惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

C
CXSECURITY Database RSS Feed - CXSecurity.com
P
Proofpoint News Feed
Attack and Defense Labs
Attack and Defense Labs
Security Archives - TechRepublic
Security Archives - TechRepublic
Engineering at Meta
Engineering at Meta
WordPress大学
WordPress大学
H
Hackread – Cybersecurity News, Data Breaches, AI and More
MyScale Blog
MyScale Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
F
Full Disclosure
云风的 BLOG
云风的 BLOG
爱范儿
爱范儿
V2EX - 技术
V2EX - 技术
B
Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
M
MIT News - Artificial intelligence
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
W
WeLiveSecurity
Stack Overflow Blog
Stack Overflow Blog
TaoSecurity Blog
TaoSecurity Blog
T
Threatpost
小众软件
小众软件
T
The Blog of Author Tim Ferriss
Google Online Security Blog
Google Online Security Blog
MongoDB | Blog
MongoDB | Blog
T
Tenable Blog
P
Privacy International News Feed
S
Security @ Cisco Blogs
H
Heimdal Security Blog
大猫的无限游戏
大猫的无限游戏
B
Blog RSS Feed
H
Help Net Security
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
C
Cisco Blogs
酷 壳 – CoolShell
酷 壳 – CoolShell
P
Proofpoint News Feed
D
Darknet – Hacking Tools, Hacker News & Cyber Security
有赞技术团队
有赞技术团队
Application and Cybersecurity Blog
Application and Cybersecurity Blog
O
OpenAI News
Security Latest
Security Latest
S
Securelist
Cyberwarzone
Cyberwarzone
D
Docker
S
Schneier on Security
V
Vulnerabilities – Threatpost
The GitHub Blog
The GitHub Blog
P
Privacy & Cybersecurity Law Blog
T
Tailwind CSS Blog
Apple Machine Learning Research
Apple Machine Learning Research

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
BoxAgnts Introduction (2) — AI Agent Toolbox
Guyoung Studio · 2026-05-26 · via DEV Community

BoxAgnts' middle layer — the Agent Toolbox — is the brain and hands of the system. It consists of six core modules responsible for three things: understanding your intent, dispatching the right tools, and feeding back execution results. This article takes a deep dive into the architectural design and key implementations of each module.


Architecture Overview: A Seven-Module Collaboration Network

What happens when you type "Help me analyze the code structure of this Rust project" in the Dashboard and hit send?

User Message
  │
  ▼
┌─────────────────────────────────────────────────────────────┐
│  boxagnts-api            Unified API Abstraction Layer      │
│  LlmProvider trait → 20+ Providers → Message Normalization  │
├─────────────────────────────────────────────────────────────┤
│  boxagnts-query          Agent Query Loop                   │
│  run_query_loop() → Multi-turn Conversation → Tool Dispatch → Auto Recovery │
├─────────────────────────────────────────────────────────────┤
│  boxagnts-tools + tools-manager + wasm-tools                │
│  Tool trait → Built-in Tools + WASM Tools → Execution       │
├─────────────────────────────────────────────────────────────┤
│  boxagnts-gateway        Gateway & Scheduling               │
│  Cron Scheduler + Site Hosting                              │
├─────────────────────────────────────────────────────────────┤
│  boxagnts-workspace      Memory & Configuration             │
│  SQLite + JSON Config + Conversation History                │
└─────────────────────────────────────────────────────────────┘

Let's break down each one.


boxagnts-api: Unified Multi-Model Abstraction Layer

This is the interface layer between the middle layer and the external AI world. It solves the most painful problem in AI tool development: every model provider's API is different, but your code should not pay the price for that.

