ai-gateway
Unified AI gateway for command catalog, policy firewall, and safe execution
Version: 9.0.1 | Size: 4.3MB | Author: Warith Al Maawali
License: Proprietary | Website: https://www.digi77.com
File Information
| Property | Value |
|---|---|
| Binary Name | ai-gateway |
| Version | 9.0.1 |
| Build Date | 2026-02-21T23:53:58.626096361Z |
| Rust Version | 1.82.0 |
| File Size | 4.3MB |
| JSON Data | View Raw JSON |
SHA256 Checksum
Features
| Feature | Description |
|---|---|
| Feature | Embedded command catalog with 800+ commands from 15+ services |
| Feature | TF-IDF + substring hybrid search across all services |
| Feature | Three-tier risk classification (Passive/Active/Dangerous) |
| Feature | Policy firewall with allowlist enforcement |
| Feature | Workspace confinement and path validation |
| Feature | Failure cooldown to prevent cascading degradation |
| Feature | Per-agent identity, rate limiting, and audit trail for executions |
| Feature | Approval ticket workflow for agent-to-human authorization |
| Feature | Configurable per-operation timeouts with env var override |
| Feature | Full JSON/JSON-pretty/JSON-human output support |
Security Features
| Feature | Description |
|---|---|
| Inputvalidation | All inputs are validated and sanitized |
| Ratelimiting | Built-in rate limiting for network operations |
| Authentication | Secure authentication with certificate pinning |
| Encryption | TLS 1.3 for all network communications |
System Requirements
| Requirement | Value |
|---|---|
| OS | Linux (Debian-based) |
| Privileges | root/sudo for system operations |
| Dependencies | OpenSSL, libcurl |
Global Options
| Flag | Description |
|---|---|
-h, --help |
Print help information |
-v, --version |
Print version information |
-n, --info |
Display detailed information |
-e, --examples |
Show usage examples |
--json |
Output in JSON format |
--json-pretty |
Pretty-print JSON output with indentation |
--json-human |
Enhanced JSON output with improved formatting (like jq) |
--verbose |
Enable verbose output |
--quiet |
Suppress non-essential output |
--no-color |
Disable colored output |
--config <FILE> |
Use custom configuration file |
--timeout <SECS> |
Set timeout (default: 30) |
--retry <COUNT> |
Retry attempts (default: 3) |
Commands
Administration
index
Rebuild the search index from the embedded registry
Usage:
Examples:
policy
Show the current safety policy configuration
Usage:
Examples:
doctor
Health check that verifies all registered binaries exist and respond
Usage:
Examples:
approve
Issue or verify human approval tickets for agent execution
Usage:
ai-gateway ai-gateway approve issue <service> <command> [--agent-id <id>] [--ttl <secs>]
ai-gateway approve verify --ticket <ticket> <service> <command> [--agent-id <id>]
Examples:
ai-gateway approve verify --ticket "$TICKET" health-control block-internet --agent-id kodachi-claw --json
Discovery
list
List all services and their commands from the embedded registry
Usage:
Options:
- --service: Filter by service name
- --category: Filter by category name
Examples:
search
Search across all services and commands using TF-IDF + substring matching
Usage:
Options:
- --limit: Maximum number of results to return
Examples:
help
Show detailed help for a service or specific command
Usage:
Examples:
capabilities
Show effective capabilities for an AI agent identity
Usage:
Options:
- --agent-id: Agent profile (kodachi-claw/nullclaw/agentzero/openclaw/picoclaw/nanoclaw/claude-code/gpt/gemini/open-interpreter; aliases: zeroclaw, nanclaw, "claude code", "open interpreter")
- --agent-token: Optional token for authenticated agent profiles
Examples:
ai-gateway capabilities --agent-id kodachi-claw --agent-token $KODACHI_AGENT_TOKEN_KODACHI_CLAW --json
ai-gateway capabilities --agent-id claude-code --agent-token $KODACHI_AGENT_TOKEN_CLAUDE_CODE --json
ai-gateway capabilities --agent-id "claude code" --agent-token $KODACHI_AGENT_TOKEN_CLAUDE_CODE --json
ai-gateway capabilities --agent-id open-interpreter --agent-token $KODACHI_AGENT_TOKEN_OPEN_INTERPRETER --json
ai-gateway capabilities --agent-id "open interpreter" --agent-token $KODACHI_AGENT_TOKEN_OPEN_INTERPRETER --json
Execution
run
Validate and execute a binary command through the safety layer
Usage:
ai-gateway ai-gateway run <service> --command <cmd> [--args <args>...] [--args-json <json>] [--dry-run] [--timeout <secs>] [--agent-id <id>] [--agent-token <token>] [--approval-ticket <ticket>] OR ai-gateway run --batch-json <json> --agent-id <id> --agent-token <token>
