statespace-server 0.1.3

Open-source AI tool execution runtime - HTTP server library
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105

# statespace-server

Open-source AI tool execution runtime. Serve markdown files with frontmatter-defined tool specifications.

## Features

- **Markdown file serving** - Serve files from a local directory with smart path resolution
- **Frontmatter parsing** - Parse YAML and TOML frontmatter for tool definitions
- **Command validation** - Validate commands against tool specifications with regex support
- **Tool execution** - Execute whitelisted tools in a sandboxed environment
- **Security** - Path traversal prevention, environment isolation, SSRF protection

## Quick Start

```bash
# Serve a tool site
statespace serve /path/to/toolsite

# Custom host and port
statespace serve /path/to/toolsite --host 0.0.0.0 --port 3000
```

## Tool Site Structure

A tool site is a directory containing markdown files with frontmatter:

```
my-toolsite/
├── README.md          # Required - served at /
├── tools/
│   ├── query.md       # Served at /tools/query
│   └── search.md      # Served at /tools/search
└── docs/
    └── README.md      # Served at /docs/
```

## Frontmatter Format

Define allowed tools in YAML or TOML frontmatter:

```yaml
---
tools:
  - [ls]                              # Allow ls with any args
  - [cat, {}]                         # cat with one arg (any value)
  - [cat, {regex: ".*\\.md$"}, ";"]   # cat only .md files, no extra args
  - [psql, -c, {regex: "^SELECT"}]    # Only SELECT queries
---

# My Tool

This tool allows file listing and viewing.
```

## HTTP API

### GET `/{path}`

Read a markdown file.

### POST `/{path}`

Execute a tool defined in frontmatter.

Request:
```json
{
  "command": ["ls", "-la", "docs/"]
}
```

Response:
```json
{
  "stdout": "total 8\n-rw-r--r-- 1 user staff 256 Jan 1 00:00 README.md\n",
  "stderr": "",
  "returncode": 0
}
```

## Library Usage

Use as a library in your own server:

```rust
use statespace_server::{build_router, ServerConfig};
use std::path::PathBuf;

let config = ServerConfig::new(PathBuf::from("./my-toolsite"))
    .with_host("0.0.0.0")
    .with_port(3000);

let router = build_router(config);
```

## Security

- **Path traversal protection** - Rejects `..` and absolute paths
- **Environment isolation** - Commands run with cleared environment
- **SSRF protection** - Blocks localhost, private IPs, cloud metadata endpoints
- **Output limits** - Prevents DoS via large output

## License

MIT