Merge pull request #2479 from dgageot/board/verify-github-issues-on-docker-agent-246-5d060e7a

docs: fix doc-code divergences reported in #2464

Author: dgageot

agent-schema.json

@@ -2,7 +2,7 @@
   "$schema": "http://json-schema.org/draft-07/schema#",
   "$id": "https://github.com/docker/docker-agent/blob/main/agent-schema.json",
   "title": "Docker Agent Configuration",
-  "description": "Configuration schema for Docker Agent v7",
+  "description": "Configuration schema for Docker Agent v8",
   "type": "object",
   "properties": {
     "version": {
@@ -16,7 +16,8 @@
         "4",
         "5",
         "6",
-        "7"
+        "7",
+        "8"
       ],
       "examples": [
         "0",
@@ -26,7 +27,8 @@
         "4",
         "5",
         "6",
-        "7"
+        "7",
+        "8"
       ]
     },
     "providers": {

docs/concepts/agents/index.md

@@ -57,7 +57,7 @@ Every docker-agent configuration has a **root agent** — the entry point that r
 | `add_environment_info` | boolean | ✗        | Include OS, working directory, git info in context             |
 | `max_iterations`       | int     | ✗        | Max tool-calling loops (default: unlimited)                    |
 | `commands`             | object  | ✗        | Named prompts callable via `/command`                          |
-| `skills`               | boolean | ✗        | Enable skill discovery and loading                             |
+| `skills`               | boolean \| list | ✗    | Enable skill discovery and loading. `true` = `["local"]`; list values may combine `"local"` with remote skill-server URLs. |
 
 ## Model Fallbacks
 

docs/concepts/models/index.md

@@ -45,15 +45,21 @@ Named models let you configure temperature, token limits, thinking budgets, and
 
 ## Supported Providers
 
-| Provider            | Key              | Example Models                       | API Key Env Var     |
-| ------------------- | ---------------- | ------------------------------------ | ------------------- |
-| OpenAI              | `openai`         | gpt-4o, gpt-5, gpt-5-mini            | `OPENAI_API_KEY`    |
-| Anthropic           | `anthropic`      | claude-sonnet-4-0, claude-sonnet-4-5 | `ANTHROPIC_API_KEY` |
-| Google              | `google`         | gemini-2.5-flash, gemini-3-pro       | `GOOGLE_API_KEY`    |
-| AWS Bedrock         | `amazon-bedrock` | Claude, Nova, Llama models           | AWS credentials     |
-| Docker Model Runner | `dmr`            | ai/qwen3, ai/llama3.2                | None (local)        |
-| Mistral             | `mistral`        | Mistral models                       | `MISTRAL_API_KEY`   |
-| xAI                 | `xai`            | Grok models                          | `XAI_API_KEY`       |
+| Provider            | Key              | Example Models                       | API Key Env Var                     |
+| ------------------- | ---------------- | ------------------------------------ | ----------------------------------- |
+| OpenAI              | `openai`         | gpt-4o, gpt-5, gpt-5-mini            | `OPENAI_API_KEY`                    |
+| Anthropic           | `anthropic`      | claude-sonnet-4-0, claude-sonnet-4-5 | `ANTHROPIC_API_KEY`                 |
+| Google              | `google`         | gemini-2.5-flash, gemini-3-pro       | `GOOGLE_API_KEY` / `GEMINI_API_KEY` |
+| AWS Bedrock         | `amazon-bedrock` | Claude, Nova, Llama models           | AWS credentials                     |
+| Docker Model Runner | `dmr`            | ai/qwen3, ai/llama3.2                | None (local)                        |
+| Mistral             | `mistral`        | Mistral models                       | `MISTRAL_API_KEY`                   |
+| xAI                 | `xai`            | Grok models                          | `XAI_API_KEY`                       |
+| Nebius              | `nebius`         | Open-source and specialised models   | `NEBIUS_API_KEY`                    |
+| MiniMax             | `minimax`        | MiniMax models                       | `MINIMAX_API_KEY`                   |
+| Requesty            | `requesty`       | Multi-provider gateway               | `REQUESTY_API_KEY`                  |
+| Azure OpenAI        | `azure`          | gpt-4o, gpt-5 on Azure               | `AZURE_OPENAI_API_KEY` + `base_url` |
+| Ollama              | `ollama`         | Any local Ollama model               | None (local; optional `base_url`)   |
+| GitHub Copilot      | `github-copilot` | Copilot-hosted OpenAI/Anthropic      | GitHub CLI auth (`gh auth login`)   |
 
