| description | All built-in tools — file, search, shell, git, web, memory, subagent, think, environment, task, code execution, clipboard, question, diff/patch, batch-edit, usage, encoding/crypto, and Tailscale tools — with parameters and examples. |
|---|
JD.AI provides a set of built-in tools that the AI agent invokes automatically during conversations. Each tool call is confirmed before execution unless overridden by /autorun, /permissions, or the --dangerously-skip-permissions CLI flag.
Tools are grouped into twenty-seven categories: File, Search, Shell, Exec/Process Sessions, Git, Web, Web Search, Memory, Subagent, Think, Environment, Tasks, Code Execution, Clipboard, Questions, Diff/Patch, Batch Edit, Usage Tracking, Encoding & Crypto, Tailscale Integration, Multimodal, Code Execution (Sandboxed), Task Management, Scheduling, Notebook, Capability Introspection, and Policy/Governance.
| Function | Description |
|---|---|
read_file |
Read file contents with an optional line range. |
write_file |
Write content to a file, creating it if it does not exist. |
edit_file |
Replace exactly one occurrence of oldStr with newStr. |
list_directory |
Produce a tree-like directory listing. |
read_file—path(string),startLine(int?, optional, 1-based),endLine(int?, optional,-1for EOF).write_file—path(string),content(string).edit_file—path(string),oldStr(string),newStr(string).list_directory—path(string?, defaults to cwd),maxDepth(int, default2).
> read the first 20 lines of Program.cs
⚡ Tool: read_file(path: "Program.cs", startLine: 1, endLine: 20)
| Function | Description |
|---|---|
grep |
Regex search across file contents. |
glob |
Find files matching a glob pattern. |
grep—pattern(string),path(string?, default cwd),glob(string?, file filter),context(int, default0),ignoreCase(bool, defaultfalse),maxResults(int, default50).glob—pattern(string, e.g.**/*.cs),path(string?, default cwd).
> find all files that reference ILogger
⚡ Tool: grep(pattern: "ILogger", glob: "**/*.cs")
| Function | Description |
|---|---|
run_command |
Execute a shell command and capture its output. |
run_command—command(string),cwd(string?, default cwd),timeoutSeconds(int, default60).
> run the tests
⚡ Tool: run_command(command: "dotnet test", timeoutSeconds: 120)
| Function | Description |
|---|---|
exec |
Execute a command in foreground or background with process-session tracking. |
process |
Manage process sessions via list, poll, log, write, kill, clear, remove. |
exec—command(string),cwd(string?, default cwd),yieldMs(int, default250),background(bool, defaultfalse),timeoutMs(int, default60000,0disables timeout),pty(bool, defaultfalse),host(string, currently only"local").process—action(string),id(string?, required for single-session actions),input(string?, forwrite),yieldMs(int, poll wait),maxChars(int, default4000),force(bool, forclear/remove).
> start tests in background
⚡ Tool: exec(command: "dotnet test", background: true, yieldMs: 500)
> poll that process
⚡ Tool: process(action: "poll", id: "proc-000001", yieldMs: 1000)
> fetch latest logs
⚡ Tool: process(action: "log", id: "proc-000001", maxChars: 8000)
| Function | Description |
|---|---|
git_status |
Show working-tree status. |
git_diff |
Show differences between commits, index, or working tree. |
git_log |
Display recent commit history. |
git_commit |
Stage all changes and create a commit. |
git_push |
Push commits to the remote repository. |
git_pull |
Pull changes from the remote repository. |
git_branch |
List, create, or delete branches. |
git_checkout |
Switch branches or restore working tree files. |
git_stash |
Stash or restore uncommitted changes. |
git_status—path(string?, default cwd).git_diff—target(string?, e.g."main","--staged"),path(string?).git_log—count(int, default10),path(string?).git_commit—message(string),path(string?).git_push—remote(string, default"origin"),branch(string?, default current branch),path(string?).git_pull—remote(string, default"origin"),branch(string?, default current branch),path(string?).git_branch—name(string?, omit to list),delete(bool, defaultfalse),path(string?).git_checkout—target(string, branch/SHA/file),createNew(bool, defaultfalse),path(string?).git_stash—action(string:"push","pop","list","drop", default"push"),message(string?, optional),path(string?).
