Skip to content
Frona AI

Available Tools

Tools are capabilities that agents use to interact with the outside world. When an agent decides it needs to search the web, run a command, or browse a page, it makes a tool call. The tool executes server-side, and the result feeds back into the conversation.

Available tools

Section titled “Available tools”

Browser automation

Section titled “Browser automation”

Navigate websites, click elements, type text, extract content, and take screenshots using a headless Chrome instance (powered by Browserless).

See Browser Automation for details.

Shell execution

Section titled “Shell execution”
  • shell: run shell commands in a sandboxed environment

See CLI Execution.

Python execution

Section titled “Python execution”
  • python: execute Python code in the agent’s sandboxed workspace

See Python Execution.

Web operations

Section titled “Web operations”
  • web_search: search the internet and return structured results
  • web_fetch: fetch a web page using a full browser and return its content as markdown

See Web Search and Web Fetch.

File operations

Section titled “File operations”
  • read_file: read files from the virtual filesystem
  • produce_file: register a file for user download

See File Operations.

Memory

Section titled “Memory”
  • remember_user_fact: store a fact about the user (shared across all agents)
  • remember_agent_fact: store a fact private to this agent
  • update_identity: update the agent’s own identity attributes

See Memory Tools.

Agent operations

Section titled “Agent operations”
  • delegate_task: hand off a task to another agent (fire-and-forget)
  • run_subtask: run a task on another agent and wait for the result
  • read_skill: load a pre-defined skill into the current agent

See Agent Delegation.

Scheduling and time

Section titled “Scheduling and time”
  • schedule_task: create, delete, or list recurring cron jobs
  • set_heartbeat: configure periodic agent wake-ups
  • get_time: get the current UTC time or compute offsets

See Scheduling.

Voice

Section titled “Voice”
  • voice_call: place an outbound phone call via Twilio
  • send_dtmf: send touch-tone signals during a call
  • hangup_call: end the active call

See Voice.

User interaction

Section titled “User interaction”
  • ask_user_question: present the user with a question and options
  • request_user_takeover: let the user take manual control of a browser session

See User Interaction.

How tools are assigned

Section titled “How tools are assigned”

Each agent has a list of enabled tools. When you create or edit an agent, you choose which tools it can access. Built-in agents come with sensible defaults.

You can see the full list of available tools via the API at GET /api/tools.

Tool context

Section titled “Tool context”

Every tool call has access to:

  • The current user
  • The agent making the call
  • The active chat session
  • An event channel for streaming updates back to the client

Sandboxing

Section titled “Sandboxing”

The shell and python tools run in a sandboxed environment. On Linux, this uses Landlock to restrict filesystem and network access. You can configure sandbox settings per agent:

  • network_access: whether the sandbox allows network connections
  • allowed_network_destinations: specific hosts/IPs that are allowed
  • timeout_secs: maximum execution time (default: 30 seconds)

Sandboxing can be disabled server-wide with the FRONA_SERVER_SANDBOX_DISABLED flag, but this is not recommended for production.