 See the [Model Providers]({{ '/providers/overview/' | relative_url }}) section for detailed configuration guides.
 

docs/concepts/tools/index.md

@@ -30,18 +30,22 @@ docker-agent ships with several built-in tools that require no external dependen
 | Tool | Description |
 | --- | --- |
 | [Filesystem]({{ '/tools/filesystem/' | relative_url }}) | Read, write, list, search, and navigate files and directories |
-| [Shell]({{ '/tools/shell/' | relative_url }}) | Execute arbitrary shell commands in the user's environment |
+| [Shell]({{ '/tools/shell/' | relative_url }}) | Execute synchronous and background shell commands |
 | [Think]({{ '/tools/think/' | relative_url }}) | Step-by-step reasoning scratchpad for planning and decision-making |
 | [Todo]({{ '/tools/todo/' | relative_url }}) | Task list management for complex multi-step workflows |
+| [Tasks]({{ '/tools/tasks/' | relative_url }}) | Persistent task database shared across sessions |
 | [Memory]({{ '/tools/memory/' | relative_url }}) | Persistent key-value storage backed by SQLite |
-| [Fetch]({{ '/tools/fetch/' | relative_url }}) | Make HTTP requests to external APIs and web services |
+| [Fetch]({{ '/tools/fetch/' | relative_url }}) | Read content from HTTP/HTTPS URLs (GET only) |
 | [Script]({{ '/tools/script/' | relative_url }}) | Define custom shell scripts as named tools |
 | [LSP]({{ '/tools/lsp/' | relative_url }}) | Connect to Language Server Protocol servers for code intelligence |
 | [API]({{ '/tools/api/' | relative_url }}) | Create custom tools that call HTTP APIs without writing code |
+| [OpenAPI]({{ '/tools/openapi/' | relative_url }}) | Generate tools from an OpenAPI 3.x document |
+| [RAG]({{ '/features/rag/' | relative_url }}) | Retrieval-augmented generation over indexed sources |
+| [Model Picker]({{ '/tools/model-picker/' | relative_url }}) | Let the agent pick between several models per turn |
 | [User Prompt]({{ '/tools/user-prompt/' | relative_url }}) | Ask users questions and collect interactive input |
 | [Transfer Task]({{ '/tools/transfer-task/' | relative_url }}) | Delegate tasks to sub-agents (auto-enabled with `sub_agents`) |
 | [Background Agents]({{ '/tools/background-agents/' | relative_url }}) | Dispatch work to sub-agents concurrently |
-| [Handoff]({{ '/tools/handoff/' | relative_url }}) | Delegate tasks to remote agents via A2A |
+| [Handoff]({{ '/tools/handoff/' | relative_url }}) | Hand the conversation off to another local agent in the same config (auto-enabled with `handoffs:`) |
 | [A2A]({{ '/tools/a2a/' | relative_url }}) | Connect to remote agents via the Agent-to-Agent protocol |
 