LlmProvider Trait: The Foundation of Polymorphism

The core interface that all provider adapters must implement:

#[async_trait]
pub trait LlmProvider: Send + Sync {
    fn id(&self) -> &ProviderId;       // Unique identifier "anthropic", "openai"
    fn name(&self) -> &str;            // Human-readable name

    // Non-streaming request
    async fn create_message(&self, request: ProviderRequest)
        -> Result<ProviderResponse, ProviderError>;

    // Streaming request (returns Pin<Box<dyn Stream>>)
    async fn create_message_stream(&self, request: ProviderRequest)
        -> Result<Pin<Box<dyn Stream<Item = Result<StreamEvent, ProviderError>> + Send>>, ProviderError>;

    // List available models
    async fn list_models(&self) -> Result<Vec<ModelInfo>, ProviderError>;
}

This trait design has three elegant aspects:

  1. Async trait: Uses the async_trait macro, compatible with the Tokio async runtime
  2. Returns Pin>: Uses dynamic dispatch to abstract away different providers' stream type differences
  3. Unified error typing: All provider errors are normalized to ProviderError

Unified Access for 20+ Providers

BoxAgnts supports an extremely wide range of model providers:

Category Providers Independent Implementation File
International Mainstream OpenAI, Anthropic, Google, Azure, Bedrock Individual files
Open-Source Compatible Deepseek, Mistral, Groq, TogetherAI, Fireworks openai_compat.rs
Enterprise Services Copilot, CodeX, Cohere, Perplexity Individual files
Domestic Platforms MiniMax, Alibaba Cloud (Qwen), Zhipu, Moonshot, SiliconFlow Individual files
Others Venus, Nebius, Novita, OVHCloud Individual files

Key design pattern — Provider + Transformer dual-layer architecture:

Raw User Message
    │
    ▼
┌────────────────┐
│  Transformer   │  ← Converts internal message format to provider-specific format
│  (per-provider)│
└───────┬────────┘
        ▼
┌────────────────┐
│   Provider     │  ← Handles authentication, HTTP requests, stream parsing
│  (per-provider)│
└───────┬────────┘
        ▼
    AI Response
        │
        ▼
┌────────────────┐
│  Transformer   │  ← Converts provider response back to internal unified format
└────────────────┘

ProviderRegistry: Runtime Model Switching

QueryConfig contains a provider_registry field that allows dynamic provider selection at runtime. This means you can:

  • Configure different models for different tasks in Agent config (cheap model for summarization, strong model for reasoning)
  • Use fallback_model to automatically switch to a backup model when the primary model is overloaded
  • Manage API keys and endpoints for multiple models via ModelRegistry

API Key Management: Balancing Security and Convenience

BoxAgnts predefines environment variable mappings for each provider:

pub fn api_key_env_vars_for_provider(provider_id: &str) -> &'static [&'static str] {
    match provider_id {
        "anthropic" => &["ANTHROPIC_API_KEY"],
        "openai"    => &["OPENAI_API_KEY"],
        "deepseek"  => &["DEEPSEEK_API_KEY"],
        "zhipu"     => &["ZHIPU_API_KEY"],
        "minimax"   => &["MINIMAX_API_KEY"],
        // ... 30+ providers
    }
}

This means you can inject API keys through three methods — environment variables, configuration files, or the Dashboard UI — maximizing flexibility while maintaining security boundaries.


boxagnts-query: The Core Engine of the Agent

This layer is the absolute soul of BoxAgnts. The run_query_loop() function implements the complete Agent reasoning loop, about 300 lines of code, yet handles an amazing number of edge cases.

Main Loop Skeleton

loop {
    turn += 1;

    // 0. Check cancellation signal
    if cancel_token.is_cancelled() { return Cancelled; }

    // 1. Check max turns limit
    if turn > effective_max_turns { return EndTurn; }

    // 2. Inject pending user messages (multimodal interaction)
    if let Some(queue) = pending_messages.as_deref_mut() {
        for text in queue.drain(..) { /* append as user message */ }
    }

    // 3. Auto context compaction
    compact_state.maybe_compact(messages, config);

    // 4. Build API request
    let request = build_request(messages, tools, config);

    // 5. Send to AI model (supports streaming)
    let response = client.create_message_stream(request).await;

