{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"github-open-webui--open-terminal","slug":"open-webui--open-terminal","name":"open-terminal","type":"api","url":"https://openterminal.sh/","page_url":"https://unfragile.ai/open-webui--open-terminal","categories":["cli-tools"],"tags":["agentic-ai","ai","ai-agents","ai-tools","open-webui"],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"github-open-webui--open-terminal__cap_0","uri":"capability://automation.workflow.background.command.execution.with.streaming.output","name":"background-command-execution-with-streaming-output","description":"Executes shell commands asynchronously via POST /execute endpoint and streams output to JSONL log files, tracking process state in an in-memory registry. Uses FastAPI background tasks to decouple command submission from execution, enabling agents to poll status or stream results without blocking. Each BackgroundProcess instance maintains PID, original command, ProcessRunner reference, and async log task that captures stdout/stderr separately or merged.","intents":["I need to run long-lived shell commands from an LLM agent without blocking the API response","I want to capture and stream command output (stdout/stderr) separately for debugging and logging","I need to check the status of a running command and retrieve its output incrementally"],"best_for":["AI agents orchestrating multi-step workflows with shell commands","automation platforms requiring non-blocking command execution","teams building agentic systems that need real-time process monitoring"],"limitations":["In-memory process registry is not persisted — processes lost on service restart","No built-in process timeout or resource limits — runaway commands can consume unbounded CPU/memory","JSONL log files stored locally — requires external log aggregation for distributed deployments","No native support for process groups or signal forwarding beyond SIGTERM"],"requires":["Python 3.11+","FastAPI application running (open_terminal.main:app)","Valid API key via Bearer token authentication","Shell environment with standard Unix utilities"],"input_types":["shell command string","environment variables (optional)","working directory path (optional)"],"output_types":["JSON status object with PID and command metadata","JSONL log file with stdout/stderr entries","exit code and process state"],"categories":["automation-workflow","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_1","uri":"capability://automation.workflow.interactive.pty.terminal.sessions.over.websocket","name":"interactive-pty-terminal-sessions-over-websocket","description":"Creates and manages interactive pseudo-terminal (PTY) sessions via WebSocket at /api/terminals/* endpoints, enabling real-time bidirectional communication between agents and shell environments. Each terminal session maintains its own process state, environment variables, and working directory. Uses WebSocket handlers to forward stdin/stdout/stderr in real-time, supporting interactive tools like editors, REPLs, and shell prompts that require immediate feedback.","intents":["I need to interact with a shell in real-time, sending commands and receiving output immediately","I want to run interactive tools (Python REPL, vim, git interactive rebase) from an AI agent","I need to maintain shell state across multiple commands in a single session"],"best_for":["agents requiring interactive shell workflows with immediate feedback","tools integrating with REPL environments (Python, Node.js, Ruby)","systems needing stateful shell sessions with environment persistence"],"limitations":["WebSocket connections are stateful and not horizontally scalable without session affinity","No built-in terminal multiplexing (tmux/screen) — each session is isolated","Terminal size negotiation requires explicit client-side handling of SIGWINCH signals","No session persistence — WebSocket disconnect terminates the PTY"],"requires":["Python 3.11+","WebSocket client library (e.g., websockets, aiohttp)","Valid API key via Bearer token in WebSocket handshake","PTY support in underlying OS (Linux/macOS/BSD)"],"input_types":["shell commands as text","terminal resize events (rows, columns)","raw stdin bytes"],"output_types":["stdout/stderr as text frames","exit code on session termination","terminal metadata (rows, columns)"],"categories":["automation-workflow","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_10","uri":"capability://safety.moderation.multi.user.mode.with.user.isolation","name":"multi-user-mode-with-user-isolation","description":"Supports multi-user deployments via X-User-Id header that scopes all operations (file access, process execution, terminal sessions) to individual users. Each user gets isolated filesystem views, separate background process registries, and independent terminal sessions. User isolation is enforced at the FastAPI dependency layer (get_filesystem() dependency) and propagated through all subsystems (ProcessRunner, TerminalSession, NotebookSession).","intents":["I need to run Open Terminal in a multi-tenant environment with user isolation","I want to prevent users from accessing each other's files and processes","I need to track resource usage and operations per user"],"best_for":["SaaS platforms hosting AI agents for multiple customers","shared infrastructure requiring strong user isolation","teams deploying Open Terminal as a multi-tenant service"],"limitations":["User isolation is logical (application-level) not OS-level — relies on correct implementation","No support for user groups or role-based access control","No per-user resource quotas — users can exhaust shared resources","User identity must be provided by external system — no built-in user management"],"requires":["Python 3.11+","X-User-Id header in all requests","External