You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you build AI products, you rarely get to choose a single client: someone wants a terminal, someone else lives in the IDE, your service is in Python, and occasionally you need a desktop shell or a small fleet of machines cooperating. SkillLite is a lightweight Rust workspace that packages a sandboxed skills execution engine and an optional full agent (chat, planning, memory, tools) in one binary story—then exposes that power through several thin entry points instead of several incompatible stacks.
This article gives a mental model in one page: the two-layer product split, a comparison table of integration surfaces, a dependency chain you can memorize, and a Python example plus a sequence diagram for execute_code. Official references: docs/en/ARCHITECTURE.md and docs/en/ENTRYPOINTS-AND-DOMAINS.md.
Why “many entries” instead of many products
Different users need different hosts:
Hackers want skilllite in the shell and in CI.
IDE users want MCP so the model can list and run skills safely.
Python teams want a few functions—scan_code, execute_code, run_skill—without linking Rust.
Non-developers want a desktop tray app.
Distributed setups want peer discovery and task routing.
Duplicating each stack usually duplicates security semantics (sandbox levels, scan gates, skill manifests). SkillLite keeps one implementation of sandboxing and skill protocol and hangs CLI, stdio MCP, Python subprocess or IPC, Tauri, and Swarm off that core.
Two-layer product: Agent vs. Core
From the architecture doc:
flowchart TB
subgraph Agent["SkillLite Agent (product)"]
A1["chat / planning / memory / tools"]
A2["Opinionated assistant on top of Core"]
A3["Build: skilllite (full binary)"]
end
subgraph Core["SkillLite Core (engine)"]
C1["Sandbox execution, scanning, skills, MCP subset"]
C2["Embeddable by any agent framework"]
C3["Build: skilllite-sandbox (slim binary)"]
end
Agent --> Core
Loading
Rule of thumb: the Agent layer is SkillLite’s reference customer for Core. You can embed Core only and bring your own planner and UI.
Tip: the skilllite-sandbox build is the slim binary when you want sandbox + MCP without the full agent feature set—check workspace Cargo.toml and feature flags in the architecture doc.
Dependency direction (the chain you should remember)
CLI / MCP / stdio_rpc
→ skilllite-commands
→ skilllite-agent (when agent features are on)
→ skilllite-executor
→ skilllite-sandbox
→ skilllite-core
Core never depends upward. Sandbox enforces isolation; Agent adds conversation and tools. The Python SDK does not compile against Rust; it shells out or speaks JSON-RPC to a preinstalled binary, which keeps Python packaging simple.
Python: execute_code path and minimal sample
Sequence: IPC first, subprocess fallback
When SKILLLITE_USE_IPC=1 and skilllite serve is available, the SDK can reuse a long-lived JSON-RPC client and avoid spawning a process per call. Otherwise it falls back to skilllite exec (see python-sdk/skilllite/api.py).
sequenceDiagram
participant App as Python app
participant SDK as skilllite SDK
participant IPC as skilllite serve (optional)
participant Bin as skilllite binary
App->>SDK: execute_code(language, code, sandbox_level=3)
alt IPC client available
SDK->>IPC: client.exec(tmpdir, script_name, ...)
IPC->>Bin: JSON-RPC
Bin-->>SDK: output, exit_code
else subprocess fallback
SDK->>Bin: skilllite exec ... --sandbox-level N
Bin-->>SDK: stdout / stderr
end
SDK-->>App: dict(success, text, exit_code, ...)
For packaged skills (SKILL.md + entrypoint), use run_skill with the same knobs plus allow_network where appropriate.
LangChain
The repo ships langchain-skilllite/ with SkillManager, SkillLiteTool, etc.—useful when you want skills as first-class tools in an agent loop. Pin the version from that package’s pyproject.toml.
MCP, Desktop, Swarm: quick selection guide
MCP — Configure your client to launch skilllite mcp over stdio. You get tools such as listing skills, running skills, scanning code, and executing code—ideal for model-in-the-IDE workflows.
Desktop — Best when you need image attachments, session chrome, and a non-terminal UX; remember the external binary dependency at runtime.
Swarm — Default listen addresses are often loopback (e.g. 127.0.0.1:7700). For LAN exposure, bind explicitly and set SKILLLITE_SWARM_TOKEN, requiring clients to send Authorization: Bearer.
