Tools are how an ArgentOS agent takes action. When the agent needs to run a command, search the web, recall a memory, or manage a task, it invokes a tool. Each tool is defined as a JSON schema, validated at runtime, and governed by the agent’s intent policies and sandbox mode.
The agent selects tools automatically based on conversational context. You do not need to tell it which tool to use — ask for what you need and the agent routes to the right capability.
File & Code read, write, edit, bash, glob, grep — full filesystem and shell access
Web & Research browser, web_search, web_fetch, firecrawl — browse, search, scrape
Memory memory_store, memory_recall, memory_timeline — persistent agent memory
Tasks tasks — 15+ actions for full task lifecycle management
Knowledge & Library knowledge_search, knowledge_ingest, knowledge_collections — RAG library with ACL
Communication outbound_message, channel_send — multi-channel delivery
Media & Display sag, image_gen, doc_panel, canvas — speech, images, document panels
System & Config os_docs, health, config, gateway, backup — system operations
Marketplace marketplace_search, marketplace_install, marketplace_publish — package management
File & Code Tool Description readRead file contents from disk writeCreate or overwrite a file editApply targeted edits to an existing file bashExecute shell commands and scripts globFind files by pattern matching grepSearch file contents with regex
Web & Research Tool Description browserAutomate web browsing — navigate, click, extract content web_searchSearch the web via configured search provider web_fetchFetch a URL and return its content (with Firecrawl fallback) firecrawlDeep web scraping and crawling via Firecrawl API
Memory Tool Description memory_storeSave observations, facts, or context to persistent memory (MemU) memory_recallSearch and retrieve from memory using hybrid FTS + vector search memory_timelineBrowse memory chronologically with filtering
Tasks Tool Description tasksFull task management — create, list, start, complete, block, prioritize, assign dependencies, organize into projects. 15+ actions in a single tool.
Knowledge & Library Tool Description knowledge_searchSearch the RAG knowledge library (hybrid vector + BM25, ACL-scoped) knowledge_ingestIngest documents into knowledge collections (PDF, DOCX, XLSX, text) knowledge_collectionsManage collections, grants, and access control
Communication & Channels Tool Description outbound_messageSend messages through the outbound pipeline (multi-channel delivery) channel_sendSend to a specific channel (Telegram, Discord, Slack, WhatsApp)
Tool Description sagSpeech audio generation (text-to-speech via ElevenLabs or local) image_genGenerate images via configured provider doc_panelOpen documents in the dashboard slide-out panel canvasSend content to external node device screens
System & Configuration Tool Description os_docsRead ArgentOS documentation and guides healthCheck system health, gateway status, and service connectivity configRead or update agent configuration gatewayInteract with the gateway control plane backupTrigger or manage Phoenix backups (local/S3/R2)
Marketplace Tool Description marketplace_searchSearch the AOS Marketplace for packages marketplace_installInstall a package from the marketplace marketplace_publishPublish a package to the marketplace
Automation & Scheduling Tool Description cronManage scheduled jobs (create, list, enable, disable) webhooksRegister and manage inbound webhook triggers
Project Management Tool Description specforgeKick off the SpecForge project intake workflow — type gating, interviews, drafts, approval, and execution
Tools are selected by the LLM based on context. The flow:
LLM returns a tool call
The LLM returns a tool_use block with the tool name and input parameters.
Schema validation
The agent runtime validates input against the tool’s JSON schema.
Policy and sandbox check
Intent policies and sandbox mode are checked.
Tool executes
The tool handler executes and returns a result.
Result feeds back
The result feeds back to the LLM as a tool_result block.
You can guide tool selection by being specific (“search my memory for…” or “create a task to…”), but explicit tool names are never required.
The Intent System controls which tools an agent can use. Intent policies define allowedActions and requiresHumanApproval lists that restrict tool access at three levels:
Global — baseline restrictions for all agentsDepartment — narrowed per department (e.g., Support agents cannot use bash)Agent — per-agent overrides (most restrictive wins)
Policies are monotonic: child levels can only tighten constraints, never loosen them. If Global allows a tool but the Department policy removes it, no agent in that department can use it.
Sandbox Modes Tool execution is gated by the agent’s security mode:
Mode Behavior Unrestricted All tools available, no approval needed Sandboxed Destructive tools (file writes, bash, outbound messages) require user approval Locked Only safe, read-only tools (memory recall, task listing, search) are available
See Sandboxing for configuration details.
Plugins can register new tools at startup. See Plugins .Skills bundle tools with prompts into loadable capability packages. See Skills . 