--- title: "Available Tools" description: "Reference of tools available to the nctl ai agent." diataxis: how-to applies_to: product: "nctl" audience: ["developer","platform-engineer"] last_updated: 2026-04-16 url: https://docs.nirmata.io/docs/ai/nctl-ai/tools/ --- The following tools are available to `nctl ai`. The agent selects the appropriate tool based on your request. ## Tools by category | Category | Tool | Description | |----------|------|-------------| | **Command execution** | `bash` | Execute a bash command. Use when you need to run a shell command. | | **Command execution** | `kubectl` | Command-line tool for interacting with Kubernetes clusters. | | **Policy** | `generate_policy` | Generate a Kyverno policy. | | **Policy** | `generate_kyverno_tests` | Generate Kyverno CLI tests for a policy. Returns filenames and contents for `kyverno-test.yaml`, `resources.yaml`, and optionally `variables.yaml`. | | **Policy** | `generate_chainsaw_tests` | Generate or update Chainsaw tests for Kyverno policies. | | **Policy** | `run_kyverno_tests` | Test Kyverno policies using the Kyverno CLI test command. | | **Security** | `remediate` | Fix policy violations for a resource. | | **Security** | `scan_kubernetes_resources` | Scan Kubernetes resource files against policies and return results. | | **Security** | `scan_kubernetes_cluster` | Scan Kubernetes resources in a cluster against policies and return results. | | **Security** | `scan_terraform` | Scan Terraform resources against policies and return results. | | **Security** | `scan_prompt` | Scan LLM prompts against security policies for injection attacks, jailbreak patterns, PII leakage, credential exposure, and other risks. Accepts inline content, file paths, or directories. Returns policy evaluation results with a risk score. | | **Security** | `skills_scan` | Scan a skill (folder or artifact) against policies and return a signed/hashed receipt with decision and findings. Normalizes the skill directory, applies Kyverno ValidatingPolicies, computes a trust score and decision (Allow/Review/Deny), and produces a receipt for later verification. | | **Communication** | `email` | Send an email via Nirmata Control Hub. | | **Communication** | `list_slack_channels` | List all Slack channels the user has access to. | | **Communication** | `send_slack_message` | Send a message to a Slack channel via Nirmata Control Hub. | | **File system** | `read_file` | Read the complete contents of a file. | | **File system** | `read_multiple_files` | Read the contents of multiple files in a single operation. | | **File system** | `write_file` | Create a new file or overwrite an existing file with new content. | | **File system** | `modify_file` | Update a file by finding and replacing text. Pattern matching without needing exact character positions. | | **File system** | `copy_file` | Copy files and directories. | | **File system** | `move_file` | Move or rename files and directories. | | **File system** | `delete_file` | Delete a file or directory from the file system. | | **File system** | `create_directory` | Create a new directory or ensure a directory exists. | | **File system** | `list_directory` | Get a detailed listing of all files and directories in a specified path. | | **File system** | `tree` | Return a hierarchical JSON representation of a directory structure. | | **File system** | `get_file_info` | Retrieve detailed metadata about a file or directory. | | **File system** | `search_files` | Recursively search for files and directories matching a pattern. | | **File system** | `search_within_files` | Search for text within file contents. Scans text files for matching substrings; binary files are excluded. Reports file paths and line numbers. | | **File system** | `list_allowed_directories` | Return the list of directories the server is allowed to access. | | **File system** | `add_allowed_directory` | Add a directory to the allowed list for filesystem operations. Use when you get errors about directories being outside allowed directories. | | **Utility** | `todo` | Manage a todo list (add, remove, update, list items). Automatically prevents duplicate items. | | **Utility** | `worker` | Manage background workers for concurrent task processing. | ## Slack integration Slack tools (`list_slack_channels`, `send_slack_message`) require [Slack integration configured in Nirmata Control Hub](/docs/control-hub/settings/integrations/). No additional environment variables are needed once configured in Nirmata Control Hub. ## Extending with MCP You can add more tools by connecting [MCP servers](/docs/ai/nctl-ai/extend/#extending-with-mcp-servers). See [Extending Nirmata Assistant](/docs/ai/nctl-ai/extend/) for configuration.