user authentication system","Separate filesystem directories per user"],"input_types":["X-User-Id header","user-scoped file paths and commands"],"output_types":["user-isolated results and state"],"categories":["safety-moderation","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_11","uri":"capability://automation.workflow.health.check.and.service.readiness.probing","name":"health-check-and-service-readiness-probing","description":"Exposes GET /health endpoint that returns service health status and readiness information, enabling load balancers and orchestration systems to detect when Open Terminal is ready to accept requests. Health check is lightweight and does not require authentication, making it suitable for frequent polling by infrastructure monitoring systems.","intents":["I need to monitor Open Terminal service health and readiness","I want load balancers to detect when the service is ready to accept traffic","I need to implement health-based auto-scaling and failover"],"best_for":["Kubernetes deployments requiring liveness/readiness probes","load-balanced deployments needing health monitoring","infrastructure teams implementing auto-scaling policies"],"limitations":["Health check does not validate backend dependencies (database, external APIs)","No detailed health metrics — only binary ready/not-ready status","No support for graceful shutdown signaling"],"requires":["Python 3.11+","No authentication required"],"input_types":[],"output_types":["JSON health status","HTTP 200 (healthy) or 503 (unhealthy)"],"categories":["automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_2","uri":"capability://safety.moderation.user.isolated.filesystem.abstraction.with.userfs","name":"user-isolated-filesystem-abstraction-with-userfs","description":"Provides multi-user file system isolation via UserFS abstraction layer that scopes all file operations to a user-specific directory based on X-User-Id header. Implemented as a dependency injection in FastAPI (get_filesystem() dependency), it intercepts all file reads/writes and enforces path normalization to prevent directory traversal attacks. Each user sees a sandboxed view of the filesystem rooted at their user directory.","intents":["I need to isolate file operations between different users in a multi-tenant deployment","I want to prevent agents from accessing files outside their assigned directory scope","I need to enforce filesystem boundaries without running separate processes per user"],"best_for":["multi-user SaaS platforms hosting AI agents","shared infrastructure requiring strong filesystem isolation","teams deploying Open Terminal in untrusted environments"],"limitations":["Isolation is logical (path-based) not OS-level — relies on correct path normalization to prevent escapes","No support for fine-grained permissions (read-only, write-only) — all-or-nothing per user","Symlinks and hard links can potentially bypass isolation if not carefully validated","No quota enforcement — users can exhaust disk space within their directory"],"requires":["Python 3.11+","X-User-Id header in all requests","Writable filesystem with separate directories per user","FastAPI application with dependency injection enabled"],"input_types":["file paths (relative or absolute)","user identifier (X-User-Id header)"],"output_types":["normalized, user-scoped file paths","filesystem access control decisions"],"categories":["safety-moderation","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_3","uri":"capability://data.processing.analysis.file.system.operations.with.archive.support","name":"file-system-operations-with-archive-support","description":"Exposes comprehensive file operations via /files/* REST endpoints including read, write, list, delete, and archive (tar/zip) operations. Implements atomic writes with temporary files to prevent corruption, supports streaming large file downloads, and provides directory listing with metadata (size, modification time, permissions). Archive operations support both creation and extraction with configurable compression formats.","intents":["I need to read and write files from an AI agent without direct filesystem access","I want to bulk download or upload multiple files as a compressed archive","I need to list directory contents with metadata for file discovery"],"best_for":["agents managing project files and configurations","automation workflows requiring file manipulation","systems needing safe, audited file access via HTTP"],"limitations":["No support for sparse files or special file types (sockets, devices)","Archive operations load entire archive into memory — large files (>1GB) may cause OOM","No built-in file locking — concurrent writes to same file may cause data loss","Streaming downloads require client-side handling of partial content (HTTP 206)"],"requires":["Python 3.11+","Valid API key via Bearer token","Sufficient disk space for write operations","tar/zip utilities available in container or host"],"input_types":["file paths","file content (text or binary)","archive format specification (tar, tar.gz, zip)"],"output_types":["file content as text or binary","directory listing as JSON","archive file (tar/zip)","operation status (success/error)"],"categories":["data-processing-analysis","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_4","uri":"capability://code.generation.editing.jupyter.notebook.execution.with.cell.isolation","name":"jupyter-notebook-execution-with-cell-isolation","description":"Executes Jupyter notebooks via /notebooks/* endpoints with per-cell execution tracking and output capture. Maintains notebook session state across multiple cell executions, enabling agents to run data analysis workflows. Each cell execution is tracked separately with input/output/error metadata, and the kernel state persists across