> push the changes to origin
⚡ Tool: git_push(remote: "origin")
> create a new feature branch
⚡ Tool: git_checkout(target: "feat/new-feature", createNew: true)
> stash my current changes
⚡ Tool: git_stash(action: "push", message: "WIP before refactor")
| Function | Description |
|---|---|
web_fetch |
Fetch a URL and return its content as readable text. |
web_fetch—url(string),maxLength(int, default5000).
| Function | Description |
|---|---|
web_search |
Search the web for current information. |
web_search—query(string),count(int, default5, max10).
> search for the latest .NET 9 breaking changes
⚡ Tool: web_search(query: ".NET 9 breaking changes", count: 5)
| Function | Description |
|---|---|
memory_store |
Store text in semantic memory for later retrieval. |
memory_search |
Search semantic memory by natural-language query. |
memory_forget |
Remove a memory entry by its ID. |
memory_store—text(string),category(string?, optional).memory_search—query(string),maxResults(int, default5).memory_forget—id(string).
> remember that the API key is stored in Azure Key Vault
⚡ Tool: memory_store(text: "API key is stored in Azure Key Vault", category: "architecture")
| Function | Description |
|---|---|
spawn_agent |
Spawn a specialized subagent for a focused task. |
spawn_team |
Orchestrate a team of cooperating agents. |
query_team_context |
Query the team's shared scratchpad. |
spawn_agent—type(explore/task/plan/review/general),prompt(string),mode("single"or"multi").spawn_team—strategy(sequential/fan-out/supervisor/debate),agents(JSON array),goal(string),multiTurn(bool).query_team_context—key(string — a key name,"events", or"results").
> review the changes in this PR
⚡ Tool: spawn_agent(type: "review", prompt: "Review the staged changes", mode: "single")
| Function | Description |
|---|---|
think |
Scratchpad for reasoning — no side effects. |
The think tool lets the agent plan, reason through trade-offs, or organize multi-step approaches without executing any actions. It simply returns the thought back as a structured note.
think—thought(string).
⚡ Tool: think(thought: "The user wants to refactor auth. I should first check the current implementation, then propose changes.")
| Function | Description |
|---|---|
get_environment |
Returns OS, architecture, runtime, disk space, and tooling versions. |
get_environment—includeEnvVars(bool, defaultfalse). Whentrue, includes environment variables with secrets automatically masked.
> what system am I running on?
⚡ Tool: get_environment(includeEnvVars: false)
| Function | Description |
|---|---|
create_task |
Create a tracked work item with priority. |
list_tasks |
List tasks, optionally filtered by status. |
update_task |
Update a task's status, title, or description. |
complete_task |
Mark a task as done. |
export_tasks |
Export all tasks as JSON. |
create_task—title(string),description(string?, optional),priority("low"/"medium"/"high", default"medium").list_tasks—status(string?, filter:"pending","in_progress","done","blocked").update_task—id(string, e.g."task-1"),status(string?),title(string?),description(string?).complete_task—id(string).export_tasks— no parameters.
> track the remaining work
⚡ Tool: create_task(title: "Add unit tests for AuthService", priority: "high")
⚡ Tool: create_task(title: "Update README with new endpoints", priority: "medium")
⚡ Tool: list_tasks()
| Function | Description |
|---|---|
execute_code |
Run a code snippet in C#, Python, Node.js, Bash, or PowerShell. |
execute_code—language(string:"csharp","python","node","bash","powershell"),code(string),timeoutSeconds(int, default30, max300).
Temporary files are created in the system temp directory and automatically cleaned up after execution. Processes that exceed the timeout are killed.