Options:
- --command: Command to execute (required)
- --args: Command arguments (multiple)
- --args-json: Command arguments as JSON object/array
- --batch-json: Batch execution payload for trusted agents (JSON array, sequential mode only)
- --dry-run: Validate without executing
- --timeout: Execution timeout in seconds
- --confirm: Approval token for commands requiring confirmation
- --approval-ticket: Human-issued approval ticket for Active/Dangerous commands
- --agent-id: Agent profile (trusted profiles require token auth)
- --agent-token: Agent auth token for token-required profiles
Examples:
ai-gateway run kodachi-claw --command status --agent-id kodachi-claw --agent-token $KODACHI_AGENT_TOKEN_KODACHI_CLAW --dry-run --json
KODACHI_TRUSTED_BATCH_MODE=true ai-gateway run --agent-id kodachi-claw --agent-token $KODACHI_AGENT_TOKEN_KODACHI_CLAW --batch-json '[{"service":"kodachi-claw","command":"status"},{"service":"kodachi-claw","command":"doctor","dry_run":true}]' --json
Examples
Service Discovery
Discover and explore all available Kodachi services and commands
List all services with their commands in JSON format
Expected Output: JSON array of all discovered services with metadataList commands for a specific service
Expected Output: Commands for tor-switch with descriptions and risk tiersList health-control commands in text format
Expected Output: Formatted list of health-control commandsCommand Search
Search across all services using TF-IDF + substring hybrid search engine
Search for Tor exit node commands
Expected Output: Ranked results with relevance scoresNote
Uses TF-IDF cosine similarity + substring matching
Search with limited results
Expected Output: Top 5 matching commands for DNS leak operationsSearch for network check commands in text format
Expected Output: Numbered list of matching commands with scoresFind all panic/emergency commands
Expected Output: Emergency commands with Dangerous risk tierNote
Dangerous commands are blocked unless pentest mode
Service Help
Get detailed help for any service or specific command
Full specification for tor-switch service
Expected Output: JSON with all commands, options, examples, features, requirementsHelp for a specific command
Expected Output: Detailed command spec with parameters and examplesText help for dns-switch service
Expected Output: Formatted help output for dns-switchPretty-printed JSON help for ip-fetch
Expected Output: Indented JSON with full service specificationSafe Command Execution
Validate first, then execute when appropriate. No env var is needed for passive/active commands.
Step 1 (validate): preview a passive command
Expected Output: Validation result without actual executionNote
Always use --dry-run first for safety
Step 2 (apply): execute passive command (no env needed)
Expected Output: Live command execution resultNote
Passive commands execute without KODACHI_PENTEST_MODE
Active command flow (no env needed): validate with explicit confirmation
ai-gateway run tor-switch --command set-exit-node --args-json '{"country":"de"}' --confirm --dry-run --json
Note
For active commands, remove --dry-run to apply changes
Dry-run DNS leak test with custom timeout
Expected Output: Validation result for dns-leak testNote
Timeout can be overridden with KODACHI_TOOL_TIMEOUT_MS env var
Dry-run ip-fetch fetch command
Expected Output: Validation result for ip-fetch fetchNote
Dry-run keeps examples deterministic in offline/auth-restricted environments
Pass structured JSON arguments for agent-safe invocation
Expected Output: Dry-run validation with args expanded from JSONNote
--args-json avoids brittle shell quoting in agent pipelines
Safety Policy
View and understand the safety policy configuration
Show current safety policy as JSON
Expected Output: Policy with risk tiers, allowlists, and pentest mode statusShow safety policy in text format
Expected Output: Formatted policy displayPretty-printed policy configuration
Expected Output: Indented JSON with complete policy detailsNote
Run with inline env: KODACHI_PENTEST_MODE=true ai-gateway run health-control --command wipe-file --confirm --json
Dangerous command flow: env var required in addition to explicit confirm
KODACHI_PENTEST_MODE=true ai-gateway run health-control --command wipe-file --confirm "I understand" --dry-run --json
Note
KODACHI_PENTEST_MODE is required only for dangerous commands
Administration
Index management and system health checks
Rebuild the search index
