csh
/
playbook
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
playbook/outfitter-agents/plugins/outfitter/skills/claude-agents/references/tools.md

2.7 KiB
Raw Blame History

Tool Configuration

How to configure tool access for agents.

Philosophy

Don't over-restrict. Agents work best with appropriate access. Only restrict when there's a specific safety reason.

Default: Inherit

Most agents should NOT specify tools. They inherit full access from parent.

---
name: code-reviewer
description: ...
model: inherit
---
# No tools field — inherits full access

When to Restrict

Only restrict when:

  • Agent's purpose is explicitly read-only
  • Specific safety concern exists
  • Want to prevent accidental modifications

Don't restrict when:

  • Agent needs flexibility to complete task
  • Being "cautious" without specific reason

Baseline Tools

When restricting, always include these:

tools: Glob, Grep, Read, Skill, Task, TaskCreate, TaskUpdate, TaskList, TaskGet

These enable: file discovery, searching, reading, skill loading, sub-agent delegation, task tracking.

Common Patterns

Read-only analysis:

tools: Glob, Grep, Read, Skill, Task, TaskCreate, TaskUpdate, TaskList, TaskGet

Read-only with git history:

tools: Glob, Grep, Read, Skill, Task, TaskCreate, TaskUpdate, TaskList, TaskGet, Bash(git show:*), Bash(git diff:*)

Research agent:

tools: Glob, Grep, Read, Skill, Task, TaskCreate, TaskUpdate, TaskList, TaskGet, WebSearch, WebFetch

Implementation agent:

tools: Glob, Grep, Read, Write, Edit, Bash, Skill, Task, TaskCreate, TaskUpdate, TaskList, TaskGet

Pattern Matching Syntax

# Full tool access
Bash

# Restrict to command family
Bash(git *)

# Restrict to specific subcommand
Bash(git status:*)

# File path patterns
Write(tests/**/*.ts)
Write(__tests__/**/*)

# MCP tools
mcp__server__tool
mcp__server__*

Examples

Security Auditor (read-only)

---
name: security-auditor
description: Read-only security analysis.
tools: Glob, Grep, Read, Skill, Task, TaskCreate, TaskUpdate, TaskList, TaskGet, Bash(git diff:*), Bash(git log:*)
model: inherit
---

Deployment Agent (specific commands)

---
name: k8s-deployer
description: Kubernetes deployment tasks.
tools: Glob, Grep, Read, Skill, Task, TaskCreate, TaskUpdate, TaskList, TaskGet, Bash(kubectl *), Bash(docker *)
model: inherit
---

Test Writer (file restrictions)

---
name: test-writer
description: Writes tests only in test directories.
tools: Glob, Grep, Read, Skill, Task, TaskCreate, TaskUpdate, TaskList, TaskGet, Write(tests/**), Write(__tests__/**)
model: inherit
---

Testing Tool Restrictions

  1. Create agent with tools field
  2. Ask Claude to use the agent
  3. Verify agent has access to specified tools
  4. Verify restricted tools require permission or fail