Expand description
Per-turn execution environment for tool calls.
An ExecutionContext is attached to a crate::ToolCall to specify the working
directory and environment variable overrides for that specific call. When absent,
ShellExecutor uses the process CWD and inherited process environment — identical to
the behaviour before this module existed.
§Trust model
Contexts are either untrusted (the default, built via the public API) or trusted
(only constructible inside zeph-tools / zeph-config via ExecutionContext::trusted_from_parts).
Untrusted contexts have their env overrides re-filtered through the executor’s
env_blocklist after every merge step, so LLM-controlled callers cannot reintroduce
a blocked variable. Trusted contexts bypass that final filter — the operator who
authored the TOML [[execution.environments]] table is the trust root.
§Example
use zeph_tools::ExecutionContext;
let ctx = ExecutionContext::new()
.with_name("repo")
.with_cwd("/workspace/myproject")
.with_env("CARGO_TARGET_DIR", "/tmp/cargo-target");
assert_eq!(ctx.name(), Some("repo"));
assert!(ctx.cwd().is_some());
assert_eq!(ctx.env_overrides().get("CARGO_TARGET_DIR").map(String::as_str), Some("/tmp/cargo-target"));
assert!(!ctx.is_trusted());Structs§
- Execution
Context - Per-turn execution environment for a tool call.