 ## MCP Tools

docs/configuration/agents/index.md

@@ -18,8 +18,7 @@ agents:
     description: string # Required: what this agent does
     instruction: string # Required: system prompt
     sub_agents: [list] # Optional: local or external sub-agent references
-    toolsets: [list] # Optional: tool configurations
-    rag: [list] # Optional: RAG source references
+    toolsets: [list] # Optional: tool configurations (use `type: rag` for RAG sources)
     fallback: # Optional: fallback config
       models: [list]
       retries: 2

docs/configuration/models/index.md

@@ -14,7 +14,10 @@ _Complete reference for defining models with providers, parameters, and reasonin
 ```yaml
 models:
   model_name:
-    provider: string # Required: openai, anthropic, google, amazon-bedrock, dmr
+    provider: string # Required. One of: openai, anthropic, google, amazon-bedrock,
+                     # dmr, mistral, xai, nebius, minimax, requesty, azure, ollama,
+                     # github-copilot, or a named provider defined under the top-level
+                     # `providers:` section.
     model: string # Required: model identifier
     temperature: float # Optional: 0.0–1.0
     max_tokens: integer # Optional: response length limit
@@ -65,7 +68,7 @@ models:
   gpt:
     provider: openai
     model: gpt-5-mini
-    thinking_budget: low # minimal | low | medium | high
+    thinking_budget: low # minimal | low | medium | high | xhigh | max | adaptive/<level>
 ```
 
 ### Anthropic
@@ -101,7 +104,7 @@ models:
   gemini3:
     provider: google
     model: gemini-3-flash
-    thinking_budget: medium # minimal | low | medium | high
+    thinking_budget: medium # minimal | low | medium | high | xhigh | max | adaptive/<level>
 ```
 
 ### Disabling Thinking

docs/configuration/overview/index.md

@@ -14,7 +14,7 @@ A docker-agent YAML config has these main sections:
 
 ```bash
 # 1. Version — configuration schema version (optional but recommended)
-version: 6
+version: 8
 
 # 2. Metadata — optional agent metadata for distribution
 metadata:
@@ -46,14 +46,21 @@ rag:
       - type: chunked-embeddings
         model: openai/text-embedding-3-small
 
-# 6. Providers — optional reusable provider definitions
+# 6. MCPs — reusable MCP server definitions (optional)
+mcps:
+  github:
+    remote:
+      url: https://api.githubcopilot.com/mcp
+      transport_type: sse
+
+# 7. Providers — optional reusable provider definitions
 providers:
   my_provider:
     provider: anthropic  # or openai (default), google, amazon-bedrock, etc.
     token_key: MY_API_KEY
     max_tokens: 16384
 
-# 7. Permissions — agent-level tool permission rules (optional)
+# 8. Permissions — agent-level tool permission rules (optional)
 #    For user-wide global permissions, see ~/.config/cagent/config.yaml
 permissions:
   allow: ["read_*"]
@@ -181,10 +188,10 @@ For editor autocompletion and validation, use the [Docker Agent JSON Schema](htt
 
 ## Config Versioning
 
-docker-agent configs are versioned. The current version is `5`. Add the version at the top of your config:
+docker-agent configs are versioned. The current version is `8`. Add the version at the top of your config:
 
 ```yaml
-version: 5
+version: 8
 
 agents:
   root:
@@ -218,6 +225,32 @@ metadata:
 
 See [Agent Distribution]({{ '/concepts/distribution/' | relative_url }}) for publishing agents to registries.
 
+## Reusable MCP Servers (`mcps:`)
+
+The top-level `mcps:` section defines named MCP server configurations that agents can reference with `toolsets: [{type: mcp, ref: <name>}]`. This avoids repeating the same command / URL / headers across agents and keeps credentials in one place.
+
+```yaml
+mcps:
+  github:
+    remote:
+      url: https://api.githubcopilot.com/mcp
+      transport_type: sse
+  playwright:
+    command: npx
+    args: ["-y", "@modelcontextprotocol/server-playwright"]
+
+agents:
+  root:
+    model: openai/gpt-4o
+    toolsets:
+      - type: mcp
+        ref: github        # reuse the definition above
+      - type: mcp
+        ref: playwright
+```
+
+An `mcps` entry accepts every field a regular `type: mcp` toolset accepts (command/args/env, `remote` with `url`/`transport_type`/`headers`/`oauth`, `tools` filter, `instruction`, `defer`, …) — the `type: mcp` is implicit. See the [Tool Config]({{ '/configuration/tools/' | relative_url }}) page for all options and the [Remote MCP Servers]({{ '/features/remote-mcp/' | relative_url }}) guide for remote setups.
+
 ## Custom Providers Section
 
 Define reusable provider configurations with shared defaults. Providers can wrap any provider type — not just OpenAI-compatible endpoints:

docs/configuration/permissions/index.md

@@ -46,13 +46,20 @@ permissions:
     - "read_*" # Glob patterns
     - "shell:cmd=ls*" # With argument matching
 
+  # Always ask before running these tools, even if an allow pattern would match
+  ask:
+    - "shell:cmd=git push*"
+    - "write_file:path=/home/user/important/*"
+
   # Block these tools entirely
   deny:
     - "shell:cmd=sudo*"
     - "shell:cmd=rm*-rf*"
     - "dangerous_tool"
 ```
 