Expected Output: Index statistics with service and command countsCheck health of all registered binaries
Expected Output: Health report for each binary (exists, responds, version, size)Health check in text format
Expected Output: Table showing binary health statusOutput Formats
All commands support multiple output formats
Standard JSON output (compact)
Expected Output: Compact JSON responsePretty-printed JSON with indentation
Expected Output: Indented JSON for readabilityEnhanced human-friendly JSON (like jq)
Expected Output: Color-highlighted JSON outputShow version information
Expected Output: ai-gateway version 9.0.1Show detailed program info as JSON
Expected Output: JSON with features, security, requirementsAI Agent Integration
How Kodachi AI standardizes execution for agentzero/openclaw/picoclaw/kodachi-claw/nullclaw/nanoclaw/open-interpreter via one gateway contract
AI agent finds the best matching command
Expected Output: Top matching command with service and invocationNote
ai-cmd delegates execution through ai-gateway
AI agent validates before executing
Expected Output: Validation passes, shows what would runNote
Safety layer prevents dangerous commands from AI agents
AI agent executes passive command (no env required)
Expected Output: Live tor-status execution resultNote
Passive command execution does not require KODACHI_PENTEST_MODE
Kodachi Claw integration path through ai-gateway
Expected Output: Validation for kodachi-claw status commandNote
Kodachi AI gives the same JSON execution contract to all agents
AgentZero integration template (must be in allowlist)
Expected Output: Policy + invocation validation for agentzeroNote
Add agentzero to the default allowlist in policy_engine.rs
OpenClaw integration template
Expected Output: Policy + invocation validation for openclawNote
Use --dry-run first, then remove --dry-run to execute
PicoClaw integration template
Expected Output: Policy + invocation validation for picoclawNote
Same API shape as ai-cmd and zeroclaw integrations
Kodachi Claw live execution path (no allow-all env required when installed/allowlisted)
Expected Output: Live kodachi-claw command output through gateway safety layerNullClaw integration template
Expected Output: Policy + invocation validation for nullclawNote
Ensure nullclaw is in the policy engine allowlist
NanoClaw integration template
Expected Output: Policy + invocation validation for nanoclawNote
Consistent gateway contract keeps agent integrations simple
AI agent gets command specification
Expected Output: Full command spec for AI to understand parametersAgent Security
Identity verification, capability discovery, and approval-ticket workflow
Discover what kodachi-claw is allowed to do
ai-gateway capabilities --agent-id kodachi-claw --agent-token $KODACHI_AGENT_TOKEN_KODACHI_CLAW --json
Discover trusted GPT agent capabilities
Expected Output: Trusted profile details for gptDiscover trusted Claude Code agent capabilities
ai-gateway capabilities --agent-id claude-code --agent-token $KODACHI_AGENT_TOKEN_CLAUDE_CODE --json
Discover trusted Gemini agent capabilities
Expected Output: Trusted profile details for geminiDiscover trusted Open Interpreter agent capabilities
ai-gateway capabilities --agent-id open-interpreter --agent-token $KODACHI_AGENT_TOKEN_OPEN_INTERPRETER --json
Discover trusted OpenClaw agent capabilities
Expected Output: Trusted profile details for openclawDiscover trusted PicoClaw agent capabilities
Expected Output: Trusted profile details for picoclawDiscover trusted NanoClaw agent capabilities
Expected Output: Trusted profile details for nanoclawHuman issues time-limited approval ticket for an active/dangerous operation
ai-gateway approve issue health-control block-internet --agent-id kodachi-claw --ttl 600 --json | jq -r '.data.ticket'
Note
Requires KODACHI_GATEWAY_APPROVAL_SECRET for stable verification across sessions
Agent executes command using identity + approval workflow
ai-gateway run health-control --command block-internet --agent-id kodachi-claw --agent-token $KODACHI_AGENT_TOKEN_KODACHI_CLAW --approval-ticket "$TICKET" --json
Note
Without valid ticket, execution returns requires_approval
Environment Variables
| Variable | Description | Default | Values |
|---|---|---|---|
RUST_LOG |
Set logging level | info | error |
NO_COLOR |
Disable all colored output when set | unset | 1 |
Exit Codes
| Code | Description |
|---|---|
| 3 | Permission denied |
| 4 | Network error |
| 2 | Invalid arguments |
| 0 | Success |
| 5 | File not found |
| 1 | General error |