What Built-In Tools Does LM-Kit.NET Provide for AI Agents?
TL;DR
LM-Kit.NET ships a constantly growing catalog of built-in tools organized into eight categories: Data, Document, Text, Numeric, Security, Utility, IO, and Net. Each tool is a single atomic operation (one tool does one thing), and every tool exposes rich security metadata for enterprise-grade permission control. You can register tools individually, by category, or by risk level.
Tool Categories
The catalog is designed for continuous growth. New tools are added regularly across all categories.
| Category | What It Covers | Example Tools |
|---|---|---|
| Data | Parsing and transformation | JSON, XML, CSV, YAML, HTML, Markdown, databases, spreadsheets, QR codes |
| Document | Document manipulation | PDF operations, image preprocessing, text extraction, OCR, format conversion |
| Text | String operations | Diff, regex, templating, encoding, slugification, fuzzy matching, phonetics |
| Numeric | Computation | Calculator, unit conversion, statistics, financial math, random numbers, expressions |
| Security | Cryptography and validation | Hashing, encryption, JWT, password generation, checksums |
| Utility | General-purpose helpers | Date/time, cron, URL, color, locale, MIME types, paths, scheduling, time zones |
| IO | File system and processes | File read/write/list, process execution, compression, clipboard, environment, file watching |
| Net | Network and web | HTTP methods, FTP, web search, network diagnostics, SMTP, RSS feeds |
Registering Tools with an Agent
Individual Tools
using LMKit.Agents;
using LMKit.Agents.Tools.BuiltIn;
var agent = Agent.CreateBuilder(model)
.WithTools(tools =>
{
tools.Register(BuiltInTools.WebSearch);
tools.Register(BuiltInTools.Calculator);
tools.Register(BuiltInTools.DateTimeNow);
})
.Build();
By Category
Register all tools in a family at once:
var agent = Agent.CreateBuilder(model)
.WithTools(tools =>
{
tools.AddFileSystemTools();
tools.AddHttpTools();
tools.Register(BuiltInTools.WebSearch);
})
.Build();
Safe Tools Only
Register all pure-computation tools that have no I/O side effects:
var agent = Agent.CreateBuilder(model)
.WithTools(tools =>
{
foreach (var tool in BuiltInTools.GetSafeTools())
tools.Register(tool);
})
.Build();
Web Search Providers
The web search tool supports multiple providers:
| Provider | API Key Required | Description |
|---|---|---|
| DuckDuckGo | No | Free HTML scraping, default provider |
| Brave | Yes | High-quality results, free tier available |
| Tavily | Yes | AI-optimized search for RAG |
| Serper | Yes | Google results via API |
| SearXNG | No | Self-hosted meta-search |
| Custom | Optional | Bring your own endpoint |
// Default: DuckDuckGo (no API key)
var search = BuiltInTools.WebSearch;
// With a specific provider
var braveSearch = BuiltInTools.CreateWebSearch(WebSearchTool.Provider.Brave, "your-api-key");
Security Metadata and Permission Policies
Every built-in tool exposes security metadata through IToolMetadata:
- Category: Which of the eight categories this tool belongs to
- SideEffect:
None,LocalRead,LocalWrite,NetworkRead,NetworkWrite,Irreversible - RiskLevel:
Low,Medium,High,Critical - DefaultApproval:
Never,Conditional,Always - IsIdempotent: Whether the tool is safe to retry without changing outcome
- IsReadOnly: Whether the tool mutates any state
Querying Tools by Metadata
// Get all tools that are safe (Low risk, no side effects)
var safeTool = BuiltInTools.GetByMaxRisk(ToolRiskLevel.Low);
// Get all read-only tools
var readers = BuiltInTools.GetReadOnly();
// Get tools in a specific category
var ioTools = BuiltInTools.GetByCategory("io");
Permission Policies
Use ToolPermissionPolicy for centralized allow/deny rules with wildcard patterns:
using LMKit.Agents.Tools;
// Safe chat profile: only pure computation
var chatPolicy = new ToolPermissionPolicy()
.AllowCategory("data", "text", "numeric", "utility", "security")
.DenyCategory("io", "net")
.SetMaxRiskLevel(ToolRiskLevel.Low);
// Dev assistant: granular control
var devPolicy = new ToolPermissionPolicy()
.Allow("filesystem_*") // All filesystem tools
.Deny("filesystem_delete") // Except delete
.Allow("http_get", "http_head") // Read-only HTTP
.Deny("http_post", "http_put") // No mutations
.RequireApproval("process_*"); // Ask before running processes
var agent = Agent.CreateBuilder(model)
.WithTools(tools =>
{
foreach (var tool in BuiltInTools.GetAll())
tools.Register(tool);
})
.WithPermissionPolicy(devPolicy)
.Build();
When a tool requires approval, the ToolApprovalRequired event fires. If no handler is subscribed, the tool call is denied and the model is informed so it can adapt.
Design Principles
- 1 tool = 1 feature. Each tool performs exactly one atomic operation. No multi-operation discriminator fields.
- Constantly growing. New tools are added regularly across all categories.
- Security first. Every tool exposes rich metadata and integrates with
ToolPermissionPolicyfor enterprise-grade access control.
📚 Related Content
- What is the difference between an AI agent and a chatbot?: Understand when tools and agents are needed vs simple chat.
- What is function calling and tool use in LM-Kit.NET?: How function calling works under the hood and how to create custom tools.
- Equip an Agent with Built-In Tools: Step-by-step guide for using built-in tools in agents.
- Secure Agent Tool Access with Permission Policies: Detailed permission policy configuration guide.