+The three lists are evaluated in order `deny` → `allow` → `ask`, so an `ask:` entry lets you add a confirmation layer on top of an otherwise-allowed tool.
+
 ## Global Permissions
 
 Global permissions let you enforce rules across **all** agents, regardless of which agent config you run. Define them in your user config file:

docs/configuration/sandbox/index.md

@@ -1,21 +1,23 @@
 ---
 title: "Sandbox Mode"
-description: "Run agents in an isolated Docker container for enhanced security."
+description: "Run agents in an isolated Docker sandbox VM for enhanced security."
 permalink: /configuration/sandbox/
 ---
 
 # Sandbox Mode
 
-_Run agents in an isolated Docker container for enhanced security._
+_Run agents in an isolated Docker sandbox VM for enhanced security._
 
 ## Overview
 
-Sandbox mode runs the entire agent inside a Docker container instead of directly on the host system. This provides an additional layer of isolation, limiting the potential impact of unintended or malicious commands.
+Sandbox mode runs the entire agent inside a disposable sandbox VM instead of directly on the host system. All shell, filesystem, and process activity happens inside that VM, so a misbehaving agent cannot touch files outside the mounted working directory or reach long-lived host state.
+
+The backend is provided by the [`docker sandbox`](https://docs.docker.com/desktop/features/sandbox/) CLI plugin (ships with Docker Desktop) or the standalone [`sbx`](https://github.com/docker/sbx) CLI if it is on `PATH`.
 
 <div class="callout callout-info" markdown="1">
 <div class="callout-title">ℹ️ Requirements
 </div>
-  <p>Sandbox mode requires Docker to be installed and running on the host system.</p>
+  <p>Sandbox mode requires Docker Desktop with sandbox support (or a working <code>sbx</code> CLI). docker-agent shells out to these tools, it does not start raw <code>docker run</code> containers.</p>
 
