# anyclaw-sdk-runtime — Runtime SDK
SDK for building runtime extensions that manage agent sandbox environments (containers, VMs, etc.).
## Files
| `lib.rs` | Re-exports `Runtime`, `RuntimeSdkError`, and all types |
| `trait_def.rs` | `Runtime` trait — implement this to build a runtime extension |
| `types.rs` | Wire types: `RuntimeInitializeParams`, `ExecRequest`, `ExecResult`, `RuntimeHealthStatus` |
| `error.rs` | `RuntimeSdkError` enum (thiserror) |
## Key Types
```rust
pub trait Runtime: Send + 'static {
async fn start(&mut self, params: RuntimeInitializeParams) -> Result<RuntimeInitializeResult, RuntimeSdkError>;
async fn exec(&self, request: ExecRequest) -> Result<ExecResult, RuntimeSdkError>;
async fn health(&self) -> RuntimeHealthStatus;
async fn stop(&mut self) -> Result<(), RuntimeSdkError>;
async fn kill(&self, process_id: &str) -> Result<(), RuntimeSdkError>;
}
```
## Responsibilities
A runtime extension owns the full execution environment:
- Container/VM lifecycle (create, start, stop)
- Networking (proxy, DNAT rules, network isolation)
- Process execution (agent workers spawned via `exec()`)
- Health reporting
The supervisor only sees the trait interface — it doesn't know whether the environment is Docker, Podman, Firecracker, or a local process.
## How It Works
1. Supervisor spawns the runtime binary and sends `initialize`
2. Runtime creates the environment (container + proxy + network)
3. Supervisor calls `exec()` to spawn agent worker processes inside the environment
4. Runtime returns socket paths for stdio communication with each process
5. On shutdown, supervisor calls `stop()` — runtime tears down everything
## Anti-Patterns
- **Don't leak container IDs** — the supervisor doesn't need to know about Docker internals
- **Don't expose proxy config** — proxy is internal to the runtime, not a supervisor concern
- **Don't depend on internal crates** — only use `anyclaw-sdk-runtime` types