# LlmToolkit Base code tools for agentic LLM execution — a self-contained, composable tool framework for building AI agents in Elixir. Provides 12 file/shell/web tools, a `ToolResolver` behaviour, composable resolver architecture, session-scoped tool filtering, and an Ecto trace schema for audit logging. ## Tools | Tool | Purpose | |---|---| | `read_file` | Read file contents with offset/limit | | `write_file` | Write or overwrite a file | | `edit_file` | Exact-match single edit (pi safety model) | | `multi_edit` | Multiple edits in one call with rollback | | `append_to_file` | Append content to a file | | `bash` | Execute shell commands | | `grep` | Search file contents (ripgrep) | | `glob` | Find files by name pattern | | `list_directory` | List directory contents | | `tree` | Visual directory tree with sizes | | `file_info` | File metadata (size, type, mtime) | | `http_get` | Fetch a URL | ## Installation Add to your `mix.exs`: ```elixir def deps do [ {:llm_toolkit, "~> 0.1"} ] end ``` ## Usage ### Standalone ```elixir alias LlmToolkit.CodeTools alias LlmToolkit.Tool.Call # Use with default cwd (".") {:ok, content} = CodeTools.resolve(%Call{name: "read_file", arguments: %{"path" => "README.md"}}) # Use with specific cwd {:ok, content} = CodeTools.resolve( %Call{name: "read_file", arguments: %{"path" => "README.md"}}, "/path/to/project" ) ``` ### With Your Agent Loop ```elixir # As the sole tool resolver MyAgent.Loop.run(task, LlmToolkit.CodeTools, opts) # Via resolver tuple (binds working directory) MyAgent.Loop.run(task, {LlmToolkit.CodeTools, "/project"}, opts) ``` ### Composed with Domain Tools ```elixir # Base tools + your own tools resolver = LlmToolkit.Composition.new([ {LlmToolkit.CodeTools, "/project"}, MyApp.DomainTools ]) tools = LlmToolkit.Composition.available_tools(resolver) {:ok, result} = LlmToolkit.Composition.resolve(resolver, call) ``` ### Configurable Resolver with `use AgentResolver` ```elixir defmodule MyApp.Tools.Resolver do use LlmToolkit.AgentResolver, tools: [ MyApp.Tools.Search, MyApp.Tools.Analyze ] end # Each tool module implements: # definition/0 → %LlmToolkit.Tool{} # execute/2 → (args, context) → {:ok, string} | {:error, string} # sensitive_fields/0 → ["api_key"] (optional, for telemetry scrubbing) ``` ### Session-Scoped Tool Filtering ```elixir # Prepare only the tools declared for a session turn {tools, resolver_fn} = LlmToolkit.SessionTools.prepare( MyApp.Tools.Resolver, ["read_file", "search"], %{user_id: "abc", project: "/repo"} ) # resolver_fn is a fresh closure — thread-safe, no process dictionary {:ok, result} = resolver_fn.(%Call{name: "read_file", arguments: %{"path" => "README.md"}}) ``` ## Architecture | Module | Role | |---|---| | `LlmToolkit.ToolResolver` | Behaviour — `resolve/1`, `available_tools/0`, optional `dispatch_recipe/1` | | `LlmToolkit.Tool` | Provider-neutral tool definition (name, description, JSON Schema params) | | `LlmToolkit.Tool.Call` | An LLM's request to invoke a tool | | `LlmToolkit.Tool.Result` | The outcome of executing a tool call | | `LlmToolkit.CodeTools` | The 12 base tools implementing `ToolResolver` | | `LlmToolkit.AgentResolver` | `use`-based macro — list your tool modules, get a full resolver | | `LlmToolkit.Composition` | Merge multiple resolvers into one (first match wins) | | `LlmToolkit.SessionTools` | Filter tools by declaration, build context-bound closures | | `LlmToolkit.Trace` | Ecto schema for audit logging tool invocations | ## Safety Model **edit_file:** Uses exact string matching with uniqueness validation. `oldText` must match exactly once. No silent corruption. **multi_edit:** Transactional — applies edits sequentially in memory. If any edit fails, the file is never written. All-or-nothing. ## Dependencies - **Req** (~> 0.5) — HTTP client for the `http_get` tool - **Ecto** (~> 3.12) — Schema/changesets for the `Trace` audit schema Both are lightweight and runtime-only.