execkit/lib.rs
1// SPDX-License-Identifier: Apache-2.0
2//! # execkit
3//!
4//! Stateful, structured, **safe** shell sessions for AI agents on real
5//! infrastructure. The agent driving execkit can be prompt-injected, so the
6//! library's job is to contain its own caller: every command passes a policy
7//! fence, output is redacted of secrets, and results are recorded.
8//!
9//! Sessions persist state (cwd, env) across commands and run over a **local PTY**,
10//! **SSH**, or **Docker** ([`Session::local`] / [`Session::ssh`] / [`Session::docker`]),
11//! returning a structured [`ExecResult`] checked by an advisory [`Policy`], with
12//! secret redaction, bounded output, and an append-only audit log. Remote sessions
13//! also support git-backed workspace checkpoints - a filesystem "undo" for an
14//! agent's changes ([`Session::checkpoint`] / [`Session::restore`]). An MCP server
15//! (`execkit-mcp`) exposes the same sessions to MCP agents.
16//!
17//! ```no_run
18//! use execkit::Session;
19//! let mut s = Session::local()?;
20//! let r = s.exec("echo hello")?;
21//! assert_eq!(r.stdout, "hello");
22//! assert_eq!(r.exit_code, 0);
23//! # Ok::<(), execkit::Error>(())
24//! ```
25
26mod audit;
27pub mod budget;
28pub mod checkpoint;
29mod error;
30mod exec;
31mod output;
32mod policy;
33mod redact;
34mod session;
35pub mod transport;
36
37pub use audit::AuditLog;
38pub use budget::{Budget, BudgetReport, Grep, Keep, StreamReport};
39pub use checkpoint::{Checkpoint, CheckpointId, RestoreReport};
40pub use error::{Error, Result};
41pub use exec::{ExecResult, ShellState};
42pub use output::strip_ansi;
43pub use policy::Policy;
44pub use session::Session;
45pub use transport::ssh::{HostKeyVerification, SshAuth, SshConfig};