Code Execution & Workspace Tool

The Terminal Execute Tool

Execute a shell command in the agent’s sandboxed workspace and capture stdout, stderr, and exit code — with command allow-listing so agents run only what your policy permits.

Explore VDF AI Agents
SandboxedRuns in an isolated workspace
GovernedEvery action logged
AssignableTo any engineering agent
100%On-premise capable
The Execution Gap

A suggestion isn’t a shipped change

An agent that can only propose code still leaves all the work to a human. To actually deliver, it needs a real, governed workspace where it can run code, edit files, test, and use Git — safely, and without touching anything you didn’t allow.

01

Read-only agents

Suggestions still require a human to run, test, and commit everything.

02

Unsafe execution

Running agent-generated code on real infrastructure is a security risk.

03

No verification

Without tests and builds, an agent can’t know its change works.

04

Ungoverned Git

Direct repo access with no policy or audit is a non-starter in the enterprise.

How the Tool Works

Terminal Execute, without the risk

Capability

What it does

Run governed shell commands in the agent workspace.

it runs a shell command in the agent’s sandboxed workspace and returns stdout, stderr, and the exit code.

Tool
Terminal Execute

Assignable to any agent

ShellAllow-listedCapturedLogged

How it works

Predictable, inspectable behavior

Designed to be reliable.

commands run under an allow-list and resource limits with full logging, so an agent gets a real shell without the risk of arbitrary, unaudited execution.

Governed
Policy + Audit

Every call logged

ScopedLoggedGovernedOn-prem

Governance

Private, governed, on-premise

Runs inside your perimeter.

Execution runs in an isolated, on-premise sandbox scoped per tenant with full command and file audit logging, so an agent can do real work on your code without unsafe access or anything leaving your perimeter.

100%
On-Prem

Per-tenant, logged

On-premRBACAudit logSovereign
Inputs

Parameters

The terminal_execute tool accepts these inputs when an agent calls it. Required inputs are flagged.

Name Type Required Description
command string Required The shell command to run.
cwd string Optional Working directory for the command.
timeout_seconds integer
default: 60
Optional Maximum execution time.
Where it pays back

Where Terminal Execute pays back

Tooling

Run a formatter, generator, or CLI the task needs.

Environment setup

Install dependencies inside the sandbox before work.

Diagnostics

Inspect the workspace to debug a failing step.

Glue steps

Chain small commands between higher-level tools.

How VDF AI connects it

Assigned to agents, orchestrated as networks

On VDF AI, an industry’s use cases map to agents, and you assign tools like this one to those agents. Compose multiple agents into a governed, on-premise network.

ROI Snapshot

What changes after you assign it

Faster
From suggestion to shipped
Verified
Changes tested before merge
Traceable
Every command audited
100%
Code never leaves your perimeter
FAQ

Questions about the Terminal Execute tool

What is the Terminal Execute tool?

It runs a shell command in the agent’s sandboxed workspace and returns stdout, stderr, and the exit code. Assigned to a VDF AI agent, it runs under role-based policy with full audit logging so the capability is safe to use in production.

Can an agent run any command?

No. Commands are governed by an allow-list and resource limits, and every invocation is logged.

Where does it run?

In the agent’s isolated, on-premise workspace — never on your production hosts.

Does it run on-premise?

Yes. Like every VDF AI tool, it can run on-premise or in your sovereign cloud, scoped per user and audit-logged, so your data never leaves your perimeter.

How do agents use it?

You assign the tool to an agent under a role-based policy; the agent calls it as one step in a task, and several agents and tools can be orchestrated together as a governed VDF AI Network.

Put Terminal Execute to work

See the Terminal Execute tool assigned to an agent and orchestrated in a governed, on-premise network.