> test this regex in python
⚡ Tool: execute_code(language: "python", code: "import re; print(re.findall(r'\\d+', 'abc 123 def 456'))")
| Function | Description |
|---|---|
read_clipboard |
Read text from the system clipboard. |
write_clipboard |
Write text to the system clipboard. |
Cross-platform support: uses PowerShell/clip on Windows, pbcopy/pbpaste on macOS, and xclip/xsel on Linux.
read_clipboard— no parameters.write_clipboard—text(string).
> paste what's on my clipboard
⚡ Tool: read_clipboard()
| Function | Description |
|---|---|
ask_questions |
Present a structured questionnaire to the user and collect validated answers. |
ask_questions—questionsJson(string, JSON). The JSON should contain anAskQuestionsRequestwithtitle,context,questions[](each withkey,prompt,type,required,options[],validation),allowCancel, andsubmitLabel.
| Type | Description |
|---|---|
text |
Free-form text input |
confirm |
Yes/no confirmation |
singleSelect |
Pick one option from a list |
multiSelect |
Pick multiple options from a list |
number |
Numeric input with optional min/max bounds |
⚡ Tool: ask_questions(questionsJson: "{\"title\":\"Project Setup\",\"questions\":[{\"key\":\"name\",\"prompt\":\"Project name?\",\"type\":\"text\",\"required\":true}]}")
Create and apply structured text patches across files. The create_patch tool generates unified diff output for review, while apply_patch performs atomic multi-file text replacements — if any edit fails validation, no files are modified.
create_patch—editsJson(string, JSON array of{path, oldText, newText}). Returns a unified diff showing proposed changes without modifying files.apply_patch—editsJson(string, JSON array of{path, oldText, newText}). Validates all edits first, then applies atomically. Returns an error if anyoldTextis not found (no files are modified).
⚡ Tool: create_patch(editsJson: "[{\"path\":\"src/Config.cs\",\"oldText\":\"Timeout = 30\",\"newText\":\"Timeout = 60\"}]")
→ --- a/src/Config.cs
+++ b/src/Config.cs
@@ -12,1 +12,1 @@
-Timeout = 30
+Timeout = 60
Apply multiple text replacements across one or more files in a single atomic operation. All edits are validated before any files are written — if any oldText is not found, no files are modified. Multiple edits to the same file are applied sequentially in order.
batch_edit_files—editsJson(string, JSON array of{path, oldText, newText}). Groups edits by file, validates all, then writes atomically.
⚡ Tool: batch_edit_files(editsJson: "[{\"path\":\"src/App.cs\",\"oldText\":\"v1\",\"newText\":\"v2\"},{\"path\":\"src/Config.cs\",\"oldText\":\"old\",\"newText\":\"new\"}]")
→ Applied 2 edit(s) across 2 file(s):
src/App.cs: 1 edit(s)
src/Config.cs: 1 edit(s)
Track token usage and estimated costs for the current session. The agent loop can record usage after each turn, and the get_usage tool provides a summary with cost estimates across common model pricing tiers.
get_usage— No parameters. Returns session token counts (prompt, completion, total), tool call count, turn count, and estimated costs for several model pricing tiers.reset_usage— No parameters. Resets all session usage counters to zero.
Encoding, decoding, hashing, and cryptographic utility tools for common developer operations.
| Function | Description |
|---|---|
encode_base64 |
Encode text to Base64. |
decode_base64 |
Decode a Base64-encoded string back to plain text. |
encode_url |
URL-encode a string for safe use in URLs and query parameters. |
decode_url |
Decode a URL-encoded string back to plain text. |
decode_jwt |
Decode a JWT token to inspect its header and payload. |
hash_compute |
Compute a cryptographic hash of the input text. |
generate_guid |
Generate one or more GUIDs/UUIDs (v4). |
encode_base64—text(string),urlSafe(bool, defaultfalse). WhenurlSafeistrue, outputs URL-safe Base64 without padding.decode_base64—encoded(string). Handles both standard and URL-safe Base64 automatically.encode_url—text(string). Returns percent-encoded string safe for query parameters.decode_url—encoded(string). Reverses percent-encoding.decode_jwt—token(string). Decodes and pretty-prints the header, payload, and common claims (sub, iss, aud, exp, iat, nbf).hash_compute—text(string),algorithm(string, defaultsha256). Supported:sha256,sha512,sha384,sha1,md5.generate_guid—count(int, default1, max20). Generates version 4 UUIDs.
