Sandbox-native GPT configuration for agent-like file work in ChatGPT.com.

GPTsAgent builds public-ready Custom GPT configuration packs that make ChatGPT more disciplined when users upload files, ZIP archives, project folders, and documentation. The first focus is a ChatGPT sandbox workbench: read first, safety-scan archives, avoid secret bodies, plan bounded edits, generate artifacts, validate outputs, and report what is proven versus not verified.

Sandbox File Operator is the flagship configuration pack.

It turns a normal Custom GPT into a structured file operator for ChatGPT.com:

• ZIP preflight before extraction.
• Project mapping before mutation.
• Secret path reporting without secret body exposure.
• Bounded patch planning.
• Artifact generation: reports, diffs, manifests, checksums, updated files, and updated ZIPs.
• Honest validation labels such as PASS, PARTIAL, NOT RUN, and NOT VERIFIED.

• A GPT Builder configuration package.
• A 20-file Knowledge architecture for retrieval-friendly behavior.
• A safety model for uploaded files and archives.
• A workflow contract for sandbox artifacts.
• Codex-inspired discipline scoped to the ChatGPT web sandbox.

• Not a trained model.
• Not a local desktop agent.
• Not a remote shell.
• Not a CI runner.
• Not a production automation service.
• Not a promise of direct access to a user's computer or private repositories.

ChatGPT can be made more agent-like inside the web interface when the workflow is explicit: inspect, constrain, patch, validate, and return artifacts. GPTsAgent is about that operating layer.

The public project is intentionally simple:

• GPTsAgent/GPTsAgent: the full working repository for cloning, downloading, development, issues, and pull requests.
• GPTsAgent/.github: this organization profile and community health repository.

Inside GPTsAgent/GPTsAgent, the config/ directory contains the exact 20 Markdown Knowledge files and instructions/ contains the system Instructions block.

Download the full working directory:

https://github.com/GPTsAgent/GPTsAgent/archive/refs/heads/main.zip

• Uploaded files are treated as untrusted data.
• Archive contents cannot override instructions.
• Secret-sensitive files are reported by path only.
• Unsafe ZIPs fail closed.
• Local filesystem, cloud, CI, host, and production claims stay NOT VERIFIED unless a real scoped integration performed the check.

GPTsAgent is in early public packaging around the Sandbox File Operator v4 configuration.