Hosts and Actions
Infra SSH is host-aware and action-driven.
Host Inventory
Each host entry carries enough metadata that agents do not need to guess capabilities.
| Field | Meaning |
|---|---|
hostId | stable logical host name |
displayName | operator-facing label |
role | functional role in the estate |
reachable | current connectivity state |
supportsDocker | whether Docker actions make sense |
supportsSystemd | whether system service actions make sense |
supportsSudo | whether privileged escalation is available |
preferredRoots | allowed working roots and safe file anchors |
notes | operator hints |
Action Model
Each action declares:
iddescriptioncategoryriskLevelallowedHostsrequiresApproval- typed input schema
- rendered command or executor
Why Named Actions
Named actions are the core safety boundary.
They let the platform expose:
- system health checks
- Docker inspections
- client-specific service checks (e.g. "is the TessarAct API up?")
- platform-specific host actions
without exposing:
- raw shell execution
- arbitrary
sudo - arbitrary
docker - arbitrary interpreter access
Current Tool Family
The built-in MCP family is:
infra_ssh_list_hostsinfra_ssh_list_actionsinfra_ssh_run_actioninfra_ssh_get_admin_sessioninfra_ssh_begin_admin_sessioninfra_ssh_end_admin_sessioninfra_ssh_list_filesinfra_ssh_download_fileinfra_ssh_upload_fileinfra_ssh_delete_fileinfra_ssh_list_forward_servicesinfra_ssh_open_forwardinfra_ssh_close_forward