Execute a shell command on the host system and return its output. Runs the command in a non-interactive shell and captures both stdout and stderr. The response includes the exit code, a timed-out flag, and the full stdout/stderr output. Commands are subject to rate limiting (default 60/min) and a configurable execution timeout. Certain destructive patterns (e.g. rm -rf /, mkfs, dd if=) are always blocked. When the server runs in sandbox mode, network tools (curl, wget), package managers, and process-control commands are also blocked. Sudo commands require the server to be started with ALLOW_SUDO=true. Use this tool for running CLI commands, scripts, build tasks, inspecting the environment, or any operation that can be expressed as a shell one-liner or pipeline.

Read the entire contents of a file and return it as UTF-8 text. Use this to inspect configuration files, source code, logs, or any text-based file. Returns the raw file content as a single text block. Throws an error if the file does not exist or cannot be read. Paths targeting sensitive system directories (e.g. /etc/shadow, /proc/, /dev/) are blocked.

Write text content to a file, creating it if it does not exist or overwriting it if it does. The file is written atomically as UTF-8. Use this to create new files, update configuration, save generated code, or persist any text data. Parent directories must already exist. Returns a confirmation message with the resolved file path on success. Paths targeting sensitive system directories (e.g. /etc/shadow, /proc/, /dev/) are blocked.

Permanently delete a single file from the filesystem. This operation is irreversible. Only regular files can be deleted — use the exec tool with rmdir for directories. Returns a confirmation message on success. Throws an error if the file does not exist. Paths targeting sensitive system directories (e.g. /etc/shadow, /proc/, /dev/) are blocked.

List the contents of a directory with metadata for each entry. Returns a formatted table with columns: Type (d=directory, l=symlink, -=file), Size (bytes), Modified (ISO datetime), and Name. Use this to explore the filesystem, discover files, or verify directory structure. Does not recurse into subdirectories — call again on child directories for deeper exploration. Paths targeting sensitive system directories (e.g. /proc/, /sys/, /dev/) are blocked.

Retrieve comprehensive system information about the host machine. Returns a structured text report containing: OS platform, type, and release version; CPU model, speed (MHz), and core count; total, free, and used memory with percentage; disk usage (via df -h on Unix or wmic on Windows); system uptime in days/hours/minutes; and the machine hostname. This tool takes no parameters. Use it to assess available resources, diagnose environment issues, or gather context about the system your commands will run on.

List running processes on the host system using ps aux, optionally filtered by name. Without a filter, returns all running processes. With a filter, returns only processes whose command line matches the given pattern. Output format is standard ps aux columns: USER, PID, %CPU, %MEM, VSZ, RSS, TTY, STAT, START, TIME, COMMAND. Use this to check if a service is running, find process IDs, monitor resource usage, or verify that a background task started successfully. If no processes match the filter, returns 'No processes found matching filter' instead of an error.