skelegent
Health Uyari
- License — License: Apache-2.0
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 9 GitHub stars
Code Gecti
- Code scan — Scanned 12 files during light audit, no dangerous patterns found
Permissions Gecti
- Permissions — No dangerous permissions requested
This project is an experimental, composable framework written in Rust designed to build and orchestrate asynchronous AI agents. It provides modular building blocks for connecting to various LLM providers, managing state, and handling tool execution via an MCP client or server.
Security Assessment
Overall risk is rated as Low. A lightweight code scan of 12 files found no dangerous patterns or hardcoded secrets, and the tool does not request any inherently dangerous permissions. However, because of its nature as an agentic framework, it inherently manages sensitive operations when configured. The README indicates it includes modules for cryptographic primitives, secret resolution, filesystem state storage, and local process execution. It also features a dedicated security middleware layer (including an exfiltration guard) to help safely manage these capabilities. While the core package is clean, users should be aware that connecting it to live providers or local environments will expose it to sensitive data and network requests.
Quality Assessment
The project is actively maintained, with its most recent push occurring today. It is released under the standard Apache-2.0 license, making it suitable for open-source and commercial use. The codebase architecture is highly structured and well-documented. The primary concern is its low community visibility; with only 9 GitHub stars, it is clearly an early-stage or niche project, meaning it has not yet been battle-tested by a wide audience.
Verdict
Safe to use, but keep in mind it is an early-stage experiment that requires careful configuration when handling local process execution or sensitive credentials.
Bones for your agents — composable async agentic AI framework for Rust
Skelegent — composable agentic runtime
Skelegent is an experiment in building an agentic system that is composable by construction:
layered protocol contracts, swappable providers/tools/state, and deterministic backpressure via
tests and specs.
Specs are the source of truth: SPECS.md and specs/.
Quickstart (Nix)
This repo assumes Rust tooling is provided by the Nix flake.
- Full verification:
./scripts/verify.sh - Canonical commands: see
AGENTS.md §Verification
Crate map (workspace members)
Core:
layer0/— protocol traits + wire contractskelegent/— umbrella crate
Turn (turn/):
skg-turn— turn types + provider abstractionskg-turn-kit— turn decomposition primitivesskg-context— prompt/context assemblyskg-tool— tool traits +ToolRegistryskg-mcp— MCP client/server
Operators (op/):
skg-context-engine— ReAct-style operator loopskg-op-single-shot— single-shot operator
Orchestration (orch/):
skg-orch-kit— composition building blocksskg-orch-local— local orchestrator
Effects (effects/):
skg-effects-core— effect executor traitskg-effects-local— local effect interpreter
Middleware (hooks/):
skg-hook-security— security middleware (RedactionMiddleware, ExfilGuardMiddleware)
State (state/):
skg-state-memory— in-memory state storeskg-state-fs— filesystem-backed state store
Environment (env/):
skg-env-local— local environment (process/tool execution glue)
Providers (provider/):
skg-provider-anthropicskg-provider-openaiskg-provider-ollama
Security (secret/, auth/, crypto/):
skg-secret— secret resolutionskg-secret-vault— HashiCorp Vault backendskg-auth— auth/credential frameworkskg-crypto— cryptographic primitives
Implementations
Heavy-dependency implementations — SQLite, CozoDB, Temporal, Git effects, sweep
operators, and auth providers — live in a separate repository to keep this core
dependency-free:
skelegent-extras — provider ecosystem
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi