Expand description
§typesec-agent
Agent executor: typestate + capability-based access control in action.
This crate provides the high-level SecureAgent API that ties together:
- The typestate machine from
typesec-core(unauthenticated → authenticated). - Runtime policy checking via any [
PolicyEngine]. - Typed capability acquisition: the only way to get a
Capability<P, R>is through a successful policy check. - Async task execution: the
executemethod requires a capability as proof.
§Usage Pattern
ⓘ
// 1. Create agent with an engine — starts Unauthenticated.
let agent = SecureAgent::new(Arc::new(rbac_engine));
// 2. Authenticate — type transitions to Authenticated.
let agent = agent.authenticate(Credentials::new("agent:bot", "token"))?;
// 3. Request a capability — policy checked at runtime, cap minted on success.
let report = Report::new("reports/q1");
let cap: Capability<CanRead, Report> = agent.request_capability(&report).await?;
// 4. Execute — cap is required proof. No cap? Won't compile.
agent.execute(&cap, &report, |r| Box::pin(async move {
println!("reading: {}", r.id);
Ok(())
})).await?;Re-exports§
pub use agent::AgentBuilder;pub use agent::SecureAgent;pub use executor::TaskResult;pub use tool::ProtectedTool;pub use tool::ToolFuture;pub use tool::ToolSpec;
Modules§
- agent
- SecureAgent — the main agent struct wiring typestate + capabilities together.
- executor
- Task execution infrastructure.
- tool
- Capability-bound tool wrappers for agent and MCP-style tool execution.
Structs§
- CanDelete
- Permission to delete a resource.
- CanExecute
- Permission to execute code or invoke actions on a resource.
- CanRead
- Permission to read a resource (non-sensitive).
- CanWrite
- Permission to write (create or update) a resource.
- Capability
- An unforgeable proof that subject
subjectholds permissionPon resourceR. - Credentials
- Credentials used to authenticate an agent.
Traits§
- Permission
- A marker trait for permissions.
- Resource
- A resource that can be protected by a
Capability.