statespace_tool_runtime/
lib.rs

1//! Core tool execution runtime for Statespace.
2//!
3//! Provides tool parsing, frontmatter extraction, command validation,
4//! and sandboxed execution with security protections (SSRF, path traversal).
5//!
6//! ```rust,ignore
7//! use statespace_tool_runtime::{BuiltinTool, ToolExecutor, ExecutionLimits};
8//!
9//! let tool = BuiltinTool::from_command(&["cat".to_string(), "file.md".to_string()])?;
10//! let executor = ToolExecutor::new(PathBuf::from("./toolsite"), ExecutionLimits::default());
11//! let output = executor.execute(&tool).await?;
12//! ```
13
14pub mod env_validation;
15pub mod error;
16pub mod eval;
17pub mod executor;
18pub mod frontmatter;
19pub mod protocol;
20pub mod sandbox;
21pub mod security;
22pub mod spec;
23pub mod tools;
24pub mod validation;
25
26pub use env_validation::{EnvValidationError, validate_env_map};
27pub use error::{Error, Result};
28pub use executor::{ExecutionLimits, ToolExecutor, ToolOutput};
29pub use frontmatter::{Frontmatter, parse_frontmatter};
30pub use protocol::{ActionRequest, ActionResponse, ErrorResponse, SuccessResponse};
31pub use sandbox::SandboxEnv;
32pub use security::{is_private_or_restricted_ip, validate_url_initial};
33pub use spec::{
34    CompiledRegex, SpecError, ToolPart, ToolSpec, find_matching_spec, is_valid_tool_call,
35};
36pub use tools::{BuiltinTool, HttpMethod};
37pub use validation::{
38    expand_command_for_execution, expand_env_vars, validate_command, validate_command_with_specs,
39};
statespace_tool_runtime/lib.rs

statespace_tool_runtime/
lib.rs