requests, allowing subsequent cells to reference variables from previous cells.","intents":["I need to execute Python code in a Jupyter environment from an AI agent","I want to run data analysis workflows with persistent kernel state across multiple cells","I need to capture cell outputs and errors separately for debugging"],"best_for":["agents performing data analysis and scientific computing","automation workflows requiring Python code execution with state","systems integrating with Jupyter-based tools and libraries"],"limitations":["Kernel state is in-memory and lost on service restart","No support for multiple kernels per session — all cells share single Python process","Large outputs (>10MB) may cause memory issues or slow response times","No built-in timeout for long-running cells — can block the service"],"requires":["Python 3.11+","Jupyter kernel installed (ipykernel)","Valid API key via Bearer token","Sufficient memory for notebook kernel process"],"input_types":["notebook file path","cell code as string","cell execution index"],"output_types":["cell output (stdout/stderr)","execution result (JSON-serializable)","error traceback","notebook state metadata"],"categories":["code-generation-editing","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_5","uri":"capability://tool.use.integration.port.detection.and.http.proxying","name":"port-detection-and-http-proxying","description":"Detects open ports on the host via /ports endpoint and provides HTTP proxying via /proxy/* to forward requests to services running on those ports. Enables agents to discover and interact with services (web servers, APIs, databases) running locally without direct network access. Proxying handles request/response forwarding with header manipulation and connection pooling.","intents":["I need to discover what services are running on the host and their ports","I want to make HTTP requests to local services without direct network access","I need to interact with web applications running in the same environment"],"best_for":["agents orchestrating multi-service environments","systems requiring service discovery and inter-service communication","automation workflows that need to interact with local web services"],"limitations":["Port detection is OS-dependent and may not work in all container environments","Proxying only supports HTTP/HTTPS — no support for raw TCP/UDP sockets","No built-in authentication forwarding — proxied requests use agent's credentials","Large response bodies may cause memory issues if not streamed properly"],"requires":["Python 3.11+","Valid API key via Bearer token","Network access to localhost ports","netstat or equivalent port enumeration tool available"],"input_types":["port number","HTTP method (GET, POST, etc.)","request headers and body"],"output_types":["list of open ports with service metadata","HTTP response (status, headers, body)"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_6","uri":"capability://safety.moderation.api.key.authentication.with.constant.time.comparison","name":"api-key-authentication-with-constant-time-comparison","description":"Implements Bearer token authentication via verify_api_key() FastAPI dependency that validates API keys using constant-time comparison (hmac.compare_digest()) to prevent timing attacks. All endpoints except /health and /system require valid API key in Authorization header. Authentication is enforced at the dependency injection layer, making it transparent to endpoint handlers.","intents":["I need to secure the Open Terminal API from unauthorized access","I want to prevent timing-based attacks that could leak API key information","I need to enforce authentication across all endpoints except health checks"],"best_for":["production deployments of Open Terminal","systems requiring API security without external auth services","teams needing simple, stateless authentication"],"limitations":["No support for multiple API keys or key rotation — single shared key","No rate limiting or request throttling — vulnerable to brute force attacks","API key transmitted in plain HTTP headers — requires HTTPS in production","No audit logging of authentication failures or successful accesses"],"requires":["Python 3.11+","API key configured via environment variable or config file","HTTPS in production (not enforced by the application)","Bearer token format in Authorization header"],"input_types":["Authorization header with Bearer token"],"output_types":["authentication success/failure","401 Unauthorized response on failure"],"categories":["safety-moderation","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_7","uri":"capability://tool.use.integration.feature.discovery.via.config.endpoint","name":"feature-discovery-via-config-endpoint","description":"Exposes GET /api/config endpoint that returns feature flags and capability metadata, enabling clients to discover which features are enabled (e.g., notebook execution, multi-user mode, MCP server). Returns JSON with boolean flags for each feature, allowing agents to conditionally use capabilities based on server configuration without hardcoding assumptions.","intents":["I need to discover which features are enabled on this Open Terminal instance","I want to conditionally use capabilities based on server configuration","I need to handle gracefully when certain features are disabled"],"best_for":["agents that need to adapt to different server configurations","multi-tenant deployments with feature flags per tenant","systems requiring capability negotiation between client and server"],"limitations":["Feature flags are static at startup — no runtime feature toggling","No versioning information — clients cannot detect API version mismatches","No capability levels or tiers — only boolean enabled/disabled"],"requires":["Python 3.11+","Valid API