ToolClad v0.5.1

Declarative .clad.toml manifests that define typed parameters, command construction, output parsing, and policy metadata for AI agent tools. The LLM fills parameters — the executor validates and constructs commands.

Documentation Star on GitHub

Key Features

🛡️ 14 typed validators with shell injection sanitization
⚙️ Five execution backends (Shell, HTTP, MCP proxy, PTY session, CDP browser)
🧩 Command templates with mappings, conditionals, and defaults
📐 MCP schema generation (inputSchema + outputSchema)
📝 Evidence envelopes with SHA-256 hashing
🌲 Cedar policy integration
🧷 SchemaPin signing for manifest integrity
📊 Output parsers (json, xml, csv, jsonl, text, custom)
💻 Session mode for interactive CLIs (psql, msfconsole, redis-cli)
🌐 Browser mode with URL scope enforcement
🔒 Allow-list security model — LLM never sees shell commands
🧱 Process group isolation with timeout kill

Get started with our language guides:

🦀

Rust

Define and execute tool contracts in Rust. Published on crates.io.
🐍

Python

Define and execute tool contracts in Python. Published on PyPI.
⚡️

JavaScript

Define and execute tool contracts in Node.js. Published on npm.
🐹

Go

Define and execute tool contracts in Go.

Part of the ThirdKey Trust Stack

SchemaPin 🧷
Schema integrity
AgentPin 🪪
Agent identity
ToolClad 🛡️
Tool contracts
Symbiont 🤝
Runtime