environment

NAME

environment — SLICC runtime constraints and workarounds

DESCRIPTION

SLICC is a browser-native AI agent runtime. Your shell, filesystem, and network all run inside a browser tab. Most Unix tools work exactly as expected — but some things are different from a regular Linux box. This page explains what you have, what's missing, and how to work around each constraint.

The short version: you have more than you think. 150+ commands, full scripting, browser automation, and a persistent filesystem. The gaps are narrow and each has a workaround.

WHAT YOU HAVE

SLICC ships a complete shell environment. Power tools available out of the box:

• git — full version control (clone, commit, push, pull, diff)
• node / python3 — execute JavaScript or Python inline or from files
• sqlite3 — full SQL database engine
• playwright-cli — browser automation (navigate, click, fill, screenshot, eval JS in page context)
• curl / html-to-markdown — HTTP requests and web page fetching
• grep, rg, sed, awk, jq, find — text processing and search
• convert / magick — ImageMagick for image processing
• pdftk — PDF manipulation (merge, split, rotate, extract)
• zip / unzip — archive handling
• rsync — sync files between local VFS and remote tray runtimes
• oauth-token — get OAuth access tokens for configured providers

Run commands for the full list. Run <cmd> --help for usage on any command.

FETCH AND CURL

All HTTP requests route through the browser's Fetch API via a proxy layer. This means:

• Cookie headers are silently stripped by the browser on outbound requests (they're "forbidden headers"). The proxy encodes them as X-Proxy-Cookie and restores them server-side, but this only works in CLI mode.
• Origin is always localhost. You cannot spoof Origin headers from the browser context.
• Authorization: Bearer and X-API-Key work fine. Token-based APIs behave normally.

Workaround for cookie-based APIs:

# Use playwright-cli to eval fetch from within an authenticated page context
playwright-cli eval --tab=<id> "await fetch('/api/data').then(r => r.json())"

This executes the request as the logged-in user with full cookies, since it runs inside the page's own origin.

NO PACKAGE MANAGERS

There is no apt, npm install, or pip install. Tools are built into the runtime. You cannot download or compile new binaries.

Workaround:

• Check commands — the tool you need may already exist under a different name.
• Use upskill search "<query>" to find a skill that provides the capability.
• Use upskill clawhub:<name> or upskill owner/repo to install skills from ClawHub or GitHub.
• Write a .jsh script — it becomes a shell command automatically via auto-discovery.
• For JavaScript libraries, inline them in your script or fetch them at runtime with curl.

NO LONG-RUNNING SERVERS

You cannot start Express, nginx, or any persistent HTTP server. There is no localhost port binding. Background processes do not persist.

Workaround:

• serve <dir> — opens a VFS directory in a browser tab via the preview service worker. Supports --entry and --project flags for framework-style routing.
• open <path> — opens a single file in a browser tab.
• These work instantly with no port binding — the service worker intercepts requests and serves files directly from VFS.

FILE SYSTEM

The filesystem is a VFS (virtual filesystem) backed by IndexedDB/OPFS. It lives in the browser and persists across sessions, tab closes, and refreshes.

• Standard operations work: cat, ls, cp, mv, rm, mkdir, find, ln -s
• Symlinks are fully supported and followed transparently by all commands.
• Mounts bridge external storage (local directories, cloud drives) into VFS. Use mount /mnt/myproject to connect, then access files normally.
• Mount over empty paths only — mounting over existing files is blocked to protect built-in scripts.

VIEWING

You (the agent) cannot see browser tabs directly. Use these patterns:

Workflow to verify a page you served:

serve /workspace/app                                    # opens tab (human sees it)
playwright-cli tab-list                                 # find tab by URL, note targetId
playwright-cli snapshot --tab=<id>                      # get accessible text
playwright-cli screenshot --tab=<id> --filename=/tmp/s.png
open --view /tmp/s.png                                  # now you can see it

AUDIO

• say "hello" — text-to-speech via the browser's Speech Synthesis API
• afplay <file> — play an audio file (mp3, wav, ogg, etc.)
• chime — play a notification sound

IMAGES

• convert / magick — ImageMagick (WASM) for resize, crop, format conversion, compositing
• open --view <path> — view the result inline (PNG, JPEG, GIF, WebP, SVG)
• imgcat <path> — display image in terminal preview (human only)

SCREENCAPTURE

The screencapture command uses the browser's Screen Capture API (getDisplayMedia). It requires the user to grant screen sharing permission via a browser prompt.

• On macOS, the browser itself may need Screen Recording permission in System Settings → Privacy & Security. A browser restart is sometimes required after granting.
• Use screencapture --view <file> to capture and return the image inline.
• Use screencapture -c to capture directly to clipboard.

NETWORK

• curl — standard HTTP requests (GET, POST, PUT, DELETE, headers, bodies). Routes through the fetch proxy with full CORS bypass.
• html-to-markdown <url> — fetch a web page and convert to readable markdown.
• playwright-cli — for sites requiring authentication, JavaScript rendering, or multi-step interaction.
• teleport — transfer browser cookies from a remote tray runtime (useful for authenticated API access).
• WebSocket and streaming responses are not supported through the fetch proxy.

CLIPBOARD

• pbcopy / pbpaste — macOS-style clipboard access
• xclip / xsel — Linux-style clipboard access (same underlying API)

QUICK REFERENCE

SEE ALSO

man capabilities, commands, man mount, man serve, open --help, man playwright-cli