Shell adapter

The shell adapter runs local CLI commands. One adapter named shell covers a curated set of developer tools along with a generic run-command escape hatch. Output streams live to the Log Panel. Every invocation appends a JSON line to the shell audit log at ~/.flow-studio/logs/audit/.

Common optional fields

Every shell action accepts:

Name	Type	Description
`cwd`	`string`	Working directory; defaults to the flow’s workspace root
`timeoutMs`	`number`	Hard timeout (default 60000); on expiry the child is killed and the node fails
`maxOutputBytes`	`number`	Cap on combined stdout + stderr (default 10485760); excess kills the child
`env`	`string`	Environment policy: `"scrubbed"` (default) or `"inherit"`

`run-command`

Run an arbitrary shell command via sh -c <command> (Unix) or cmd /c <command> (Windows).

Required field	Type	Description
`command`	`string`	Full command line, passed to the shell as one string

deps[action: "Install deps"] {
  adapter: "shell"
  actionId: "run-command"
  command: "pnpm install"
}

Curated tool actions

git, npm, pnpm, cargo, kubectl, and curl each run their tool. The arguments are parsed with shell-words rules, so quoted segments stay together, and the runner handles argv separation.

Required field	Type	Description
`args`	`string`	Arguments to the tool, as one string

status[action: "Git status"] {
  adapter: "shell"
  actionId: "git"
  args: "status --short"
}

test[action: "Test"] {
  adapter: "shell"
  actionId: "cargo"
  args: "test --workspace"
}

rollout[action: "Rollout status"] {
  adapter: "shell"
  actionId: "kubectl"
  args: "rollout status deploy/api"
}

ping[action: "Healthcheck"] {
  adapter: "shell"
  actionId: "curl"
  args: "-fsS https://example.com/health"
}

Sandboxing

Lightweight rails are always on. They include a pinned cwd, an environment allow-list, an output cap, and a hard timeout. An OS sandbox is opt-in per node through a capabilities declaration. See Sandboxing for the full layered model and audit format.