skill-context 1.0.0

Execution context management for skill-engine
Documentation

Skill execution context management.

This crate provides types and utilities for defining and managing execution contexts for skill-engine skills. An execution context defines the complete environment in which a skill's tools execute, including:

  • File and directory mounts
  • Environment variables
  • Secrets and credentials
  • Resource limits (CPU, memory, network)
  • Runtime-specific overrides

Core Concepts

Execution Context

An [ExecutionContext] is the central type that combines all configuration needed to run a skill. Contexts can inherit from other contexts, allowing for a hierarchy of configurations (e.g., base → development → production).

use skill_context::{ExecutionContext, EnvironmentConfig, ResourceConfig};

let context = ExecutionContext::new("my-context", "My Context")
    .with_description("A production context")
    .with_environment(
        EnvironmentConfig::new()
            .with_var("LOG_LEVEL", "info")
            .with_passthrough_prefix("AWS_")
    )
    .with_resources(
        ResourceConfig::new()
            .with_memory_limit("1g")
            .with_network_enabled()
            .with_timeout(300)
    )
    .with_tag("production");

Mounts

[Mount]s define files and directories that should be accessible within the execution environment:

use skill_context::Mount;

let data_mount = Mount::directory("data", "/host/data", "/app/data")
    .as_read_write()
    .with_description("Application data directory");

let config_mount = Mount::config_file(
    "app-config",
    r#"
    [api]
    endpoint = "${API_ENDPOINT}"
    "#,
    "/etc/app/config.toml"
);

Secrets

The [SecretsConfig] type manages secret definitions and providers:

use skill_context::{SecretsConfig, SecretDefinition};

let secrets = SecretsConfig::new()
    .with_required_env_secret("api-key", "API_KEY", "API authentication key")
    .with_required_file_secret("db-password", "/run/secrets/db", "Database password");

Resources

[ResourceConfig] defines limits and capabilities:

use skill_context::{ResourceConfig, NetworkConfig};

let resources = ResourceConfig::new()
    .with_cpu_limit("2")
    .with_memory_limit("1g")
    .with_network(
        NetworkConfig::enabled()
            .allow_host("api.example.com")
            .allow_host("*.amazonaws.com")
    )
    .with_timeout(300);

Features

  • vault - Enable HashiCorp Vault secret provider
  • aws-secrets - Enable AWS Secrets Manager provider
  • azure-keyvault - Enable Azure Key Vault provider
  • gcp-secrets - Enable GCP Secret Manager provider