rashbox 0.1.0

Fast Rust+WASM bash sandbox for LLM agents
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131

# rashbox

Fast Rust+WASM bash sandbox for LLM agents. Mount files, run real Unix commands in an isolated WASM sandbox, let an AI agent explore and analyze them.

## What it does

- **WASM isolation** -- all commands run inside a Wasmtime sandbox (no host access)
- **23 Unix commands** compiled to a single 258KB WASM binary
- **Multi-LLM support** -- Claude, OpenAI, Ollama, llama-server, llama.cpp
- **Agent loop** -- LLM calls tools (exec, write_file, done), results fed back automatically
- **Pipes** -- `cat /in/file | grep error | awk '{print $1}' | sort | uniq -c`
- **Safety limits** -- max steps, max tokens, memory limits

## Quick start

```bash
# Analyze files with Claude
export ANTHROPIC_API_KEY=sk-...
rashbox src/*.rs --goal "Find bugs and security issues"

# Use a local model (Ollama)
rashbox --llm ollama --model qwen3.5:27b data.csv --goal "Analyze this dataset"

# Use llama-server
rashbox --llm llama --model my-model sales.csv access.log

# Interactive shell (no LLM)
rashbox --shell myfiles/

# Copy agent output files locally
rashbox --output-dir ./results src/ --goal "Generate a report"
```

## Available commands

| Category | Commands |
|----------|----------|
| File viewing | `cat` `-n`, `head`, `tail`, `ls` `-alR` |
| Search | `grep` (regex: `^.$*+?[...]`), `find` `-name -type` |
| Text processing | `sed` `s///g`, `awk` (fields, math, conditions), `cut`, `tr`, `sort`, `uniq` |
| Analysis | `wc`, `csv_stats` (column types, min/max/mean/sum, uniques), `calc` (arithmetic) |
| Comparison | `diff` `-u` (unified diff) |
| File ops | `cp` `-r`, `mv`, `rm` `-r`, `mkdir` `-p`, `tee`, `echo`, `pwd` |

### Highlights

**awk** -- field extraction, math, conditions:
```bash
awk '{print $1, $3}' file              # print fields
awk -F, '{sum+=$4} END {print sum}'    # sum a CSV column
awk '$2 > 100 {print $1}' file         # conditional filter
awk 'NR>1 {print $1}' file             # skip header
```

**csv_stats** -- instant CSV profiling:
```bash
csv_stats sales.csv
# Rows: 24  Columns: 6
# -- date (string) --
#   non-null: 24  null: 0  unique: 16
# -- units (numeric) --
#   min: 25  max: 220  mean: 111  sum: 2670
```

**calc** -- arithmetic (LLMs can't do math):
```bash
calc '150 * 12.99 + 89 * 24.50'       # => 4133.0
calc '(2 + 3) * 4 ^ 2'                # => 80
```

**grep** with regex:
```bash
grep '^ERROR' log.txt                  # lines starting with ERROR
grep 'status_[0-9]+' file             # regex patterns
```

## Architecture

```
rashbox (Rust binary)
  |-- Agent loop (LLM <-> tools)
  |-- Sandbox (Wasmtime + WASI preview1)
  |     |-- /in   (read-only mounted files)
  |     |-- /out  (writable output)
  |     |-- /skills (read-only, from ~/.skills/)
  |     '-- tools.wasm (258KB, 23 commands)
  '-- LLM backends
        |-- Claude (Anthropic API)
        |-- OpenAI (+ compatible: Ollama, llama-server)
        '-- llama.cpp (optional, via feature flag)
```

## CLI options

```
rashbox [OPTIONS] <FILES>...

  --llm <BACKEND>       claude, openai, ollama, llama, llamacpp, noop
  --model <MODEL>       Model name (default: claude-sonnet-4-6)
  --api-key <KEY>       API key (or set ANTHROPIC_API_KEY / OPENAI_API_KEY)
  --base-url <URL>      Custom endpoint for OpenAI-compatible APIs
  --goal <GOAL>         Task for the agent
  --system <PROMPT>     Override system prompt (prefix with @ to read from file)
  --max-mem <MB>        Sandbox memory limit (default: 40)
  --max-steps <N>       Max agent tool calls (default: 50)
  --max-tokens <N>      Max total tokens (default: 0 = unlimited)
  --shell               Interactive shell mode (no LLM)
  --output-dir <DIR>    Copy /out files here when done
```

## Building

```bash
# Build the WASM tools (requires wasm32-wasip1 target)
rustup target add wasm32-wasip1
cd wasm-tools && cargo build --release --target wasm32-wasip1
cp target/wasm32-wasip1/release/rashbox-tools.wasm ../wasm/tools.wasm

# Build rashbox
cargo build --release
```

## Testing

```bash
cargo test --test sandbox_test    # 23 integration tests
```

## License

MIT