    // 6. Parse ContentBlocks from response
    for block in response.content {
        match block {
            ContentBlock::Text { text } => { /* accumulate text response */ }
            ContentBlock::ToolUse { name, input, .. } => {
                // Match and execute tool
                let tool = find_tool(name);
                let result = tool.execute(input, tool_ctx).await;
                messages.push(tool_result);  // Inject result into conversation
            }
            ContentBlock::Thinking { thinking, .. } => {
                // Handle deep thinking content (not shown to user)
            }
        }
    }

    // 7. If model ends → return final message
    if stop_reason == "end_turn" { return EndTurn; }
}

Key Mechanism Analysis

Token Exhaustion Recovery

When the model runs out of token quota in a single response, the query loop does not simply return a truncated result. Instead, it automatically sends a carefully designed recovery message:

"Output token limit hit. Resume directly — no apology, no recap of what
 you were doing. Pick up mid-thought if that is where the cut happened.
 Break remaining work into smaller pieces."

This message is remarkably restrained in design: "no apology, no recap, pick up from the cut, break down tasks" — conveying maximum instruction with minimum tokens. Retries up to 3 times (MAX_TOKENS_RECOVERY_LIMIT = 3) to avoid infinite loops.

Auto Context Compaction

compact.rs implements an intelligent compression strategy. When conversation history approaches the model's context window limit, it summarizes early messages — preserving key information (file paths, error messages, important decisions) while discarding redundant intermediate steps. This strategy ensures that even extremely complex multi-turn tasks (such as refactoring an entire codebase) won't cause the Agent to "lose its memory" due to context overflow.

Fallback Model Mechanism

// query.rs — Auto switch to backup model on overload errors
if is_overloaded_error(&err) && fallback_model.is_some() && !used_fallback {
    effective_model = fallback_model;
    used_fallback = true;
    continue; // Retry with backup model
}

When the primary model (e.g., Claude Sonnet) returns an overload error during high-load periods, the system automatically switches to a backup model (e.g., Deepseek), ensuring tasks are not interrupted. This mechanism is completely transparent to the user.

Budget Control

pub enum QueryOutcome {
    BudgetExceeded { cost_usd: f64, limit_usd: f64 },
    // ...
}

After each turn, the query loop checks whether the accumulated cost exceeds the budget cap. Every API call is tracked via CostTracker recording model and token consumption, ensuring costs are controllable. Budget overruns return clear error messages rather than silently overspending.

Multimodal Content Blocks

The ContentBlock enum defines 14 content types, covering the full spectrum of interactions from plain text to deep thinking:

pub enum ContentBlock {
    Text { text: String },                          // Plain text
    Image { source: ImageSource },                  // Image
    ToolUse { id, name, input },                    // Tool call
    ToolResult { tool_use_id, content, is_error },  // Tool result
    Thinking { thinking, signature },               // Deep thinking
    Document { source, title, context },            // Document reference
    UserLocalCommandOutput { command, output },     // Shell command output
    UserCommand { name, args },                     // User command
    UserMemoryInput { key, value },                 // User memory
    SystemAPIError { message, retry_secs },         // API error
    CollapsedReadSearch { tool_name, paths },       // Collapsed search results
    TaskAssignment { id, subject, description },    // Sub-task assignment
    // ...
}

This fine-grained content typing allows the frontend to render each type with specialized treatment — error blocks show red borders, task assignment blocks show cyan borders, collapsed search results displayed as single-line summaries.


