-
-
Notifications
You must be signed in to change notification settings - Fork 17
Built in Tools
CortexPrism edited this page Jun 19, 2026
·
1 revision
CortexPrism ships with 43 built-in tools available to all agents. Tools are registered in src/tools/registry.ts via registerAllBuiltins() and gated through the security policy validator before execution.
| Tool | Description |
|---|---|
file_read |
Read file contents; auto-extracts PDF text; language detection for 40+ languages |
file_read_enhanced |
Enhanced reader with language detection, binary detection, large file warnings |
file_write |
Write or overwrite a file |
file_edit |
Exact string replacements in files |
file_patch |
Apply unified diff patches |
file_delete |
Delete a file or directory |
file_rename |
Rename or move a file |
file_copy |
Copy files or directories with overwrite protection |
file_move |
Move files/directories with overwrite protection |
file_list |
List directory contents with type markers |
file_tree |
Recursive tree view of directories |
file_info |
File/directory metadata (size, type, timestamps) |
file_search |
Regex search across file contents |
file_glob |
Find files matching glob patterns |
file_diff |
Compare two files with unified diff format |
file_undo |
Undo the last file change |
file_redo |
Redo a previously undone change |
All file tools support workspace: "agent"/"global" parameter for scoped operations. File edits are auto-committed to git with undo/redo support.
| Tool | Description |
|---|---|
shell |
Execute local shell commands — gated by policy validator and optional human approval |
Safety: Default deny rules block rm -rf /, fork bombs, direct disk writes, chmod 777 /.
| Tool | Description |
|---|---|
web_search |
Web search via DuckDuckGo |
web_search_enhanced |
Multi-provider search with intelligent fallback (Brave → Tavily → DuckDuckGo) |
web_fetch |
Fetch URL content as cleaned plain text (strips HTML, scripts, styles) |
web_fetch_enhanced |
Enhanced fetch with HTML-to-Markdown, retry with exponential backoff |
brave_search |
Web search via Brave Search API |
tavily_search |
Web search via Tavily API |
serpapi_search |
Web search via SerpAPI |
firecrawl |
Web scraping via Firecrawl |
docs_search |
Official library documentation search via Context7 (25+ libraries, 24h caching) |
| Tool | Description |
|---|---|
code_exec |
Run code in isolated Docker/gVisor containers with resource limits |
Supports Python, JavaScript, TypeScript, Bash, Ruby, Go, Rust. Network disabled by default. Auto-fix loop: LLM receives error feedback and retries (up to 4 rounds).
| Tool | Description |
|---|---|
browser |
Headless Playwright-powered browser automation — navigate, click, type, screenshot, snapshot, evaluate, wait |
Configurable timeout (30s). Actions gated through security supervisor for sensitive operations. Base64 PNG screenshot output and accessibility snapshots.
| Tool | Description |
|---|---|
git_push |
Stage, commit, and push to remote |
github_pr_create |
Create a pull request |
github_pr_list |
List pull requests |
github_issue_create |
Create an issue |
github_issue_list |
List issues |
| Tool | Description |
|---|---|
code_index |
Full repository indexing with incremental sync and file change detection |
code_search_symbol |
FTS5-backed symbol search across projects |
code_trace_path |
Bidirectional call graph traversal with depth limits and hotspot analysis |
code_get_architecture |
System architecture diagram extraction (layers, modules, dependencies) |
code_analyze_impact |
Blast radius analysis (callers, callees, dead code detection, complexity) |
code_list_projects |
Project registry with language stats and node/edge counts |
Uses tree-sitter WASM parser for 14+ languages. Full-text search via FTS5 on code_nodes.
| Tool | Description |
|---|---|
computer |
GUI automation — screenshot, click, type, key, scroll, mouse_move, drag, and 15+ actions |
Requires xvfb, xdotool, scrot on Linux. All actions gated through policy validator; sensitive data auto-blocked.
| Tool | Description |
|---|---|
sub_agent |
Spawn a typed child agent (explorer, coder, researcher, planner, generalist) |
node_dispatch |
Dispatch tasks to remote distributed nodes |
| Tool | Description |
|---|---|
memory_note |
Persist notes to episodic memory |
memory_search |
Search across episodic, semantic, reflection, and graph memory with hybrid (keyword + vector) search |
| Tool | Description |
|---|---|
db_query |
Read-only database querying across cortex/memory/lens/plugins/session databases |
json_query |
JSONPath-like expression support ( |
regex_utils |
Regular expression utilities — match, replace, test, split, exec |
env_manager |
Environment variable management with whitelist-based set security |
code_snippet |
Code block extraction from markdown with line numbers and language detection |
structured_extract |
LLM-powered entity/relationship extraction with JSON-Schema validation |
image_analyze |
Multimodal image analysis via 18+ LLM providers |
schedule |
Cron-based job scheduling with full lifecycle (create/list/cancel/status/due) |
| Tool | Description |
|---|---|
load_skill |
Load a skill by name (auto-records usage for quality tracking) |
skill_read |
Read/List skills with lifecycle and origin filtering |
skill_write |
Create/update/delete/merge/promote/deprecate skills with 8 operations |
| Tool | Description |
|---|---|
speak |
Text-to-speech via configured TTS provider |
listen |
Speech-to-text via configured STT provider |
| Tool | Description |
|---|---|
dashboard_manage |
CRUD operations on dashboard widgets (list, add, remove, update) |
Every tool implements:
interface Tool {
definition: ToolDefinition;
execute(args: Record<string, unknown>, ctx: ToolContext): Promise<ToolCallResult>;
}
interface ToolDefinition {
name: string;
description: string;
params: ToolParam[];
capabilities: ToolCapability[];
}Every tool call passes through the security system before execution:
Agent → Tool Intent → Policy Validator → (Sensitive Data?) → LLM Supervisor → Human Approval → Executor
- Policy validator — regex allow/deny rules evaluated against every shell command, file path, and network request
- LLM supervisor — sensitive data access (memory_search, db_query, browser screenshots) requires approval from a fast LLM with decision caching and human escalation
- Human approval — CLI prompts and Web UI modal for uncertain/unapproved access requests
- Security — Parallax policy validator and LLM supervisor
- Security Supervisor — 3-layer access control architecture
- Agent Loop — How tools integrate into the agent lifecycle
- Plugin System — Adding custom tools via plugins
- Adding a Tool — Step-by-step guide for new tools
CortexPrism — Open-source agentic AI harness · MIT License · Built with Deno 2.x + TypeScript
- Agent Loop
- Metacognition
- Memory System
- Skills System
- Sub-Agents
- Built-in Tools
- Code Intelligence
- Code Sandbox
- Cross-Agent Context Protocol
- Prompt Lab
- PKM Assistant
- Voice Pipeline
- Computer Use
- Browser Tool
- Git & GitHub
- Scheduler & Jobs
- Dashboard
- Observability