Closing
SkillLite is structured as one security and skills engine with multiple host processes: shell, IDE protocol, Python, GUI, or mesh. Start from sandbox → core, then decide whether you need the full agent or only Core. If you call from Python, treat the SDK as a thin bridge and optionally turn on IPC when call frequency hurts latency.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
If you build AI products, you rarely get to choose a single client: someone wants a terminal, someone else lives in the IDE, your service is in Python, and occasionally you need a desktop shell or a small fleet of machines cooperating. SkillLite is a lightweight Rust workspace that packages a sandboxed skills execution engine and an optional full agent (chat, planning, memory, tools) in one binary story—then exposes that power through several thin entry points instead of several incompatible stacks.
This article gives a mental model in one page: the two-layer product split, a comparison table of integration surfaces, a dependency chain you can memorize, and a Python example plus a sequence diagram for
execute_code. Official references: docs/en/ARCHITECTURE.md and docs/en/ENTRYPOINTS-AND-DOMAINS.md.Why “many entries” instead of many products
Different users need different hosts:
skilllitein the shell and in CI.scan_code,execute_code,run_skill—without linking Rust.Duplicating each stack usually duplicates security semantics (sandbox levels, scan gates, skill manifests). SkillLite keeps one implementation of sandboxing and skill protocol and hangs CLI, stdio MCP, Python subprocess or IPC, Tauri, and Swarm off that core.
Two-layer product: Agent vs. Core
From the architecture doc:
flowchart TB subgraph Agent["SkillLite Agent (product)"] A1["chat / planning / memory / tools"] A2["Opinionated assistant on top of Core"] A3["Build: skilllite (full binary)"] end subgraph Core["SkillLite Core (engine)"] C1["Sandbox execution, scanning, skills, MCP subset"] C2["Embeddable by any agent framework"] C3["Build: skilllite-sandbox (slim binary)"] end Agent --> CoreRule of thumb: the Agent layer is SkillLite’s reference customer for Core. You can embed Core only and bring your own planner and UI.
Integration surfaces at a glance
Aligned with ENTRYPOINTS-AND-DOMAINS.md:
skilllitemain binarypython-sdk+ subprocess or IPCskilllitebinary; optionalskilllite serveskilllite mcpskilllite)skilllite-assistant(Tauri)skillliteon PATH at runtimeskilllite swarmskilllite-swarm; optional agent featuresTip: the
skilllite-sandboxbuild is the slim binary when you want sandbox + MCP without the full agent feature set—check workspaceCargo.tomland feature flags in the architecture doc.Dependency direction (the chain you should remember)
Core never depends upward. Sandbox enforces isolation; Agent adds conversation and tools. The Python SDK does not compile against Rust; it shells out or speaks JSON-RPC to a preinstalled binary, which keeps Python packaging simple.
Python:
execute_codepath and minimal sampleSequence: IPC first, subprocess fallback
When
SKILLLITE_USE_IPC=1andskilllite serveis available, the SDK can reuse a long-lived JSON-RPC client and avoid spawning a process per call. Otherwise it falls back toskilllite exec(seepython-sdk/skilllite/api.py).sequenceDiagram participant App as Python app participant SDK as skilllite SDK participant IPC as skilllite serve (optional) participant Bin as skilllite binary App->>SDK: execute_code(language, code, sandbox_level=3) alt IPC client available SDK->>IPC: client.exec(tmpdir, script_name, ...) IPC->>Bin: JSON-RPC Bin-->>SDK: output, exit_code else subprocess fallback SDK->>Bin: skilllite exec ... --sandbox-level N Bin-->>SDK: stdout / stderr end SDK-->>App: dict(success, text, exit_code, ...)Runnable snippet
Install the binary and SDK per README.md and docs/en/GETTING_STARTED.md.
sandbox_levelsemantics (from SDK docstrings)For packaged skills (SKILL.md + entrypoint), use
run_skillwith the same knobs plusallow_networkwhere appropriate.LangChain
The repo ships
langchain-skilllite/withSkillManager,SkillLiteTool, etc.—useful when you want skills as first-class tools in an agent loop. Pin the version from that package’spyproject.toml.MCP, Desktop, Swarm: quick selection guide
skilllite mcpover stdio. You get tools such as listing skills, running skills, scanning code, and executing code—ideal for model-in-the-IDE workflows.127.0.0.1:7700). For LAN exposure, bind explicitly and setSKILLLITE_SWARM_TOKEN, requiring clients to sendAuthorization: Bearer.Closing
SkillLite is structured as one security and skills engine with multiple host processes: shell, IDE protocol, Python, GUI, or mesh. Start from sandbox → core, then decide whether you need the full agent or only Core. If you call from Python, treat the SDK as a thin bridge and optionally turn on IPC when call frequency hurts latency.
Links
Beta Was this translation helpful? Give feedback.
All reactions