Built-in Tools
AtomCode currently ships 21 built-in tools, grouped into four categories: filesystem & shell, code graph, web, automation. The model picks tools per task — you almost never need to specify by hand.
Filesystem & shell (9)
| Tool | Purpose | Confirmation? |
|---|---|---|
read_file | Read file content; supports line offset and range | No |
write_file | Write a full file (overwrite) | Sensitive paths: yes |
edit_file | String-match local edits; returns the edited context | Sensitive paths: yes |
search_replace | Batch string replacements; good for multi-line / multi-site patterns | Sensitive paths: yes |
bash | Run shell commands; destructive commands trigger the permission dialog | Destructive: yes |
grep | Regex search with ripgrep semantics | No |
glob | Filename glob matching (e.g. src/**/*.ts) | No |
list_directory | List directory contents | No |
change_dir | Switch the agent's current working directory | No |
Writes to paths like /etc, ~/.ssh, and shell rc files always trigger the permission dialog — "always allow" cannot skip them. Likewise, rm on source files always needs explicit confirmation.
Pass run_in_background: true to bash and the command launches as a detached process and returns immediately with a PID and a log-file path; the process survives across conversation turns — ideal for dev servers, file watchers, and tunnels, without blocking the session.
High-risk commands like rm -rf, dd, mkfs, and sudo, plus schema-destroying database migrations (e.g. migrate:fresh, db:reset), always force a permission prompt. This confirmation always fires — even a prior "always allow" on bash cannot skip it.
Code graph (8)
This is what sets AtomCode apart from generic agents. With the code-graph index, the model can pinpoint symbols, references, and call relationships without scanning the entire tree — especially valuable on large repos.
| Tool | Purpose |
|---|---|
list_symbols | List all symbols defined in a file or directory (functions, classes, constants, …) |
read_symbol | Read a symbol's full definition surgically, without dragging the entire file into context |
find_references | Find every location that references a symbol |
trace_callers | Walk the caller chain of a function backwards |
trace_callees | Expand a function's downstream calls |
trace_chain | Search for a possible call chain between two symbols |
file_deps | Analyse a file's imports / dependency graph |
blast_radius | Estimate the files / symbols a change to a given symbol could affect |
Typical scenarios
- Pre-refactor risk assessment — "How big is the blast if I change
formatDate's signature?" The model callsblast_radius+find_references. - Bug root-causing — "Why doesn't this button respond?" Start at the entry function and
trace_calleesdownward. - Understanding unfamiliar code — "Walk me through
AuthService.login" →read_symbol+trace_callees.
Web (2)
| Tool | Purpose |
|---|---|
web_search | Search the web for keywords; returns a list of title / snippet / URL |
web_fetch | Fetch a URL and convert it to markdown for the model |
Typical uses: looking up the latest docs, comparing library APIs, reading a GitHub issue. In offline environments or to save cost, disable them with --disable-tools web_search,web_fetch.
Automation (2)
| Tool | Purpose |
|---|---|
auto_fix | Run the project's lint / typecheck and iterate over the error list until clean |
use_skill | Invoke a user-defined skill — package a multi-step flow as a reusable command |
See Skills for details.
Disabling specific tools
Use the --disable-tools flag at launch to hide tools from the model entirely. For example, inside the SWE-bench sandbox:
atomcode -p "solve this issue" --disable-tools web_search,web_fetchDisabled tools don't appear in the tool schemas, so the model won't attempt to call a tool guaranteed to fail.
Next steps
- Sessions & Undo — every file-edit tool routes through file-history, so
/undocan roll back changes - Skills — wrap your own workflows with
use_skill