> encode this string to base64
⚡ Tool: encode_base64(text: "Hello, World!")
> decode this JWT without verifying the signature
⚡ Tool: decode_jwt(token: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...")
> hash the password with SHA-256
⚡ Tool: hash_compute(text: "my-secret", algorithm: "sha256")
> generate a unique ID
⚡ Tool: generate_guid(count: 1)
Warning
decode_jwt does not verify the token signature. Use it for inspection and debugging only, not for authentication decisions.
Warning
MD5 and SHA1 are cryptographically weak. Avoid using them for security-sensitive workflows — prefer SHA256 or SHA512.
Tools for Tailscale integration: status detection, Tailnet machine discovery, remote orchestration, and credential configuration.
| Function | Description |
|---|---|
tailscale_status |
Check Tailscale installation, authentication status, current Tailnet, and local node identity. |
tailscale_machines |
List all machines on the Tailnet with name, OS, online status, and addresses. |
tailscale_configure |
Configure Tailscale API credentials for machine discovery and remote orchestration. |
tailscale_runner_probe |
Check if a jdai-runner service is available on a specific Tailnet machine. |
tailscale_export |
Export Tailscale configuration, discovered machines, and runner status as JSON. |
Tailscale tools require one of the following:
- Tailscale CLI installed and authenticated (
tailscale up) — used for local discovery viatailscale status --json. - API credentials configured via
tailscale_configure— used for remote API-based discovery when the CLI is not available.
tailscale_status—configDir(string?, default~/.jdai). Returns CLI availability, API credential status, local node hostname, Tailscale IP, and backend state.tailscale_machines—filter(string?,"online","offline", or"all", default"all"),tag(string?, e.g."tag:server"),configDir(string?, default~/.jdai).tailscale_configure—tailnet(string, e.g."example.com"),authMethod(string,"oauth"or"api-key"),credential(string),clientSecret(string?, required for OAuth),configDir(string?, default~/.jdai). Stores credentials to~/.jdai/tailscale.json.tailscale_runner_probe—target(string, hostname or Tailscale IP),port(int, default18789),configDir(string?, default~/.jdai).tailscale_export—configDir(string?, default~/.jdai). Returns a JSON document with CLI status, API config, machine list, and summary counts.
> check tailscale status
⚡ Tool: tailscale_status()
> list all machines on my tailnet
⚡ Tool: tailscale_machines(filter: "online")
> list only machines tagged as servers
⚡ Tool: tailscale_machines(tag: "tag:server")
> probe runner availability on build-agent-01
⚡ Tool: tailscale_runner_probe(target: "build-agent-01")
> export machine inventory for CI
⚡ Tool: tailscale_export()
A typical Tailscale orchestration workflow:
- Discover machines —
tailscale_machines()to see what's on the Tailnet. - Probe runner availability —
tailscale_runner_probe(target: "hostname")for each candidate host. - Export for automation —
tailscale_export()to produce JSON suitable for CI pipelines.
- Store Tailscale API keys and OAuth secrets using environment variables (
TAILSCALE_API_KEY,TAILSCALE_OAUTH_CLIENT_ID,TAILSCALE_OAUTH_CLIENT_SECRET) rather than in~/.jdai/tailscale.jsonwhen possible. - Use OAuth with least-privilege scopes rather than full API keys.
- Rotate credentials periodically and remove unused API keys from the Tailscale admin console.
| Function | Description |
|---|---|
capture_screenshot |
Capture a screenshot of the current screen or a specific window. |
analyze_image |
Analyse an image file and describe its contents. |
describe_image |
Generate a natural-language description of a provided image path or URL. |
capture_screenshot—target(string?,"screen"or window title, default"screen"),outputPath(string?, saves to temp if omitted).analyze_image—path(string, local file or URL),prompt(string?, optional analysis instruction).describe_image—path(string, local file or URL),detail(string?,"low"/"high", default"high").
