agentskit.js
Tools

Built-in tools

Ship-ready tools — web, fetch, filesystem, shell.

ToolImportNotes
webSearch@agentskit/toolsBYO provider (Tavily, Brave, SerpAPI, etc.)
fetchUrl@agentskit/toolsHTTP GET + content extraction
filesystem@agentskit/toolsread/write/list, scoped to a root
shell@agentskit/toolsexec commands, sandbox-friendly
sqliteQueryTool@agentskit/toolsread-only SQL against a local SQLite file
slackTool@agentskit/toolspost to a Slack Incoming Webhook

#webSearch

import { webSearch, tavilyProvider } from '@agentskit/tools'

const tool = webSearch({ provider: tavilyProvider({ apiKey: process.env.TAVILY_API_KEY! }) })

#fetchUrl

import { fetchUrl } from '@agentskit/tools'

const tool = fetchUrl({ stripBoilerplate: true, maxBytes: 500_000 })

#filesystem

import { filesystem } from '@agentskit/tools'

const tool = filesystem({ root: '/tmp/agent-work', readonly: false })

#shell

import { shell, createMandatorySandbox } from '@agentskit/tools'

const tool = createMandatorySandbox(shell({ cwd: '/tmp/agent-work' }), {
  deny: ['rm -rf', 'sudo'],
  requireSandbox: true,
})

#sqliteQueryTool

import { sqliteQueryTool } from '@agentskit/tools'

const tool = sqliteQueryTool({ path: './data/app.db' })

Read-only by design — INSERT, UPDATE, DELETE, DROP, etc. are rejected. Returns up to 100 rows by default with a truncated flag; override with maxRows.

better-sqlite3 is an optional peer dependency — install it alongside this package:

npm install better-sqlite3

Safety note. SQL is the agent's input here, so prompt injection can produce data-exfiltration queries even though writes are blocked. Treat the database as read-by-the-LLM data and avoid pointing this tool at databases that hold secrets the agent shouldn't see.

#slackTool

import { slackTool } from '@agentskit/tools'

const tool = slackTool({ webhookUrl: process.env.SLACK_WEBHOOK_URL! })

Posts to a Slack Incoming Webhook. Schema: { text, channel?, username? }. Returns { ok, status } — non-2xx replies surface as ok: false rather than throwing, so a chatty agent can keep going after a transient failure. For workspace-scoped features (search, channel listing, threading), use the slack() integration which uses Bearer-token auth.

#Building custom integrations

All first-party integrations use the internal httpJson helper from packages/tools/src/integrations/http.ts. You can import it when authoring your own integration tool to get consistent error handling, timeout management, query-string encoding, and non-2xx → ToolError promotion for free.

import { httpJson, type HttpToolOptions } from '@agentskit/tools/integrations/http'

const result = await httpJson<{ id: string }>(
  {
    baseUrl: 'https://api.example.com',
    headers: { authorization: `Bearer ${token}` },
    timeoutMs: 10_000,
  },
  {
    method: 'POST',
    path: '/v1/items',
    body: { name: 'widget' },
  },
)

HttpToolOptions accepts baseUrl, headers, timeoutMs, and an optional fetch override for tests. Non-2xx responses throw a typed ToolError with the server payload attached — no manual status checks needed.

Explore nearby

✎ Edit this page on GitHub·Found a problem? Open an issue →·How to contribute →
Edit on GitHub

Authoring tools

Define, validate, compose, guard. One contract, multiple flavors.

Integrations

20+ ready-made connectors for the services agents actually need. Each follows the same contract — install, config, execute — and ships granular sub-tools alongside a bundled set.

On this page

webSearchfetchUrlfilesystemshellsqliteQueryToolslackToolBuilding custom integrationsRelated