Managed Agent Mode (Manager-Executor)

This is one of the most stunning middle-layer designs in BoxAgnts. managed_orchestrator.rs implements a hierarchical Agent architecture:

                    User
                      │
                      ▼
         ┌───────────────────────┐
         │  Manager Agent        │  ← Uses strong model (e.g., Claude Opus)
         │  Analyze tasks → Break down → Assign │
         └───────┬───────────────┘
                 │
        ┌────────┼────────┐
        ▼        ▼        ▼
   ┌────────┐┌────────┐┌────────┐
   │Executor││Executor││Executor│  ← Uses economical model (e.g., Claude Sonnet/Deepseek)
   │Subtask1││Subtask2││Subtask3│
   └────┬───┘└────┬───┘└────┬───┘
        │         │         │
        └────────┼─────────┘
                 ▼
          Manager aggregates results
                 │
                 ▼
              Final Output

Key Configuration

pub struct ManagedAgentConfig {
    pub enabled: bool,
    pub manager_model: String,           // Manager model (e.g., "claude-opus-4-6")
    pub executor_model: String,          // Executor model (e.g., "claude-sonnet-4-6")
    pub executor_max_turns: u32,         // Max turns per executor
    pub max_concurrent_executors: u32,   // Max parallel executors
    pub total_budget_usd: Option<f64>,   // Total budget cap
    pub executor_isolation: bool,        // Whether to isolate Git worktrees
}

System Prompt Injection

The Manager Agent's system prompt precisely defines its role:

You are the MANAGER, the planning and reasoning layer.
You coordinate work but do NOT execute tasks using file/bash tools directly.
All implementation work is delegated to executor agents (via the Agent tool).
Each executor uses {executor_model}, with a maximum of {max_turns} turns.
You may run up to {max_concurrent} executors in parallel.

The Executor's prompt requires "complete self-containment" — executors cannot see the Manager's conversation history and must include all context in their prompt. This avoids context leakage and reduces token consumption.


boxagnts-tools + tools-manager: Unified Tool Abstraction

Tool Trait: The Cornerstone of the Architecture

This is the most critical interface definition in all of BoxAgnts. Every new tool only needs to implement this trait:

#[async_trait]
pub trait Tool: Send + Sync {
    fn name(&self) -> &'static str;
    fn description(&self) -> &'static str;
    fn input_schema(&self) -> Value;    // JSON Schema defining parameters
    async fn execute(&self, input: Value, ctx: &ToolContext) -> ToolResult;
}

ToolContext: The Tool's Execution Environment

pub struct ToolContext {
    pub cost_tracker: Arc<CostTracker>,         // Cost tracker
    pub session_id: Option<String>,             // Session ID
    pub current_turn: Arc<AtomicUsize>,         // Current turn
    pub non_interactive: bool,                  // Non-interactive mode
    pub config: Config,                         // Global configuration
    pub managed_agent_config: Option<ManagedAgentConfig>,
    pub allowed_outbound_hosts: Vec<String>,    // Outbound network whitelist
    pub block_url: Option<String>,              // Blocked URLs
}

ToolContext is the tool's "passport" — carrying various contextual information such as permissions, sessions, costs, and networking. Every tool can access the required system state through it during execution.

Central Tool Registry

// tools-manager/src/lib.rs
pub fn all_tools() -> Vec<Box<dyn Tool>> {
    vec![
        // Rust native tools
        Box::new(AskUserQuestionTool),
        Box::new(BriefTool),
        Box::new(EnterPlanModeTool),
        Box::new(ExitPlanModeTool),
        Box::new(SleepTool),
        Box::new(SkillTool),
        Box::new(ToolSearchTool),

        // WASM sandbox tools — same interface, different implementation
        Box::new(WasmTool::new("read",  "file-read-component.wasm",  ...)),
        Box::new(WasmTool::new("write", "file-write-component.wasm", ...)),
        Box::new(WasmTool::new("edit",  "file-edit-component.wasm",  ...)),
        Box::new(WasmTool::new("glob",  "file-glob-component.wasm",  ...)),
        Box::new(WasmTool::new("bash",  "bash-component.wasm",       ...)),
        Box::new(WasmTool::new("web_fetch", "web-fetch-component.wasm", ...)),
        Box::new(WasmTool::new("js_exec", "boxedjs-execute-component.wasm", ...)),
    ]
}