> take a screenshot and describe what you see
⚡ Tool: capture_screenshot()
⚡ Tool: analyze_image(path: "/tmp/screenshot.png", prompt: "What UI elements are visible?")
Sandboxed process execution with isolated language runtimes. Unlike the inline execute_code tool, these runners launch full interpreter processes in a sandboxed working directory with file I/O support and longer timeouts.
| Function | Description |
|---|---|
run_python |
Execute a Python script file or inline code in an isolated process. |
run_node |
Execute a Node.js script file or inline code in an isolated process. |
run_bash |
Execute a bash/shell script in an isolated sandbox. |
run_python—code(string),args(string[]?, optional CLI args),cwd(string?, sandbox dir),timeoutSeconds(int, default60),packages(string[]?, pip-install before run).run_node—code(string),args(string[]?, optional),cwd(string?, sandbox dir),timeoutSeconds(int, default60),packages(string[]?, npm-install before run).run_bash—script(string),cwd(string?, sandbox dir),timeoutSeconds(int, default60),env(object?, extra environment variables).
> run a data analysis script with pandas
⚡ Tool: run_python(code: "import pandas as pd\ndf = pd.read_csv('data.csv')\nprint(df.describe())", packages: ["pandas"])
Higher-level project task management with assignment, ownership, and due-date tracking. Complements the basic task-tracking tools with team-oriented workflow features.
| Function | Description |
|---|---|
assign_task |
Assign a task to a team member or agent. |
set_due_date |
Set or update a due date on an existing task. |
list_assigned_tasks |
List tasks assigned to a specific owner. |
get_task_summary |
Return a project summary: counts by status, overdue items, and upcoming deadlines. |
assign_task—id(string),owner(string, username or agent name).set_due_date—id(string),dueDate(string, ISO 8601 date).list_assigned_tasks—owner(string),status(string?, filter).get_task_summary— no parameters.
> assign the auth task to alice with a deadline
⚡ Tool: assign_task(id: "task-3", owner: "alice")
⚡ Tool: set_due_date(id: "task-3", dueDate: "2025-08-01")
Cron-style job scheduling for one-time and recurring tasks. Jobs are persisted to the agent's store and survive restarts.
| Function | Description |
|---|---|
schedule_job |
Schedule a command or workflow to run at a specified time or on a cron expression. |
list_jobs |
List all scheduled jobs with their next run time and status. |
cancel_job |
Cancel a scheduled job by ID. |
get_job_status |
Retrieve the last execution status and output of a job. |
schedule_job—name(string),command(string),schedule(string, ISO 8601 datetime or cron expression like"0 9 * * 1-5"),recurring(bool, defaultfalse),description(string?, optional).list_jobs—status(string?,"pending","running","completed","failed", or"all", default"all").cancel_job—id(string).get_job_status—id(string).
> run the nightly build every weekday at 2am
⚡ Tool: schedule_job(name: "nightly-build", command: "dotnet build", schedule: "0 2 * * 1-5", recurring: true)
> list all scheduled jobs
⚡ Tool: list_jobs()
Jupyter notebook integration for cell-by-cell execution, variable inspection, and output capture.
| Function | Description |
|---|---|
notebook_open |
Open a Jupyter notebook file and load its cells into the current session. |
notebook_run_cell |
Execute a specific cell by index and return its output. |
notebook_run_all |
Execute all cells in order and return a summary of outputs. |
notebook_get_vars |
Inspect the current kernel variable namespace. |
notebook_export |
Export the notebook with all outputs to a file (.ipynb or .html). |
notebook_open—path(string,.ipynbfile path).notebook_run_cell—index(int, 0-based cell index),code(string?, override cell source),timeoutSeconds(int, default30).notebook_run_all—timeoutSeconds(int per cell, default30),stopOnError(bool, defaulttrue).notebook_get_vars—filter(string?, regex pattern to filter variable names).notebook_export—path(string, output file path),format(string,"ipynb"or"html", default"ipynb").
