x07-os-run
x07-os-run
Prefer x07 run --profile os / x07 run --profile sandbox for normal execution. x07-os-runner is an internal component behind the x07 facade; its CLI is not part of the supported end-user surface.
Use this skill when you need real OS I/O (fs/net/process/time) via run-os or policy-enforced execution via run-os-sandboxed.
Canonical commands (recommended: x07 run)
-
Run the current project (unsandboxed):
x07 runx07 run --profile os
-
Run a project explicitly (unsandboxed):
x07 run --project x07.json --profile os
-
Run sandboxed (requires an explicit policy):
x07 run --project x07.json --profile sandbox --policy run-os-policy.json
-
If your program expects CLI args via
argv_v1, pass them after--andx07 runwill encode them into input bytes:x07 run --profile os -- tool --help
-
Generate a schema-valid base policy:
x07 policy init --template clix07 policy init --template http-clientx07 policy init --template web-servicex07 policy init --template fs-toolx07 policy init --template sqlite-appx07 policy init --template postgres-clientx07 policy init --template workerx07 policy init --template worker-parallel
-
Materialize a derived policy with explicit destinations (only in run-os-sandboxed):
x07 run --profile sandbox --policy .x07/policies/base/http-client.sandbox.base.policy.json --allow-host example.com:443x07 run --profile sandbox --policy .x07/policies/base/http-client.sandbox.base.policy.json --deny-host example.com:*
-
Run a single program (when not using a project manifest):
x07 run --program src/main.x07.json --module-root src
Expert backend (x07-os-runner)
x07-os-runner implements OS execution for x07 run / x07 bundle. Treat it as internal and prefer x07 commands above.
Policy
Policies are a starting point. Generate one from a template, then extend it deliberately for your app (roots, env, subprocess allowlists, limits).
For net-enabled templates, keep net.allow_hosts empty in the base policy and use x07 run --allow-host to materialize auditable derived policies for specific destinations.
Output contract
x07 runinrun-os*worlds prints anx07-os-runner.report@...JSON report to stdout (pass-through).- The underlying OS runner emits the same report shape.
In both cases:
- Use the process exit code for pass/fail.
- Parse the JSON for
schema_version,mode,world, and base64-encoded output bytes.
More from x07lang/x07-website
x07-test
Run project tests using the X07 test harness (x07 test), producing a machine-readable JSON report.
9x07-package
Manage X07 project dependencies and lockfiles for reproducible builds (lock, publish). Designed for autonomous agents.
9x07-lint-repair
Lint X07 x07AST JSON and converge via quickfixes (`x07 fix`) or explicit JSON Patch (`x07 ast apply-patch`).
9x07-bundle
Produce distributable native executables (normal CLI ABI) via `x07 bundle`.
8x07-run
Canonical execution front door for X07 programs (run-os / run-os-sandboxed), producing runner reports.
2x07-language-guide
Canonical X07 language + stdlib reference (mirrors `x07 guide` output) for end-user skill packs.
2