synwire_core/sandbox/mod.rs
1//! Sandbox protocols for command execution and approval gates.
2//!
3//! Separated from the VFS module because command execution, process management,
4//! and archive manipulation are distinct concerns from filesystem abstraction.
5
6pub mod approval;
7
8use crate::BoxFuture;
9use crate::vfs::error::VfsError;
10use crate::vfs::types::ExecuteResponse;
11use serde::{Deserialize, Serialize};
12
13pub use approval::{
14 ApprovalCallback, ApprovalDecision, ApprovalRequest, AutoApproveCallback, AutoDenyCallback,
15 RiskLevel,
16};
17
18/// A single stage in a command pipeline.
19#[derive(Debug, Clone, Serialize, Deserialize)]
20pub struct PipelineStage {
21 /// Command to execute.
22 pub command: String,
23 /// Arguments.
24 pub args: Vec<String>,
25 /// Redirect stderr to stdout.
26 pub stderr_to_stdout: bool,
27 /// Per-stage timeout in seconds (None = no limit).
28 pub timeout_secs: Option<u64>,
29}
30
31/// Sandbox protocol for command execution with isolation.
32///
33/// Separate from [`Vfs`](crate::vfs::protocol::Vfs) to make it
34/// explicit when an agent needs shell execution capability.
35pub trait SandboxProtocol: Send + Sync {
36 /// Execute a single command.
37 fn execute(
38 &self,
39 cmd: &str,
40 args: &[String],
41 ) -> BoxFuture<'_, Result<ExecuteResponse, VfsError>>;
42
43 /// Execute a multi-stage pipeline (each stage's stdout pipes into the next).
44 fn execute_pipeline(
45 &self,
46 stages: &[PipelineStage],
47 ) -> BoxFuture<'_, Result<Vec<ExecuteResponse>, VfsError>>;
48
49 /// Sandbox identifier (for logging / audit).
50 fn id(&self) -> &str;
51}
52
53/// Abstract sandbox type returned by sandbox factory functions.
54pub type BaseSandbox = dyn SandboxProtocol + Send + Sync;