everruns · chaliy · Jan 31, 2026 · Jan 31, 2026 · Jan 31, 2026
diff --git a/crates/bashkit-cli/Cargo.toml b/crates/bashkit-cli/Cargo.toml
@@ -0,0 +1,21 @@
+# BashKit CLI - Command line interface for bashkit
+# Run bash scripts in a sandboxed environment
+
+[package]
+name = "bashkit-cli"
+version.workspace = true
+edition.workspace = true
+license.workspace = true
+authors.workspace = true
+repository.workspace = true
+description = "Command line interface for BashKit sandboxed bash interpreter"
+
+[[bin]]
+name = "bashkit"
+path = "src/main.rs"
+
+[dependencies]
+bashkit = { path = "../bashkit" }
+tokio.workspace = true
+clap.workspace = true
+anyhow.workspace = true
diff --git a/crates/bashkit-cli/src/main.rs b/crates/bashkit-cli/src/main.rs
@@ -0,0 +1,66 @@
+//! BashKit CLI - Command line interface for sandboxed bash execution
+//!
+//! Usage:
+//!   bashkit -c 'echo hello'        # Execute a command string
+//!   bashkit script.sh              # Execute a script file
+//!   bashkit                         # Interactive REPL (not yet implemented)
+
+use anyhow::{Context, Result};
+use clap::Parser;
+use std::path::PathBuf;
+
+/// BashKit - Sandboxed bash interpreter
+#[derive(Parser, Debug)]
+#[command(name = "bashkit")]
+#[command(author, version, about, long_about = None)]
+struct Args {
+    /// Execute the given command string
+    #[arg(short = 'c')]
+    command: Option<String>,
+
+    /// Script file to execute
+    #[arg()]
+    script: Option<PathBuf>,
+
+    /// Arguments to pass to the script
+    #[arg(trailing_var_arg = true)]
+    args: Vec<String>,
+}
+
+#[tokio::main]
+async fn main() -> Result<()> {
+    let args = Args::parse();
+
+    let mut bash = bashkit::Bash::new();
+
+    // Execute command string if provided
+    if let Some(cmd) = args.command {
+        let result = bash.exec(&cmd).await.context("Failed to execute command")?;
+        print!("{}", result.stdout);
+        if !result.stderr.is_empty() {
+            eprint!("{}", result.stderr);
+        }
+        std::process::exit(result.exit_code);
+    }
+
+    // Execute script file if provided
+    if let Some(script_path) = args.script {
+        let script = std::fs::read_to_string(&script_path)
+            .with_context(|| format!("Failed to read script: {}", script_path.display()))?;
+
+        let result = bash
+            .exec(&script)
+            .await
+            .context("Failed to execute script")?;
+        print!("{}", result.stdout);
+        if !result.stderr.is_empty() {
+            eprint!("{}", result.stderr);
+        }
+        std::process::exit(result.exit_code);
+    }
+
+    // Interactive REPL (not yet implemented)
+    eprintln!("bashkit: interactive mode not yet implemented");
+    eprintln!("Usage: bashkit -c 'command' or bashkit script.sh");
+    std::process::exit(1);
+}
diff --git a/crates/bashkit/src/error.rs b/crates/bashkit/src/error.rs
@@ -1,5 +1,6 @@
 //! Error types for BashKit
 
+use crate::limits::LimitExceeded;
 use thiserror::Error;
 
 /// Result type alias using BashKit's Error.
@@ -26,5 +27,5 @@ pub enum Error {
 
     /// Resource limit exceeded.
     #[error("resource limit exceeded: {0}")]
-    ResourceLimit(String),
+    ResourceLimit(#[from] LimitExceeded),
 }
diff --git a/crates/bashkit/src/interpreter/mod.rs b/crates/bashkit/src/interpreter/mod.rs
@@ -11,6 +11,7 @@ use std::sync::Arc;
 use crate::builtins::{self, Builtin};
 use crate::error::{Error, Result};
 use crate::fs::FileSystem;
+use crate::limits::{ExecutionCounters, ExecutionLimits};
 use crate::parser::{
     AssignmentValue, CaseCommand, Command, CommandList, CompoundCommand, ForCommand, FunctionDef,
     IfCommand, ListOperator, ParameterOp, Pipeline, Redirect, RedirectKind, Script, SimpleCommand,
@@ -42,6 +43,10 @@ pub struct Interpreter {
     functions: HashMap<String, FunctionDef>,
     /// Call stack for local variable scoping
     call_stack: Vec<CallFrame>,
+    /// Resource limits
+    limits: ExecutionLimits,
+    /// Execution counters for resource tracking
+    counters: ExecutionCounters,
 }
 
 impl Interpreter {
@@ -82,9 +87,16 @@ impl Interpreter {
             builtins,
             functions: HashMap::new(),
             call_stack: Vec::new(),
+            limits: ExecutionLimits::default(),
+            counters: ExecutionCounters::new(),
         }
     }
 
