rashbox 0.1.0

Fast Rust+WASM bash sandbox for LLM agents
Documentation

rashbox

Fast Rust+WASM bash sandbox for LLM agents. Mount files, run real Unix commands in an isolated WASM sandbox, let an AI agent explore and analyze them.

What it does

  • WASM isolation -- all commands run inside a Wasmtime sandbox (no host access)
  • 23 Unix commands compiled to a single 258KB WASM binary
  • Multi-LLM support -- Claude, OpenAI, Ollama, llama-server, llama.cpp
  • Agent loop -- LLM calls tools (exec, write_file, done), results fed back automatically
  • Pipes -- cat /in/file | grep error | awk '{print $1}' | sort | uniq -c
  • Safety limits -- max steps, max tokens, memory limits

Quick start

# Analyze files with Claude
export ANTHROPIC_API_KEY=sk-...
rashbox src/*.rs --goal "Find bugs and security issues"

# Use a local model (Ollama)
rashbox --llm ollama --model qwen3.5:27b data.csv --goal "Analyze this dataset"

# Use llama-server
rashbox --llm llama --model my-model sales.csv access.log

# Interactive shell (no LLM)
rashbox --shell myfiles/

# Copy agent output files locally
rashbox --output-dir ./results src/ --goal "Generate a report"

Available commands

Category Commands
File viewing cat -n, head, tail, ls -alR
Search grep (regex: ^.$*+?[...]), find -name -type
Text processing sed s///g, awk (fields, math, conditions), cut, tr, sort, uniq
Analysis wc, csv_stats (column types, min/max/mean/sum, uniques), calc (arithmetic)
Comparison diff -u (unified diff)
File ops cp -r, mv, rm -r, mkdir -p, tee, echo, pwd

Highlights

awk -- field extraction, math, conditions:

awk '{print $1, $3}' file              # print fields
awk -F, '{sum+=$4} END {print sum}'    # sum a CSV column
awk '$2 > 100 {print $1}' file         # conditional filter
awk 'NR>1 {print $1}' file             # skip header

csv_stats -- instant CSV profiling:

csv_stats sales.csv
# Rows: 24  Columns: 6
# -- date (string) --
#   non-null: 24  null: 0  unique: 16
# -- units (numeric) --
#   min: 25  max: 220  mean: 111  sum: 2670

calc -- arithmetic (LLMs can't do math):

calc '150 * 12.99 + 89 * 24.50'       # => 4133.0
calc '(2 + 3) * 4 ^ 2'                # => 80

grep with regex:

grep '^ERROR' log.txt                  # lines starting with ERROR
grep 'status_[0-9]+' file             # regex patterns

Architecture

rashbox (Rust binary)
  |-- Agent loop (LLM <-> tools)
  |-- Sandbox (Wasmtime + WASI preview1)
  |     |-- /in   (read-only mounted files)
  |     |-- /out  (writable output)
  |     |-- /skills (read-only, from ~/.skills/)
  |     '-- tools.wasm (258KB, 23 commands)
  '-- LLM backends
        |-- Claude (Anthropic API)
        |-- OpenAI (+ compatible: Ollama, llama-server)
        '-- llama.cpp (optional, via feature flag)

CLI options

rashbox [OPTIONS] <FILES>...

  --llm <BACKEND>       claude, openai, ollama, llama, llamacpp, noop
  --model <MODEL>       Model name (default: claude-sonnet-4-6)
  --api-key <KEY>       API key (or set ANTHROPIC_API_KEY / OPENAI_API_KEY)
  --base-url <URL>      Custom endpoint for OpenAI-compatible APIs
  --goal <GOAL>         Task for the agent
  --system <PROMPT>     Override system prompt (prefix with @ to read from file)
  --max-mem <MB>        Sandbox memory limit (default: 40)
  --max-steps <N>       Max agent tool calls (default: 50)
  --max-tokens <N>      Max total tokens (default: 0 = unlimited)
  --shell               Interactive shell mode (no LLM)
  --output-dir <DIR>    Copy /out files here when done

Building

# Build the WASM tools (requires wasm32-wasip1 target)
rustup target add wasm32-wasip1
cd wasm-tools && cargo build --release --target wasm32-wasip1
cp target/wasm32-wasip1/release/rashbox-tools.wasm ../wasm/tools.wasm

# Build rashbox
cargo build --release

Testing

cargo test --test sandbox_test    # 23 integration tests

License

MIT