key via Bearer token (optional for /api/config)"],"input_types":[],"output_types":["JSON object with feature flags","boolean values for each feature"],"categories":["tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_8","uri":"capability://memory.knowledge.llm.system.prompt.generation","name":"llm-system-prompt-generation","description":"Exposes GET /system endpoint that returns a system prompt describing Open Terminal's capabilities, API endpoints, and usage patterns. Designed for LLM context injection, the prompt includes endpoint descriptions, authentication requirements, and examples of common workflows. Enables LLMs to understand how to use Open Terminal without requiring external documentation.","intents":["I need to provide an LLM with context about Open Terminal's capabilities","I want to inject API documentation directly into the LLM's system prompt","I need to help the LLM understand how to use Open Terminal endpoints correctly"],"best_for":["LLM-based agents that need to understand Open Terminal's API","systems integrating Open Terminal into larger LLM workflows","teams building agentic systems with dynamic capability discovery"],"limitations":["System prompt is static — does not reflect runtime configuration or feature flags","No versioning — LLM may use outdated API documentation","Prompt length may exceed LLM context limits for large deployments","No support for custom prompts or localization"],"requires":["Python 3.11+","No authentication required (public endpoint)"],"input_types":[],"output_types":["text/plain system prompt","markdown-formatted documentation"],"categories":["memory-knowledge","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"github-open-webui--open-terminal__cap_9","uri":"capability://tool.use.integration.mcp.server.integration.for.tool.calling","name":"mcp-server-integration-for-tool-calling","description":"Implements a Model Context Protocol (MCP) server at open_terminal/mcp_server.py that exposes Open Terminal capabilities as MCP tools, enabling Claude and other MCP-compatible LLMs to call Open Terminal functions directly. The MCP server wraps REST endpoints as tool definitions with JSON schemas, allowing LLMs to invoke commands, file operations, and terminal sessions through the MCP protocol without manual HTTP calls.","intents":["I want Claude or other MCP-compatible LLMs to use Open Terminal directly","I need to expose Open Terminal capabilities as MCP tools with proper schemas","I want to enable LLMs to call Open Terminal functions without manual HTTP integration"],"best_for":["Claude-based agents requiring shell access and file operations","systems integrating Open Terminal with MCP-compatible LLMs","teams building agentic workflows with standardized tool calling"],"limitations":["MCP server requires separate process or integration — not bundled with main API","Tool schemas may not fully capture all API parameters or constraints","No support for streaming responses via MCP — large outputs may be truncated","Requires MCP-compatible LLM (Claude, etc.) — not compatible with OpenAI or other providers"],"requires":["Python 3.11+","MCP SDK installed","MCP-compatible LLM (Claude, etc.)","Valid API key for Open Terminal API"],"input_types":["MCP tool call requests with parameters"],"output_types":["MCP tool result with command output or file content","error responses with error codes"],"categories":["tool-use-integration","planning-reasoning"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":37,"verified":false,"data_access_risk":"high","permissions":["Python 3.11+","FastAPI application running (open_terminal.main:app)","Valid API key via Bearer token authentication","Shell environment with standard Unix utilities","WebSocket client library (e.g., websockets, aiohttp)","Valid API key via Bearer token in WebSocket handshake","PTY support in underlying OS (Linux/macOS/BSD)","X-User-Id header in all requests","External user authentication system","Separate filesystem directories per user"],"failure_modes":["In-memory process registry is not persisted — processes lost on service restart","No built-in process timeout or resource limits — runaway commands can consume unbounded CPU/memory","JSONL log files stored locally — requires external log aggregation for distributed deployments","No native support for process groups or signal forwarding beyond SIGTERM","WebSocket connections are stateful and not horizontally scalable without session affinity","No built-in terminal multiplexing (tmux/screen) — each session is isolated","Terminal size negotiation requires explicit client-side handling of SIGWINCH signals","No session persistence — WebSocket disconnect terminates the PTY","User isolation is logical (application-level) not OS-level — relies on correct implementation","No support for user groups or role-based access control","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.2757897044331222,"quality":0.34,"ecosystem":0.55,"match_graph":0.25,"freshness":0.75,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.1,"match_graph":0.28,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:22.063Z","last_scraped_at":"2026-04-22T08:02:06.281Z","last_commit":"2026-04-17T01:23:10Z"},"community":{"stars":2357,"forks":177,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=open-webui--open-terminal","compare_url":"https://unfragile.ai/compare?artifact=open-webui--open-terminal"}},"signature":"b+f1w/RoEm9yibna70zKK7tuLM43YgmSi5Amvs7Tt3MiwlVrDl1BezN91GFFpLJmaf/SBhaSqnZ34azzyWkDBw==","signedAt":"2026-06-20T14:06:59.428Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/open-webui--open-terminal","artifact":"https://unfragile.ai/open-webui--open-terminal","verify":"https://unfragile.ai/api/v1/verify?slug=open-webui--open-terminal","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}