+    /// Set execution limits.
+    pub fn set_limits(&mut self, limits: ExecutionLimits) {
+        self.limits = limits;
+    }
+
     /// Set an environment variable.
     pub fn set_env(&mut self, key: &str, value: &str) {
         self.env.insert(key.to_string(), value.to_string());
@@ -122,6 +134,9 @@ impl Interpreter {
         command: &'a Command,
     ) -> std::pin::Pin<Box<dyn std::future::Future<Output = Result<ExecResult>> + Send + 'a>> {
         Box::pin(async move {
+            // Check command count limit
+            self.counters.tick_command(&self.limits)?;
+
             match command {
                 Command::Simple(simple) => self.execute_simple_command(simple, None).await,
                 Command::Pipeline(pipeline) => self.execute_pipeline(pipeline).await,
@@ -195,7 +210,13 @@ impl Interpreter {
             Vec::new()
         };
 
+        // Reset loop counter for this loop
+        self.counters.reset_loop();
+
         for value in values {
+            // Check loop iteration limit
+            self.counters.tick_loop(&self.limits)?;
+
             // Set loop variable
             self.variables
                 .insert(for_cmd.variable.clone(), value.clone());
@@ -261,7 +282,13 @@ impl Interpreter {
         let mut stderr = String::new();
         let mut exit_code = 0;
 
+        // Reset loop counter for this loop
+        self.counters.reset_loop();
+
         loop {
+            // Check loop iteration limit
+            self.counters.tick_loop(&self.limits)?;
+
             // Check condition
             let condition_result = self.execute_command_sequence(&while_cmd.condition).await?;
             if condition_result.exit_code != 0 {
@@ -326,7 +353,13 @@ impl Interpreter {
         let mut stderr = String::new();
         let mut exit_code = 0;
 
+        // Reset loop counter for this loop
+        self.counters.reset_loop();
+
         loop {
+            // Check loop iteration limit
+            self.counters.tick_loop(&self.limits)?;
+
             // Check condition
             let condition_result = self.execute_command_sequence(&until_cmd.condition).await?;
             if condition_result.exit_code == 0 {
@@ -660,6 +693,9 @@ impl Interpreter {
 
         // Check for functions first
         if let Some(func_def) = self.functions.get(&name).cloned() {
+            // Check function depth limit
+            self.counters.push_function(&self.limits)?;
+
             // Push call frame with positional parameters
             self.call_stack.push(CallFrame {
                 name: name.clone(),
@@ -668,13 +704,14 @@ impl Interpreter {
             });
 
             // Execute function body
-            let result = self.execute_command(&func_def.body).await?;
+            let result = self.execute_command(&func_def.body).await;
 
-            // Pop call frame
+            // Pop call frame and function counter
             self.call_stack.pop();
+            self.counters.pop_function();
 
             // Handle output redirections
-            return self.apply_redirections(result, &command.redirects).await;
+            return self.apply_redirections(result?, &command.redirects).await;
         }
 
         // Check for builtins

diff --git a/crates/bashkit/src/lib.rs b/crates/bashkit/src/lib.rs
@@ -21,10 +21,12 @@ mod builtins;
 mod error;
 mod fs;
 mod interpreter;
+mod limits;
 mod parser;
 
 pub use error::{Error, Result};
 pub use interpreter::ExecResult;
+pub use limits::{ExecutionCounters, ExecutionLimits, LimitExceeded};
 
 use std::collections::HashMap;
 use std::path::PathBuf;
@@ -76,6 +78,7 @@ pub struct BashBuilder {
     fs: Option<Arc<dyn FileSystem>>,
     env: HashMap<String, String>,
     cwd: Option<PathBuf>,
+    limits: ExecutionLimits,
 }
 
 impl BashBuilder {
@@ -97,6 +100,12 @@ impl BashBuilder {
         self
     }
 
+    /// Set execution limits.
+    pub fn limits(mut self, limits: ExecutionLimits) -> Self {
+        self.limits = limits;
+        self
+    }
+
     /// Build the Bash instance.
     pub fn build(self) -> Bash {
         let fs = self.fs.unwrap_or_else(|| Arc::new(InMemoryFs::new()));
@@ -110,6 +119,8 @@ impl BashBuilder {
             interpreter.set_cwd(cwd);
         }
 
