execkit 0.1.1

Stateful, structured, safe shell sessions for AI agents on real infrastructure.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

// SPDX-License-Identifier: Apache-2.0
//! # execkit
//!
//! Stateful, structured, **safe** shell sessions for AI agents on real
//! infrastructure. The agent driving execkit can be prompt-injected, so the
//! library's job is to contain its own caller: every command passes a policy
//! fence, output is redacted of secrets, and results are recorded.
//!
//! Sessions persist state (cwd, env) across commands and run over a **local PTY**
//! or **SSH** ([`Session::local`] / [`Session::ssh`]), returning a structured
//! [`ExecResult`] checked by an advisory [`Policy`], with secret redaction, bounded
//! output, and an append-only audit log. An MCP server (`execkit-mcp`) exposes the
//! same sessions to MCP agents.
//!
//! ```no_run
//! use execkit::Session;
//! let mut s = Session::local()?;
//! let r = s.exec("echo hello")?;
//! assert_eq!(r.stdout, "hello");
//! assert_eq!(r.exit_code, 0);
//! # Ok::<(), execkit::Error>(())
//! ```

mod audit;
mod error;
mod exec;
mod output;
mod policy;
mod redact;
mod session;
pub mod transport;

pub use audit::AuditLog;
pub use error::{Error, Result};
pub use exec::{ExecResult, ShellState};
pub use output::strip_ansi;
pub use policy::Policy;
pub use session::Session;
pub use transport::ssh::{HostKeyVerification, SshAuth, SshConfig};