Stakpak 3.0 - CLI

Product Introduction

1. Definition: Stakpak 3.0 - CLI is an open-source, Rust-based DevOps agent designed for secure infrastructure management directly from the terminal or GitHub Actions workflows. It falls under the technical category of AI-powered DevOps automation tools.
2. Core Value Proposition: It enables developers to securely deploy, operate, and troubleshoot production infrastructure using AI, without exposing credentials or risking destructive operations. Its primary keywords include secure DevOps agent, AI infrastructure automation, and terminal-based operations.

Main Features

1. Secret Substitution:
   How it works: Uses dynamic tokenization to replace actual credentials (AWS keys, API tokens) with placeholders before sending data to LLMs. Integrates with vaults like HashiCorp Vault or 1Password. Ensures AI tools never access raw secrets.
2. Warden Guardrails:
   How it works: Implements network-level security policies via eBPF to block unauthorized or destructive commands (e.g., rm -rf /, terraform destroy). Policies are enforced pre-execution using kernel-level filtering.
3. DevOps Playbooks (Rulebooks):
   How it works: Curated markdown-based SOPs (e.g., deployment runbooks, incident response) stored via stakpak rulebooks apply. The AI references these during tasks, ensuring compliance with organizational policies.
4. Subagents Architecture:
   How it works: Launches specialized tools (e.g., code explorers, sandboxed analyzers) with restricted permissions using --enable-subagents. Each subagent runs in isolated environments with tool-specific access controls.
5. MCP (Modular Control Plane) Protocol:
   How it works: Secures tool-to-AI communication with mutual TLS (mTLS) encryption. Supports local-only, remote-AI, or hybrid modes (--tool-mode). Includes a proxy for multi-server management.

Problems Solved

1. Pain Point: Prevents accidental credential exposure by AI tools (e.g., leaking AWS keys in logs). Uses secret redaction and privacy mode to redact sensitive data like IPs and account IDs.
2. Target Audience:
   • DevOps engineers managing Kubernetes, Terraform, or cloud deployments.
   • Security teams requiring audit trails for AI-driven operations.
   • Developers automating CI/CD pipelines in GitHub Actions.
3. Use Cases:
   • Debugging production Kubernetes clusters without kubectl access risks.
   • Generating Terraform modules with embedded security policies.
   • Automating deployment rollbacks using version-controlled Rulebooks.

Unique Advantages

1. Differentiation vs. Competitors: Unlike generic AI agents (e.g., ChatGPT plugins), Stakpak enforces infrastructure-specific guardrails, supports BYOK/BYOM (Bring Your Own Keys/Models), and offers reversible file operations with automatic backups.
2. Key Innovation: Rust-based memory safety combined with kernel-level eBPF policies for zero-trust execution. The Agent Client Protocol (ACP) enables real-time, context-aware AI assistance in editors like Zed.

Frequently Asked Questions (FAQ)

1. How does Stakpak prevent AI from leaking credentials?
   Stakpak uses dynamic secret substitution, replacing actual credentials with tokens before AI processing, and enforces mTLS for all communications.
2. Can I use Stakpak with self-hosted LLMs like Llama 3?
   Yes, configure ~/.stakpak/config.toml to point to local OpenAI-compatible endpoints (e.g., LM Studio) via the provider = "local" setting.
3. Is Stakpak suitable for Kubernetes debugging?
   Absolutely. Its Subagents can run kubectl commands in sandboxed environments, analyze cluster state, and reference Rulebooks for troubleshooting playbooks.
4. What license does Stakpak use?
   Stakpak is fully open-source under the Apache 2.0 license, allowing commercial use and modification.
5. Does Stakpak support Windows for DevOps workflows?
   Yes, it includes WSL2 and Docker integration, with comprehensive testing for Windows CLI functionality.