Expand description
Runtime primitives for verification, sandbox selection, and tool brokering.
agent-infra defines the boundary between Ferrify’s control-plane types and
the outside world. This includes sandbox selection, tool-broker contracts,
and the verification backend that shells out to Cargo.
The crate stays intentionally small in the starter implementation. The goal is to make operational boundaries explicit before adding richer runtimes or external integrations.
§Examples
use agent_domain::ModeSlug;
use agent_infra::{SandboxManager, SandboxProfile};
let mode = ModeSlug::new("verifier").expect("verifier is a valid mode slug");
assert_eq!(
SandboxManager::profile_for_mode(&mode),
SandboxProfile::ReadOnlyWorkspace
);Structs§
- Audit
Record - An audit record for a tool invocation.
- Deny
ByDefault Tool Broker - A deny-by-default broker used by Ferrify.
- Observed
Fact - A fact observed from tool output.
- Process
Verification Backend - A process-based verification backend that shells out to Cargo.
- Sandbox
Manager - Chooses runtime sandbox profiles for modes.
- Tool
Output Blob - A normalized tool output blob.
- Tool
Receipt - The normalized result returned by a brokered tool call.
- Tool
Request - A raw tool request that must pass through the broker.
Enums§
- Infra
Error - Errors produced by the infrastructure layer.
- Sandbox
Profile - The sandbox profile attached to a stage.
- Tool
Error - Errors produced by tool brokering.
Traits§
- Tool
Broker - A broker that mediates tool execution under policy.
- Verification
Backend - Runs verification commands and returns receipts.