> open the analysis notebook and run all cells
⚡ Tool: notebook_open(path: "analysis/explore.ipynb")
⚡ Tool: notebook_run_all(stopOnError: false)
Query model and runtime capabilities such as context window size, vision support, and tool-calling availability.
| Function | Description |
|---|---|
get_capabilities |
Return the capabilities of the currently active model. |
check_vision_support |
Check whether the active model supports image/vision input. |
get_context_window |
Return the maximum context window size (tokens) for the active model. |
get_capabilities— no parameters. Returns a capability map:contextWindow,vision,toolCalling,streaming,json_mode.check_vision_support— no parameters. Returnstrue/false.get_context_window— no parameters. Returns token count as an integer.
> what can the current model do?
⚡ Tool: get_capabilities()
→ { contextWindow: 200000, vision: true, toolCalling: true, streaming: true }
Check governance policies, validate tool permissions, and enforce budget constraints before executing operations.
| Function | Description |
|---|---|
check_policy |
Evaluate whether a proposed action is permitted under the active governance policy. |
validate_permission |
Check whether the current session has permission to invoke a specific tool. |
check_budget |
Compare estimated operation cost against the configured session budget. |
check_policy—action(string, description of the proposed action),context(string?, optional extra context).validate_permission—tool(string, tool function name),args(object?, the intended arguments).check_budget—estimatedTokens(int),model(string?, defaults to active model).
> check if I'm allowed to push to main
⚡ Tool: check_policy(action: "git push to main branch")
> verify budget before a large summarization run
⚡ Tool: check_budget(estimatedTokens: 50000)
JD.AI also exposes OpenClaw-style aliases so external tool contracts can map cleanly to native tools:
| Alias | Canonical JD.AI tool |
|---|---|
bash |
run_command |
read |
read_file |
write |
write_file |
edit |
edit_file |
ls |
list_directory |
webfetch |
web_fetch |
websearch |
web_search |
todo_read |
list_tasks |
todo_write |
update_task / task mutations |
exec |
run_command semantics + managed process sessions |
process |
native process session control |
The aliases support additional optional parameters:
summary— return a compact response.maxResultChars— hard-cap output length.noContext— exclude actual tool output from model/session context.noStream— compatibility flag (currently no effect on tool output handling).timeoutMs— timeout override for alias tools that support execution timeouts.
Every tool belongs to a safety tier that controls how confirmation is handled:
| Tier | Behavior | Tools |
|---|---|---|
| Auto-approve | Runs without confirmation | read_file, grep, glob, list_directory, git_status, git_diff, git_log, git_branch, memory_search, web_fetch, ask_questions, think, get_environment, list_tasks, export_tasks, read_clipboard, get_usage, create_patch, encode_base64, decode_base64, encode_url, decode_url, decode_jwt, hash_compute, generate_guid, tailscale_status, tailscale_machines, tailscale_export |
| Confirm once | Asks once per session | write_file, edit_file, git_commit, git_push, git_pull, git_checkout, git_stash, memory_store, memory_forget, create_task, update_task, complete_task, write_clipboard, spawn_agent, spawn_team, apply_patch, batch_edit_files, reset_usage, tailscale_configure, tailscale_runner_probe |
| Always confirm | Asks every invocation | run_command, web_search, execute_code |
Three mechanisms override the default confirmation behavior:
| Mechanism | Scope | Description |
|---|---|---|
/autorun |
Session | Toggle auto-approve for all tools in the current session. |
/permissions |
Session | Toggle permission checks entirely — no confirmations at all. |
--dangerously-skip-permissions |
Process | CLI flag that disables all permission checks for the lifetime of the process. |
Warning
Disabling confirmations means the agent can write files, run commands, and commit code without asking. Use these overrides only in trusted, automated environments.