DocsToolsBuilt-in Tools

Built-in Tools

Ryvos ships with 12 built-in tools covering file operations, shell execution, web access, memory, and agent spawning. Each tool has a security tier, JSON schema input, and configurable timeout.

File Operations

read (T0)

Read file contents. Returns the full file or a line range.

{ "path": "src/main.rs", "start_line": 1, "end_line": 50 }

write (T2)

Create or overwrite a file.

{ "path": "output.txt", "content": "Hello, world!" }

edit (T2)

Line-based file editing — insert, replace, or delete lines.

{
  "path": "src/main.rs",
  "operations": [
    { "type": "replace", "start": 10, "end": 12, "content": "new code here" }
  ]
}

glob (T0)

Find files matching a glob pattern.

{ "pattern": "**/*.rs", "base_dir": "." }

grep (T0)

Full-text regex search across files.

{ "pattern": "fn main", "path": "src/", "include": "*.rs" }

apply_patch (T2)

Apply a unified diff patch to one or more files.

{ "patch": "--- a/file.rs\n+++ b/file.rs\n@@ -1,3 +1,3 @@\n-old\n+new" }

Shell

bash (T3)

Execute a shell command. This is the most powerful tool and has the most security controls:

{ "command": "cargo test --release" }
  • Passes through SecurityGate (tier + pattern detection + approval)
  • Optionally runs in Docker sandbox
  • Configurable timeout (default: 30s)
  • stdout and stderr captured

Web

web_fetch (T1)

Fetch a URL and return the content as markdown/text.

{ "url": "https://docs.rs/tokio/latest/tokio/" }

web_search (T1)

Search the web using Tavily API. Requires TAVILY_API_KEY.

{ "query": "rust async best practices 2025" }

Memory

memory_search (T0)

Full-text search across all session history using SQLite FTS5.

{ "query": "deployment configuration" }

memory_write (T1)

Write a persistent memory entry that persists across sessions.

{ "key": "project_context", "content": "This is a Rust workspace with 10 crates" }

Agents

spawn_agent (T3)

Spawn a child agent with its own session, tool set, and stricter security policy.

{
  "prompt": "Research the best Rust HTTP frameworks and write a comparison",
  "tools": ["web_search", "web_fetch", "read", "write"]
}

Child agents inherit a subset of tools and run under [security.sub_agent_policy] — typically T0 auto-approve only, deny above T2.

Tool Trait

All tools implement the same Rust trait:

pub trait Tool: Send + Sync + 'static {
    fn name(&self) -> &str;
    fn description(&self) -> &str;
    fn input_schema(&self) -> serde_json::Value;
    fn execute(&self, input: Value, ctx: ToolContext) -> BoxFuture<Result<ToolResult>>;
    fn timeout_secs(&self) -> u64 { 30 }
    fn requires_sandbox(&self) -> bool { false }
    fn tier(&self) -> SecurityTier { T1 }
}

This trait is also used by MCP bridged tools and drop-in skills.

Approval FlowCustom Tools