+        interpreter.set_limits(self.limits);
+
         Bash { fs, interpreter }
     }
 }
@@ -783,4 +794,128 @@ mod tests {
             .unwrap();
         assert_eq!(result.stdout, "first second\n");
     }
+
+    // Resource limit tests
+
+    #[tokio::test]
+    async fn test_command_limit() {
+        let limits = ExecutionLimits::new().max_commands(5);
+        let mut bash = Bash::builder().limits(limits).build();
+
+        // Run 6 commands - should fail on the 6th
+        let result = bash.exec("true; true; true; true; true; true").await;
+        assert!(result.is_err());
+        let err = result.unwrap_err();
+        assert!(
+            err.to_string().contains("maximum command count exceeded"),
+            "Expected command limit error, got: {}",
+            err
+        );
+    }
+
+    #[tokio::test]
+    async fn test_command_limit_not_exceeded() {
+        let limits = ExecutionLimits::new().max_commands(10);
+        let mut bash = Bash::builder().limits(limits).build();
+
+        // Run 5 commands - should succeed
+        let result = bash.exec("true; true; true; true; true").await.unwrap();
+        assert_eq!(result.exit_code, 0);
+    }
+
+    #[tokio::test]
+    async fn test_loop_iteration_limit() {
+        let limits = ExecutionLimits::new().max_loop_iterations(5);
+        let mut bash = Bash::builder().limits(limits).build();
+
+        // Loop that tries to run 10 times
+        let result = bash.exec("for i in 1 2 3 4 5 6 7 8 9 10; do echo $i; done").await;
+        assert!(result.is_err());
+        let err = result.unwrap_err();
+        assert!(
+            err.to_string().contains("maximum loop iterations exceeded"),
+            "Expected loop limit error, got: {}",
+            err
+        );
+    }
+
+    #[tokio::test]
+    async fn test_loop_iteration_limit_not_exceeded() {
+        let limits = ExecutionLimits::new().max_loop_iterations(10);
+        let mut bash = Bash::builder().limits(limits).build();
+
+        // Loop that runs 5 times - should succeed
+        let result = bash.exec("for i in 1 2 3 4 5; do echo $i; done").await.unwrap();
+        assert_eq!(result.stdout, "1\n2\n3\n4\n5\n");
+    }
+
+    #[tokio::test]
+    async fn test_function_depth_limit() {
+        let limits = ExecutionLimits::new().max_function_depth(3);
+        let mut bash = Bash::builder().limits(limits).build();
+
+        // Recursive function that would go 5 deep
+        let result = bash
+            .exec("f() { echo $1; if [ $1 -lt 5 ]; then f $(($1 + 1)); fi; }; f 1")
+            .await;
+        assert!(result.is_err());
+        let err = result.unwrap_err();
+        assert!(
+            err.to_string().contains("maximum function depth exceeded"),
+            "Expected function depth error, got: {}",
+            err
+        );
+    }
+
+    #[tokio::test]
+    async fn test_function_depth_limit_not_exceeded() {
+        let limits = ExecutionLimits::new().max_function_depth(10);
+        let mut bash = Bash::builder().limits(limits).build();
+
+        // Simple function call - should succeed
+        let result = bash.exec("f() { echo hello; }; f").await.unwrap();
+        assert_eq!(result.stdout, "hello\n");
+    }
+
+    #[tokio::test]
+    async fn test_while_loop_limit() {
+        let limits = ExecutionLimits::new().max_loop_iterations(3);
+        let mut bash = Bash::builder().limits(limits).build();
+
+        // While loop with counter
+        let result = bash
+            .exec("i=0; while [ $i -lt 10 ]; do echo $i; i=$((i + 1)); done")
+            .await;
+        assert!(result.is_err());
+        let err = result.unwrap_err();
+        assert!(
+            err.to_string().contains("maximum loop iterations exceeded"),
+            "Expected loop limit error, got: {}",
+            err
+        );
+    }
+
+    #[tokio::test]
+    async fn test_default_limits_allow_normal_scripts() {
+        // Default limits should allow typical scripts to run
+        let mut bash = Bash::new();
+        // Avoid using "done" as a word after a for loop - it causes parsing ambiguity
+        let result = bash
+            .exec("for i in 1 2 3 4 5; do echo $i; done && echo finished")
+            .await
+            .unwrap();
+        assert_eq!(result.stdout, "1\n2\n3\n4\n5\nfinished\n");
+    }
+
+    #[tokio::test]
+    async fn test_for_followed_by_echo_done() {
+        // This specific case causes a parsing issue - "done" after for loop
+        // TODO: Fix the parser to handle "done" as a regular word after for loop ends
+        let mut bash = Bash::new();
+        let result = bash
+            .exec("for i in 1; do echo $i; done; echo ok")
+            .await
+            .unwrap();
+        assert_eq!(result.stdout, "1\nok\n");
+    }
 }