attach " ``` **Why this helps:** it keeps the attach session alive (including port forwarding) while the agent remains usable. IDE links and SSH instructions appear in the log file -- surface them and ask whether to open the link (`open ""` on macOS, `xdg-open ""` on Linux) only after explicit approval. @@ -131,7 +133,7 @@ If background attach fails in the sandbox (permissions writing `~/.dstack` or `~ **"Run something":** When the user asks to run a workload (dev environment, task, service), use `dstack apply` with the appropriate configuration. Note: `dstack run` only supports `dstack run get --json` for retrieving run details -- it cannot start workloads. -**"Connect to" or "open" a dev environment:** If a dev environment is already running, use `dstack attach --logs` (agent runs it in the background by default) to surface the IDE URL (`cursor://`, `vscode://`, etc.) and SSH alias. If sandboxed attach fails, request escalation or ask the user to run attach locally and share the link. +**"Connect to" or "open" a dev environment:** If a dev environment is already running, use `dstack attach --logs` (agent runs it in the background by default) to surface the IDE URL (`cursor://`, `vscode://`, etc.) and SSH alias. If sandboxed attach fails, request escalation or ask the user to run attach locally and share the link. ## Configuration types @@ -187,7 +189,7 @@ resources: gpu: A100:40GB:2 ``` -**Port forwarding:** When you specify `ports`, `dstack apply` forwards them to `localhost` while attached. Use `dstack attach ` to reconnect and restore port forwarding. The run name becomes an SSH alias (e.g., `ssh `) for direct access. +**Port forwarding:** When you specify `ports`, `dstack apply` forwards them to `localhost` while attached. Use `dstack attach ` to reconnect and restore port forwarding. The run name becomes an SSH alias (e.g., `ssh `) for direct access. **Distributed training:** Multi-node tasks are supported (e.g., via `nodes`) and require fleets that support inter-node communication (see `placement: cluster` in fleets). @@ -217,10 +219,10 @@ resources: ``` **Service endpoints:** -- Without gateway: `/proxy/services///` +- Without gateway: `/proxy/services/f//` - With gateway: `https://./` - Authentication: Unless `auth` is `false`, include `Authorization: Bearer ` on all service requests. -- OpenAI-compatible models: Use `service.url` from `dstack run get --json` and append `/v1` as the base URL; do **not** use deprecated `service.model.base_url` for requests. +- OpenAI-compatible models: Use `service.url` from `dstack run get --json` and append `/v1` as the base URL; do **not** use deprecated `service.model.base_url` for requests. - Example (with gateway): ```bash curl -sS -X POST "https://./v1/chat/completions" \