Class: RubyLLM::Toolbox::Tools::BashTool

Inherits:

Base

Object
RubyLLM::Tool
Base
RubyLLM::Toolbox::Tools::BashTool

show all

Defined in:: lib/ruby_llm/toolbox/tools/bash_tool.rb

Overview

EXEC reference tool. Runs ONE allowlisted executable with arguments.

Deliberately NOT a shell: there are no pipes, redirects, globs, quoting, or variable expansion. The program goes in ‘command`; each argument is a separate element of `args` and is passed verbatim as argv. This is the safe primitive that the OS-command-injection class of bug cannot touch, because no shell ever parses the input.

Gated: refuses to run unless config.enable_exec_tools is true AND the executable is on config.allowed_commands.

Instance Attribute Summary

Attributes inherited from Base

#config

Instance Method Summary collapse

#execute(command:, args: nil, unsafe: false) ⇒ Object

Methods inherited from Base

#call, exec_tool!, exec_tool?, #initialize, #name

Constructor Details

This class inherits a constructor from RubyLLM::Toolbox::Base

Instance Method Details

#execute(command:, args: nil, unsafe: false) ⇒ `Object`

# File 'lib/ruby_llm/toolbox/tools/bash_tool.rb', line 39

def execute(command:, args: nil, unsafe: false)
  exe  = resolve_command(command, unsafe)
  argv = sanitize_args(args)

  out, err, status = ProcessRunner.capture(
    [exe, *argv],
    env: clean_env,
    timeout: config.command_timeout,
    unsetenv_others: true
  )
  truncate(format_result(exe, argv, out, err, status))
rescue Safety::CommandGuard::Blocked => e
  error(e.message, code: :command_denied)
end