SKILL.md: tell sandbox-running agents they can install Vera

[aallan]

Summary

Observed in the wild today: a Claude.ai sandboxed instance asked to write Conway's Game of Life in Vera read SKILL.md's Installation section, concluded "Since Vera isn't available in this sandbox, I'll focus on writing a correct implementation that the user can run locally on their machine", and fell back to writing untested code. When called out it installed Vera fine.

The instructions weren't wrong — the standard git clone + pip install -e . flow works in any sandbox with Python + git + pip + outbound network (i.e. nearly all of them). The failure was the agent defaulting to "I can't run this" before trying. Direct rebuttal added as a blockquote at the end of the Installation section:

> **For agents running in a sandbox** (Claude.ai, Code Interpreter,
> container-based execution environments, etc.): the steps above
> work. Sandboxes typically have Python, `git`, `pip`, and outbound
> network access — that's all Vera needs. **Run the install commands
> and verify with `vera run examples/hello_world.vera` before
> concluding that Vera "isn't available." Don't assume the sandbox
> lacks the toolchain — try it.**
>
> One caveat: `pip install vera` (no source) installs a *different*
> package from PyPI (an ERAV citizen-science library — unrelated to
> this Vera). Always install from the GitHub source clone shown above.

The PyPI footgun is real: I verified curl pypi.org/pypi/vera/json resolves to "vera 1.0.0: Reference implementation of the ERAV data model for citizen science" — completely unrelated to us.

Test plan

• python scripts/check_skill_examples.py — 55 Vera blocks parse, 62 allowlisted, 0 failures (line-shifted allowlist auto-fixed via fix_allowlists.py --fix)
• python scripts/check_doc_counts.py — counts consistent
• python scripts/check_version_sync.py — 5 files consistent
• python scripts/build_site.py && python scripts/check_site_assets.py — docs/SKILL.md + docs/llms-full.txt regenerated, site assets up-to-date
• All pre-commit hooks pass

Notes for reviewers

Doc-only. No code changes, no version bump. CHANGELOG entry under [Unreleased] rather than bundled into v0.0.134 via another retag — we just did one of those yesterday for the broader consistency sweep, and another retag within hours for a one-paragraph fix is the kind of churn the project's release-workflow memory now flags as something to avoid.

Audience consideration: CLAUDE.md is for Claude Code (already-local dev env) and doesn't need updating. AGENTS.md "agents writing Vera code" section already points at SKILL.md for installation, so the cascade works.

🤖 Generated with Claude Code

Summary by CodeRabbit

• Documentation

  • Added sandbox installation guidance and GitHub-source install/verification notes; warned that pip install vera from PyPI is a different package
  • Expanded guidance on type-aliases over Array, failure modes, workarounds, and a codegen footgun note about non-tail-position Unit-returning calls
  • Improved runtime-trap diagnostics with labelled kinds, per-kind fixes and source backtraces

• Known Issues

  • Added entries for Array codegen break and non-tail Unit-returning call WAT generation

• Chores

  • Updated examples allowlist to align documentation and diagnostics changes

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 90.98%. Comparing base (92a2e69) to head (773f364).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #582   +/-   ##
=======================================
  Coverage   90.98%   90.98%           
=======================================
  Files          59       59           
  Lines       22884    22884           
  Branches      259      259           
=======================================
  Hits        20821    20821           
  Misses       2056     2056           
  Partials        7        7           

Flag	Coverage Δ
javascript	57.36% <ø> (ø)
python	94.82% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 5ca93a8e-5a8c-4c21-9adb-adda22322241

📥 Commits

Reviewing files that changed from the base of the PR and between 93b72ec and 773f364.

⛔ Files ignored due to path filters (2)

• docs/SKILL.md is excluded by !docs/**
• docs/llms-full.txt is excluded by !docs/**

📒 Files selected for processing (2)

• KNOWN_ISSUES.md
• SKILL.md

---

📝 Walkthrough

Walkthrough

Adds sandbox installation guidance and runtime-trap notes to documentation (SKILL.md, CHANGELOG.md, KNOWN_ISSUES.md). Updates scripts/check_skill_examples.py ALLOWLIST to match SKILL.md line shifts and new fragments; no code/APIs changed.

Changes

Documentation and Checker Alignment

Layer / File(s)	Summary
Documentation Content SKILL.md	Adds sandbox installation guidance (git clone + pip install -e .), warns that pip install vera on PyPI is a different package, adds notes about type aliases over Array<T> breaking WASM codegen (two failure modes), mid-block IO.print footgun, and enhanced runtime-trap diagnostics (kind + Fix + source backtrace).
Known Issues KNOWN_ISSUES.md	Inserts bug entries for type-alias over Array<T> breaking WASM codegen (issue #583) and @Unit-returning non-tail calls emitting invalid WAT (issue #584).
Changelog CHANGELOG.md	Adds a Documentation subsection under Unreleased documenting the sandbox installation guidance and the PyPI caveat.
Checker Configuration scripts/check_skill_examples.py	Reworks ALLOWLIST FRAGMENT coordinates (many entries moved/added), adds a new FRAGMENT for Option/Result combinator bare calls, and moves the MISMATCH placeholder from line 127 to 131 to align with SKILL.md edits.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• aallan/vera#581: Overlapping SKILL.md edits and corresponding scripts/check_skill_examples.py ALLOWLIST updates.

Suggested labels

docs, ci

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarises the primary objective: documenting sandbox installation guidance for Vera in SKILL.md. It is specific, concise, and reflects the main purpose of this documentation-only PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/skill-md-sandbox-install-affordance

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}