// builtin tools · 01

File and shell tools

These tools let Okami read, edit and execute commands inside the workspace. They are small, auditable and protected by grounding, sandboxing and checkpoints.

params read_file safe Reads capped text and marks the file as known. write_file sensitive Creates/overwrites a file. Existing files must be read first. edit_file sensitive Exact old → new replacement; requires a unique match or replace_all. list_dir safe Lists a workspace directory. find_files safe Fuzzy filename search ignoring case, hyphen, underscore and spaces. run_shell dangerous Runs a command under sandbox: timeout, output cap, sanitized env and Docker when configured.

Grounding and checkpoints

write_file and edit_file refuse blind edits. Before mutation, the gateway snapshots the prior state so okami rollback N can undo recent writes.

Sandbox and secrets

  • Shell commands run with sanitized env.
  • Read-only mode blocks effective commands.
  • Sensitive paths such as .env, .ssh, .aws, .pem and .key are blocked unless yolo.
  • Docker backend gives real isolation.

Open this page in the interactive docs