agent-sdk 0.4.2

Rust Agent SDK for building LLM agents
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153

# Changelog

All notable changes to this project will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [Unreleased]

## [0.4.0] - 2025-01-27

### Added

- **`AsyncTool` trait** - New trait for long-running operations with progress streaming. Async tools have two phases: `execute()` starts the operation and returns immediately, `check_status()` streams progress updates until completion. Includes typed progress stages via `ProgressStage` trait.

- **`ToolExecutionStore` trait** - Write-ahead logging for tool execution tracking. Enables idempotency and crash recovery by persisting tool execution state before running tools. Includes `InMemoryExecutionStore` default implementation.

- **Extended thinking support** - `ThinkingConfig` for configuring Anthropic's extended thinking feature. Set `budget_tokens` to enable the model to think through complex problems before responding.

- **`ToolProgress` event** - New event type for async tool progress updates, containing stage, message, and optional data.

- **`ErasedToolStatus`** - Type-erased version of `ToolStatus` for use in the agent loop.

- **`ToolOutcome` enum** - Result type for async tools with `Success`, `Failed`, and `InProgress` variants.

### Fixed

- **Store timestamp handling** - Fixed timestamp serialization/deserialization issues in message stores.

### Changed

- **`ToolRegistry` now supports async tools** - New `register_async()` method and `get_async()`, `all_async()`, `is_async()` accessors for async tool management.

## [0.3.0] - 2025-01-23

### Breaking Changes

- **Removed `ToolTier::RequiresPin`** - The SDK now only has `Observe` and `Confirm` tiers. Applications that need PIN verification should implement this at the application layer using hooks.

- **Removed `ToolDecision::RequiresPin`** - Hooks no longer return this variant. Use `RequiresConfirmation` or `Block` instead.

- **Removed `PendingAction`** - Applications now manage the pending action lifecycle externally.

- **Removed `ToolRequiresPin` event** - This event is no longer emitted by the agent loop.

- **Tool trait now requires `type Name` associated type** - All `Tool` implementations must specify a tool name type:
  ```rust
  impl Tool<()> for MyTool {
      type Name = DynamicToolName;  // or your custom ToolName type
      fn name(&self) -> DynamicToolName { DynamicToolName::new("my_tool") }
      // ...
  }
  ```

- **`agent.run()` now returns a tuple** - The return type is `(mpsc::Receiver<AgentEvent>, impl Future<Output = AgentRunState>)` instead of just a receiver.

- **Input is now wrapped in `AgentInput`** - Use `AgentInput::Text(...)` instead of passing a plain string.

- **`AgentContinuation` is now a concrete type** - Previously used `Box<dyn Any>` for encapsulation. Now exposes all fields publicly. The continuation is boxed in enum variants for efficiency (`Box<AgentContinuation>`).

- **New `PendingToolCallInfo` struct** - Public type representing pending tool calls, used within `AgentContinuation`.

### Added

- **Typed tool names** - Tool names are now strongly typed via the `ToolName` trait and associated type:
  - `PrimitiveToolName` enum for SDK's built-in tools
  - `DynamicToolName` for runtime/MCP tools
  - `tool_name_to_string()` and `tool_name_from_str()` helpers

- **`display_name()` method on Tool trait** - Tools can now provide a human-readable display name for UIs.

- **Yield/Resume pattern** - Agent can yield execution when a tool requires confirmation via `AgentRunState::AwaitingConfirmation`, then resume with `AgentInput::Resume`.

- **Single-turn execution** - New `run_turn()` method for external orchestration (e.g., message queues). Returns `TurnOutcome` indicating whether more turns are needed.

- **`AgentRunState` enum** - New return type indicating agent completion status: `Done`, `Error`, or `AwaitingConfirmation`.

- **`AgentContinuation`** - Concrete state for resuming agent execution after yielding. Contains fields like `thread_id`, `turn`, `turn_usage`, `pending_tool_calls`, etc.

- **Streaming support** - LLM providers now support streaming responses via `stream_chat_completion`.

### Fixed

- **Token usage tracking in resume cases** - Previously, token usage was zeroed when resuming after tool confirmation. Now properly tracks usage from the LLM call that generated the tool calls.

### Changed

- **Tool trait no longer requires `#[async_trait]`** - Rust 1.75+ native async traits are used instead.

- **Refactored agent loop** - Internal refactoring into smaller helper functions for better maintainability.

## [0.1.0] - 2025-01-15

### Added

- **Agent Loop**: Core orchestration for LLM conversations with tool calling
  - Event-driven streaming architecture
  - Configurable turn limits and retry behavior
  - Thread-based conversation management

- **LLM Abstraction**: Provider-agnostic interface for chat completions
  - `LlmProvider` trait for implementing custom providers
  - Built-in Anthropic provider (Claude models)
  - OpenAI provider implementation
  - Google Gemini provider implementation

- **Tool System**: Define and register custom tools
  - `Tool` trait for implementing tools
  - `ToolRegistry` for managing available tools
  - JSON schema validation for tool inputs
  - Tool tiers for security classification (Observe, Confirm, RequiresPin)

- **Lifecycle Hooks**: Pre/post tool execution hooks
  - `AgentHooks` trait for custom hook implementations
  - `AllowAllHooks` for development/testing
  - `LoggingHooks` for observability
  - `ToolDecision` for controlling tool execution

- **Environment Abstraction**: File and command execution
  - `Environment` trait for file system operations
  - `InMemoryFileSystem` for testing and sandboxing
  - `LocalFileSystem` for production use
  - Command execution with output capture

- **Primitive Tools**: Built-in tools for file operations
  - `ReadTool` - Read file contents
  - `WriteTool` - Create/overwrite files
  - `EditTool` - Make targeted edits to files
  - `GlobTool` - Find files by pattern
  - `GrepTool` - Search file contents
  - `BashTool` - Execute shell commands

- **Persistence**: Trait-based storage
  - `MessageStore` for conversation history
  - `StateStore` for agent state
  - `InMemoryStore` default implementation

- **Capabilities**: Security model for agent operations
  - `AgentCapabilities` for fine-grained permission control
  - Read-only, write, and exec toggles

- **Subagent System**: Nested agent execution
  - Real-time progress events during execution

- **MCP Support**: Model Context Protocol integration

- **Web Tools**: Fetch and search capabilities

### Security

- `#[forbid(unsafe_code)]` enforced across the codebase
- Capability-based security model
- Tool tier system for operation classification