Notice that Rust native tools and WASM tools are placed in the same Vec<Box<dyn Tool>> — to the AI model, they are completely equivalent. This is the power of interface-oriented programming.


boxagnts-gateway: Extending Time and Space Dimensions

Cron Scheduled Task Engine

cron/scheduler.rs builds a complete scheduled task system based on tokio_cron_scheduler:

// Core scheduling logic
let cron_job = Job::new_async(cron_expr, move |_uuid, _lock| {
    Box::pin(async move {
        let handle = job::execute(prompt, model).await;
        // Execution with timeout + result logging
        let result = timeout(Duration::from_secs(timeout), fut).await;
        append_execution_log(job_id, job_name, success, message).await;
    })
});

Key features:

  • Timeout protection: Each task has an independent timeout setting (default 180 seconds), wrapped by tokio::time::timeout
  • Cancel propagation: On timeout, cancels the executing Agent query via CancellationToken
  • Execution logs: Each execution records time, success/failure status, and result summary
  • Dynamic management: Tasks can be added, removed, enabled/disabled at any time

Site Hosting System

Site data managed by site/store.rs is persisted via SQLite, supporting CRUD operations. Combined with the frontend SitesPage, users can:

  1. Create sites in the Dashboard (enter name and path)
  2. Let the AI Agent generate web content
  3. Access via the /sites/{name}/ path

boxagnts-workspace: The Agent's Memory System

The workspace module handles all persistence and configuration management:

Function Storage Key Implementation
Conversation History SQLite (rusqlite) Organized by session, supports CRUD
User Authentication Password hash storage Verified for remote access
Global Configuration JSON file Settings::load() to load
API Keys Environment variables / JSON Three-tier priority: ENV > Config > Default
AGENTS.md Filesystem Injected into system prompt each conversation
Cron Tasks SQLite Persisted storage + loaded at startup
Site Config SQLite Persisted storage + loaded at startup

Design highlight: configuration and state are separated. Configuration is JSON files (human-readable and editable), state is SQLite (efficient queries and transactions). This distinction avoids the common pitfall of "configuration file bloat."


QueryConfig: Full-Dimensional Query Control

QueryConfig is a massive configuration struct with 20 fields, covering every dimension of an Agent query:

pub struct QueryConfig {
    pub model: String,                           // Model name
    pub max_tokens: u32,                         // Max output tokens
    pub max_turns: u32,                          // Max reasoning turns
    pub system_prompt: Option<String>,           // System prompt
    pub thinking_budget: Option<u32>,            // Thinking budget (deep reasoning)
    pub temperature: Option<f32>,                // Temperature parameter
    pub tool_result_budget: usize,               // Total char cap for tool results (50000)
    pub effort_level: Option<EffortLevel>,       // Effort level (affects thinking_budget)
    pub max_budget_usd: Option<f64>,             // USD budget cap
    pub fallback_model: Option<String>,          // Backup model
    pub agent_definition: Option<AgentDefinition>, // Agent definition
    pub managed_agents: Option<ManagedAgentConfig>, // Managed mode
    pub output_style: OutputStyle,               // Output style
    // ... and more
}

This struct demonstrates a core design philosophy of BoxAgnts: give control to the user, but provide reasonable defaults. Every field can be overridden, but none are required — defaults cover 90% of use cases.


Summary

The middle-layer Agent Toolbox is the capability core of BoxAgnts:

Module Responsibility Key Highlight
boxagnts-api Multi-model unified access LlmProvider trait, 20+ Providers, Transformer conversion
boxagnts-query Agent reasoning loop Token recovery, context compaction, Fallback switching, budget control
managed_orchestrator Managed Agent architecture Manager-Executor layering, parallel execution, budget management
boxagnts-tools Unified tool abstraction Tool trait, ToolContext
tools-manager Central tool registry Rust native + WASM unified as Vec>
boxagnts-gateway Time and space extension Cron scheduler, Site hosting
boxagnts-workspace Memory system SQLite + JSON dual-layer storage

Related Resources