Capabilities
Rscot Agent ships with 32 code tools and 10 SRE tools across two backends. The model picks which tool to call; you approve every write or destructive action via the diff-approval queue.
The 32 code tools
| Group | Tools |
|---|---|
| Filesystem (read) | read_file, list_dir, glob, grep, head_file, tail_file, stat_file |
| Filesystem (write) | write_file, edit_file, move_file, delete_file, make_dir |
| Code intelligence | find_symbol, find_references, outline, dependency_graph |
| Test & run | run_pytest, run_vitest, run_cargo_test, run_go_test, run_shell |
| Memory & planning | recall_memory, write_memory, plan, reflect, agent_self_eval |
| Network & web | web_search, fetch_url, verify_package |
| Misc | python_repl, summarize, stack_snapshot, gpu_probe |
The 10 SRE tools
| Tool | Backend | What it does |
|---|---|---|
ssh_exec | /api/ops/ssh | Run a command on an allow-listed host |
docker_compose | /api/ops/dc | up / down / restart / ps on a known compose file |
systemctl | /api/ops/svc | status / restart / reload of a service |
nginx_reload | /api/ops/nginx | Test then reload nginx config |
certbot_renew | /api/ops/cert | Renew a cert non-interactively |
tail_log | /api/ops/log | Last N lines of a known log file |
disk_usage | /api/ops/disk | df -h and du for a path |
port_check | /api/ops/port | TCP probe for host:port |
fetch_metrics | /api/ops/metrics | Prometheus / Telegraf scrape for a target |
journalctl | /api/ops/journal | Recent journal entries for a unit |
dry-run mode for the first 7 days post-install — the tool returns what it would have done without executing. Flip to live in Settings → Ops.
Prompt patterns
Six patterns that get the most leverage out of the agent. Copy, swap the path, send.
| Pattern | Example |
|---|---|
| Audit | @rscot-agent audit src/auth/ for missing error handling and propose patches. |
| Debug | @rscot-agent why is api-server returning 502? check nginx logs on prod-01. |
| Refactor | @rscot-agent refactor payments.py to extract the Stripe client into its own module. |
| Test-gen | @rscot-agent add a pytest case for the edge case you just fixed. |
| Upgrade | @rscot-agent bump fastapi to the latest 0.x, run tests, summarise breaking changes. |
| SRE | @rscot-agent show disk + memory usage on staging and flag anything above 80%. |
Authentication & tokens
X-CWA-Token model
Every request to /api/code-workspace/* carries a per-user token in the X-CWA-Token header. The token is minted at desktop-app first-launch (or IDE-extension install) and scopes the user's quota. Rotated automatically every 30 days.
# sample request POST /api/code-workspace/turn HTTP/1.1 Host: api.learningfind.com X-CWA-Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... Content-Type: application/json
The desktop app stores its token in the OS keychain (Windows Credential Manager / macOS Keychain / libsecret). The IDE integration issues a fresh, short-lived JWT per conversation via the OAuth handshake.
X-CWA-Token, the payload is a signed JWT with sub = user id, exp = 30 days, scope = code|ops. Signed with ES256, public key published at /.well-known/jwks.json.
Rate limits
| Tier | Code req/day | Ops req/day | Notes |
|---|---|---|---|
| Anonymous | 50 | 0 | Ops requires sign-in |
| Signed-in (GitHub OAuth) | 500 | 50 | Default tier |
| BYOK (your LLM key) | unlimited* | 50 | Backend quota; provider bill still applies |
* "Unlimited" against our backend — you still pay your LLM provider's bill directly.
First run
After install, the desktop app prompts you in three steps:
- Pick a folder. The agent only sees what's inside this folder. Change it any time from
Settings → Workspace. - Pick an LLM provider. Use the pooled free-tier key for trial, or paste your own key for production use.
- Sign in with GitHub. Optional — bumps your rate limit from 50 to 500 code requests per day.
Self-host playbook
The backend is open in the same repository. Self-host requires Docker, Postgres 15+, and Redis 7+. One box handles a small team comfortably.
# quick start git clone https://github.com/Gocodecc/<repo>.git cd <repo>/deploy cp .env.example .env # edit secrets docker compose up -d # verify curl http://localhost:8010/api/health
Full playbook (TLS, backups, blue-green deploys) ships in the deploy/ folder of the repository.
License
Rscot Agent is licensed under RSANC-1.0 (Read-Source, Allowed for NonCommercial use). Read the full text on GitHub →
In short:
- Free for personal use, internal research, and non-revenue side projects.
- Commercial deployment requires a paid commercial license — email
academic686@163.com. - Source is visible so you can audit; redistribution is constrained per the license text.