Daytona

Archive a stopped sandbox to reduce storage costs. The sandbox must be stopped first (use stop_sandbox). Can be started again later, though startup takes longer than from stopped state.

Configure auto-stop, auto-archive, and/or auto-delete intervals. Only provided values are updated. WARNING: auto_delete_minutes=0 means immediate deletion upon stop -- use -1 to disable.

Create a folder (with parent directories) in the sandbox.

Create a new isolated sandbox for code execution. Two creation modes: from a Daytona snapshot or from a Docker image. If neither snapshot nor image is specified, uses the standard base image. Resource params (cpu, memory_gb, disk_gb, gpu) only apply to image-based creation. Returns sandbox name, ID, and status. Ready for run_code / run_command immediately. Note: A ``region`` parameter is deferred -- the Daytona SDK's ``CreateSandboxFromImageParams`` / ``CreateSandboxFromSnapshotParams`` do not currently expose a ``target``/``region`` field.

Create a persistent background session for long-running processes. Sessions persist across tool calls -- useful for dev servers, watchers, or multi-step workflows where you need to run commands sequentially.

Create a new sandbox snapshot (image template). Snapshots define the base environment for new sandboxes. The image parameter is required -- it specifies the base Docker image. Note: snapshot creation can take several minutes as the image must be built.

Create SSH access credentials for the sandbox. Returns connection details including host, port, username, and access token for direct SSH access. Use the token to authenticate SSH connections. SENSITIVE OUTPUT: The returned token grants SSH access to the sandbox. Avoid logging or displaying it in contexts where it could be inadvertently exposed. The token expires after ``expires_in_minutes`` (default 60 min). Set ``expires_in_minutes=0`` to create a non-expiring token (use with caution -- increases blast radius from accidental exposure).

Delete a file or empty directory. Set recursive=True to delete non-empty directories.

Permanently delete a sandbox and all its contents.

Search for files by name pattern (glob). Returns matching file paths. Response includes total count and has_more flag for pagination.

Get metadata about a file: size, permissions, modified time, type.

Get a preview URL for a web service running in the sandbox. Standard URLs require an auth token in the x-daytona-preview-token header. Signed URLs embed authentication in the URL itself -- useful for sharing.

Get detailed information about a sandbox. Returns state, resources, labels, auto-stop/archive settings, and timestamps. Environment variable values whose keys look secret-like (containing token, key, secret, password, auth) are redacted by default. Set include_raw_env_vars=True only when you need the actual values.

Get output logs from a command running in a session. Useful for checking output of async commands (servers, builds).

Get detailed information about a snapshot. Accepts a snapshot name or ID. Returns full details including state, image, resources, entrypoint, and timestamps.

Stage files for the next commit. Accepts file paths or '.' for all changes.

List all branches. Indicates which branch is currently checked out.

Switch to a branch, tag, or commit. Optionally create a new branch. Default mode (create_new_branch=False): switches to an existing ref. Create mode (create_new_branch=True): creates a new branch named ref and switches to it, optionally from start_point.

Clone a Git repository into the sandbox. For GitHub repos, authentication is handled automatically via Arcade's OAuth integration — the user is prompted to authorize once, and the token is managed by Arcade Engine. Consent is one-time; token refresh is automatic. Permission requirements by auth mode: - OAuth Apps mode: the "repo" scope is requested (full repo access). - GitHub Apps mode: the app installation must have "Contents: read" permission (for clone/pull) or "Contents: read & write" (for clone followed by push). For non-GitHub private repos, provide username + PAT as overrides.

Commit staged changes. Requires files to be staged first with git_add.

Create a new branch and switch to it. Equivalent to git_checkout(ref=branch, create_new_branch=True, start_point=...).

Delete a local branch.

Get commit history. Returns commit hash, author, date, and message.

Pull latest changes from the remote repository. For GitHub repos, authentication is automatic via OAuth. The SDK path is used by default. Shell fallback is used only when an explicit branch is requested. For non-GitHub remotes, credentials must have been provided during git_clone or configured manually in the sandbox.

Push local commits to the remote repository. For GitHub repos, authentication is automatic via OAuth. The SDK path is used by default (no token in command args). Shell fallback is used only when force or explicit branch is requested. For non-GitHub remotes, credentials must have been provided during git_clone or configured manually in the sandbox.

Get repository status: branch, staged/modified/untracked files, ahead/behind counts.

List files and directories. Returns name, type (file/dir), and size. Response includes total count and has_more flag for pagination.

List active ports in the sandbox. Returns port number, state, and name for each active port. Use this to discover running services before calling get_port_preview_url.

List available regions for sandbox creation. Returns region ID, name, and location (country, city). Useful for choosing where to create sandboxes or snapshots.

List sandboxes with optional filtering. Returns concise summary: name, state, created time, resources. Response includes total count, current page, and total_pages for pagination.

List all active sessions in a sandbox with their status and recent commands. Result set is expected to be small (typically < 10); no pagination.

List available snapshots with their status and creation date. Returns snapshot name, state, image, and resource defaults. Response includes total count, current page, and total_pages for pagination.

Move or rename a file or directory.

Read file contents from the sandbox. For large files, use start_line and end_line to read specific sections. Omit both to read the entire file. Known limitation: the full file is downloaded before line-range slicing is applied. For very large files this may be slow. The Daytona SDK does not currently expose range/chunk reads.

Find and replace text across multiple files. Accepts explicit file paths and glob patterns. Glob patterns are expanded in the tool layer before passing concrete paths to the SDK. Returns per-file success/error status and count of files modified.

Resize sandbox resources. At least one param required. CPU and memory can increase while running; disk changes require a stopped sandbox. Disk can never decrease. GPU cannot be resized -- it is set at creation only.

Execute code directly in the sandbox. No shell escaping needed -- code is passed directly to the interpreter. The language is determined by the sandbox's configured language at creation time. Returns output, exit code, and any generated charts as metadata. Note: Stateful execution via ``context_id`` is deferred to P1. The SDK supports ``code_interpreter.run_code(context=...)`` but it requires separate integration testing.

Execute a shell command in the sandbox. Use for installing packages, running scripts, or system operations. For direct code execution, prefer run_code.

Execute a command inside an existing session. For long-running commands (servers, watchers), set async_exec=True and check output later with get_session_command_logs. When async_exec=True the command is queued/running in the background. The response will include ``status`` = "running" and ``exit_code`` will only be present if the backend already reports one. Do NOT assume exit_code=0 means the command succeeded -- it may still be running.

Search file contents for a text pattern. Shell-backed using grep. Returns matching files with line numbers (up to 50 matches per file). Use context_lines > 0 to include surrounding lines for each match. Supports basic regex syntax.

Send input to a running interactive command in a session. Useful for commands that prompt for input (e.g., confirmation prompts). A newline is automatically appended to the input.

Replace all labels on a sandbox. Useful for tagging and filtering.

Start a stopped or archived sandbox. Returns updated sandbox info.

Stop a running sandbox, preserving its state for later restart.

Get the authenticated user's profile. Returns the user ID, name, and email associated with the current API key. Useful for confirming connectivity and identifying the API key owner.

Write content to a file in the sandbox. Creates the file and parent dirs if needed.