fix: v2 container killed prematurely + IS_SANDBOX for Claude Docker + subscription auth merge

[devin-ai-integration]

Summary

Two critical fixes for v2 (SWE-Lancer) Docker benchmark execution, plus a merge of the subscription-based authentication feature (PR #90).

1. Container destroyed mid-execution (exercise.ts)

runV2Docker() used return this.runV2Task(...) inside a try/finally block. In async functions, bare return promise lets the finally block execute before the promise resolves — so container.destroy() killed the Docker container while the agent was still running. Fix: return await.

Empirically verified:

return (no await): inner-start -> finally-runs -> finally-done -> inner-end
return await:      inner-start -> inner-end -> finally-runs -> finally-done

Confirmed in a live v2 benchmark run: Codex agent executed for 44.9s inside the container (previously would die immediately with SIGKILL/signal=9).

2. Claude --dangerously-skip-permissions rejected as root (claude.ts)

Claude Code refuses --dangerously-skip-permissions when running as root (the default in Docker). Setting IS_SANDBOX=1 signals to Claude Code that it's inside an isolated container, allowing the flag.

3. Subscription-based authentication (merged from PR #90)

This branch now includes the full subscription auth implementation, enabling agents to run without API keys when the user has a valid local login session. See PR #90 for the detailed review of that feature.

Updates since last revision

• IS_SANDBOX unit tests (addressing Devin Review feedback): Added two tests in claude.test.ts — one verifying IS_SANDBOX=1 is set when useDocker: true, another verifying it's absent without Docker.
• Merged subscription auth branch (PR feat: implement subscription-based (API key-less) authentication for agents #90) into this branch so that both the container fixes and subscription auth are available together for end-to-end benchmarking.

Review & Testing Checklist for Human

• Verify the return await fix by running a v2 benchmark: bun src/index.ts --dataset v2 --docker --agent codex --model gpt-5.4-mini --task 16912_4 --verbose — the agent should execute inside the container instead of immediately failing with "container is not running"
• Verify Claude agent works in Docker: bun src/index.ts --dataset v2 --docker --agent claude --model haiku --task 16912_4 --verbose — should not error with "dangerously-skip-permissions cannot be used with root/sudo"
• Review the merge of PR feat: implement subscription-based (API key-less) authentication for agents #90 — ensure no conflicts or regressions were introduced by the merge. The subscription auth changes were already reviewed in PR feat: implement subscription-based (API key-less) authentication for agents #90, but verify they integrate cleanly with the two fixes here.
• Confirm IS_SANDBOX=1 is appropriate for all Docker runs (v1 + v2), not just v2

Notes

• The return vs return await gotcha only matters inside try/finally (or try/catch) blocks in async functions. The runOneCommitGroup method in benchmark/runner.ts is not affected because it uses a loop with await before reaching the finally block.
• IS_SANDBOX=1 is a Claude Code environment variable that bypasses the root safety check. This is set for all Docker runs since containers are inherently sandboxed.
• The Codex v2 benchmark was run with gpt-4.5-mini (which doesn't exist as an OpenAI model) — the container fix was confirmed working because the agent ran for 44.9s before hitting the model-not-found error, whereas previously the container would be killed immediately. A full successful run requires a valid model name (e.g. gpt-5.4-mini).
• This branch now includes all changes from PR feat: implement subscription-based (API key-less) authentication for agents #90 (subscription auth). If PR feat: implement subscription-based (API key-less) authentication for agents #90 is merged to main first, this PR's diff will shrink to just the two bug fixes + IS_SANDBOX tests.

Link to Devin session: https://app.devin.ai/sessions/514b15c4c58a4d94a8a03a366ff4f4f5
Requested by: @laiso

---

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[devin-ai-integration]

Devin Review found 1 potential issue.

⚠️ 1 issue in files not directly in the diff

⚠️ Missing unit test for new IS_SANDBOX env var violates constitution rule III (src/agents/builders/__tests__/claude.test.ts:71-84)

The project constitution (.specify/memory/constitution.md, principle III) requires: "Changes to runner, agents, or benchmarks must include or update unit tests under src/**/__tests__/ where applicable." The PR adds IS_SANDBOX=1 to the Claude agent's environment when useDocker is true (src/agents/builders/claude.ts:70-72), but the existing test at src/agents/builders/__tests__/claude.test.ts:71-84 — which already creates a builder with useDocker: true and checks the command — is not updated to verify cmd.env?.IS_SANDBOX === '1'. This is directly testable and the test infrastructure is already in place.

View 2 additional findings in Devin Review.

[devin-ai-integration]

Addressed Devin Review finding in 22aeb7d — added two unit tests for IS_SANDBOX:

• sets IS_SANDBOX=1 for Docker runs to allow skip-permissions as root — verifies cmd.env?.IS_SANDBOX === '1' when useDocker: true
• does not set IS_SANDBOX when not using Docker — verifies IS_SANDBOX is undefined without Docker