 </div>
 
@@ -27,7 +29,23 @@ Enable sandbox mode with the `--sandbox` flag on the `docker agent run` command:
 docker agent run --sandbox agent.yaml
 ```
 
-This runs the agent inside a Docker container with the current working directory mounted.
+docker-agent launches a sandbox VM, copies itself into it, mounts the current working directory, and re-runs the agent from inside.
+
+## Flags
+
+| Flag          | Default                                      | Description                                                                                               |
+| ------------- | -------------------------------------------- | --------------------------------------------------------------------------------------------------------- |
+| `--sandbox`   | `false`                                      | Enable sandbox mode.                                                                                      |
+| `--template`  | `docker/sandbox-templates:docker-agent`      | OCI image used as the sandbox template. Passed to `docker sandbox create -t` / `sbx create -t`.           |
+| `--sbx`       | `true`                                       | Prefer the `sbx` CLI backend when it is available. Set `--sbx=false` to always use `docker sandbox`.      |
+
+```bash
+# Use a custom template image
+docker agent run --sandbox --template myorg/custom-agent-template:latest agent.yaml
+
+# Force the docker sandbox backend even if sbx is on PATH
+docker agent run --sandbox --sbx=false agent.yaml
+```
 
 ## Example
 
@@ -48,15 +66,18 @@ docker agent run --sandbox agent.yaml
 
 ## How It Works
 
-1. When `--sandbox` is specified, docker-agent launches a Docker container
-2. The current working directory is mounted into the container
-3. All agent tools (shell, filesystem, etc.) operate inside the container
-4. When the session ends, the container is automatically stopped and removed
+1. `--sandbox` tells docker-agent to prefer the `sbx` CLI (if available and `--sbx` is true), otherwise it falls back to `docker sandbox`.
+2. A new sandbox VM is created from the image passed via `--template`.
+3. The current working directory is mounted into the VM; the agent binary is copied in.
+4. All tools (shell, filesystem, background jobs, etc.) run inside the VM.
+5. When the session ends, the sandbox VM is stopped and removed.
 
 <div class="callout callout-warning" markdown="1">
 <div class="callout-title">⚠️ Limitations
 </div>
 
-- Container starts fresh each session (no persistence between sessions)
+- Sandbox VMs start fresh each session (no persistence between sessions).
+- Only the working directory is mounted; files outside it are not visible to the agent.
+- Network egress is constrained by the sandbox backend's policy.
 
-</div>
+</div>

docs/configuration/tools/index.md

@@ -15,18 +15,22 @@ Built-in tools are included with docker-agent and require no external dependenci
 | Type | Description | Page |
 | --- | --- | --- |
 | `filesystem` | Read, write, list, search, navigate | [Filesystem]({{ '/tools/filesystem/' | relative_url }}) |
-| `shell` | Execute shell commands | [Shell]({{ '/tools/shell/' | relative_url }}) |
+| `shell` | Execute shell commands (sync + background jobs) | [Shell]({{ '/tools/shell/' | relative_url }}) |
 | `think` | Reasoning scratchpad | [Think]({{ '/tools/think/' | relative_url }}) |
 | `todo` | Task list management | [Todo]({{ '/tools/todo/' | relative_url }}) |
+| `tasks` | Persistent task database shared across sessions | [Tasks]({{ '/tools/tasks/' | relative_url }}) |
 | `memory` | Persistent key-value storage (SQLite) | [Memory]({{ '/tools/memory/' | relative_url }}) |
-| `fetch` | HTTP requests | [Fetch]({{ '/tools/fetch/' | relative_url }}) |
+| `fetch` | HTTP `GET` requests with text/markdown/html output | [Fetch]({{ '/tools/fetch/' | relative_url }}) |
 | `script` | Custom shell scripts as tools | [Script]({{ '/tools/script/' | relative_url }}) |
 | `lsp` | Language Server Protocol integration | [LSP]({{ '/tools/lsp/' | relative_url }}) |
 | `api` | Custom HTTP API tools | [API]({{ '/tools/api/' | relative_url }}) |
+| `openapi` | Import every operation of an OpenAPI 3.x document as tools | [OpenAPI]({{ '/tools/openapi/' | relative_url }}) |
+| `rag` | Retrieval-augmented generation over indexed sources | [RAG]({{ '/features/rag/' | relative_url }}) |
+| `model_picker` | Let the agent pick between several models per turn | [Model Picker]({{ '/tools/model-picker/' | relative_url }}) |
 | `user_prompt` | Interactive user input | [User Prompt]({{ '/tools/user-prompt/' | relative_url }}) |
 | `transfer_task` | Delegate to sub-agents (auto-enabled) | [Transfer Task]({{ '/tools/transfer-task/' | relative_url }}) |
 | `background_agents` | Parallel sub-agent dispatch | [Background Agents]({{ '/tools/background-agents/' | relative_url }}) |
-| `handoff` | A2A remote agent delegation | [Handoff]({{ '/tools/handoff/' | relative_url }}) |
+| `handoff` | Local conversation handoff to another agent in the same config (auto-enabled by `handoffs:`) | [Handoff]({{ '/tools/handoff/' | relative_url }}) |
 | `a2a` | A2A remote agent connection | [A2A]({{ '/tools/a2a/' | relative_url }}) |
 
 **Example:**