# Shell

Sandboxed shell command execution and AI-powered shell command generation.
## Install
```bash
npm i -g @agent-smith/feat-shell
```
Add the plugin to your `config.yml` file and run the `conf` command:
```yml
plugins:
- "@agent-smith/feat-shell"
```
```bash
lm conf
```
## Actions and tools
### Shell execution
Available shell tools:
- shell execute arbitrary shell commands in a sandboxed Alpine Linux container (`timbru31/node-alpine-git`)
- rshell execute read-only shell commands with readonly workspace mount for safe inspection
### Python execution
- python execute Python code in an isolated `python:slim` container with optional pip package installation
## Agents
Available agents with shell tools:
- shellagent a general shell agent using the qwen4b model with access to the `shell` tool for executing commands
- shellcmd an AI-powered shell command generation agent that evaluates correctness and security before outputting commands. Uses tools:
- `doc-shell-cmd` — retrieve documentation for shell commands
- `dump-manpage` — fetch man page documentation
- `check-shellcmd` — evaluate command security and correctness with confidence scores
## Example shell agent
```yaml
description: A shell agent
model: qwen4b
toolsList:
- shellagent # this tool is a subagent
```
The agent will use the shellagent subagent to execute shell commands in an isolated Docker container.
## Security
All shell commands run in isolated Docker containers with the following security guarantees:
- **Network disabled** — containers have no external network connectivity by default
- **Volume mounting** — host workspace is mounted at `/workspace` inside containers
- **Read-only mode** — rshell mounts the workspace in readonly mode for safe inspection
- **Container reuse** — containers are reused for efficiency with graceful shutdown on exit
Back: Overview