Tool Policy

The tool policy system controls which tools are available to the agent. It uses profiles, allow lists, and deny lists with a clear precedence order.

Profiles

Three built-in profiles provide preset tool collections:

ProfileTools IncludedUse Case
minimalMemory tools onlyRead-only assistant
codingFilesystem + shell + memorySoftware development
fullAll tools, no restrictionsFull capability

Set the profile:

Terminal window
export POCKETCLAW_TOOL_PROFILE="coding"

Allow and Deny Lists

Fine-tune tool availability with allow and deny lists:

Terminal window
# Allow specific tools (added to profile)
export POCKETCLAW_TOOLS_ALLOW="web_search,image_gen"


# Deny specific tools (takes precedence over everything)
export POCKETCLAW_TOOLS_DENY="shell,write_file"

Using Groups

Reference tool groups with the group: prefix:

Terminal window
# Allow all search tools
export POCKETCLAW_TOOLS_ALLOW="group:search"


# Deny all media tools
export POCKETCLAW_TOOLS_DENY="group:media"


# Deny all MCP tools
export POCKETCLAW_TOOLS_DENY="group:mcp"

Precedence

The policy system evaluates in this order:

deny > allow > profile
  1. If a tool is in the deny list, it is always blocked
  2. If a tool is in the allow list, it is permitted (even if not in profile)
  3. Otherwise, the profile determines availability

Examples

Minimal + Web Search

Terminal window
export POCKETCLAW_TOOL_PROFILE="minimal"
export POCKETCLAW_TOOLS_ALLOW="web_search"
# Result: memory tools + web_search

Full Except Shell

Terminal window
export POCKETCLAW_TOOL_PROFILE="full"
export POCKETCLAW_TOOLS_DENY="shell"
# Result: all tools except shell commands

Coding + Google Tools

Terminal window
export POCKETCLAW_TOOL_PROFILE="coding"
export POCKETCLAW_TOOLS_ALLOW="group:gmail,group:calendar"
# Result: filesystem + shell + memory + gmail + calendar

MCP Tool Policy

MCP server tools use the pattern mcp:<server>:<tool>:

Terminal window
# Allow all tools from a specific server
export POCKETCLAW_TOOLS_ALLOW="mcp:filesystem:*"


# Deny a specific MCP tool
export POCKETCLAW_TOOLS_DENY="mcp:github:delete_repo"


# Deny all MCP tools
export POCKETCLAW_TOOLS_DENY="group:mcp"

Tool Groups Reference

GroupTools
group:filesystemread_file, write_file, list_dir, edit_file
group:shellshell
group:memorysave_memory, recall_memory
group:searchweb_search
group:mediaimage_gen, voice, stt, ocr
group:gmailgmail_search, gmail_read, gmail_send
group:calendarcalendar_list, calendar_create, calendar_search
group:drivegdrive_list, gdrive_download, gdrive_upload, gdrive_share
group:docsgdocs_read, gdocs_create, gdocs_search
group:spotifyspotify_search, spotify_now_playing, spotify_playback, spotify_playlist
group:redditreddit_search, reddit_read, reddit_trending
group:voicevoice, stt
group:researchresearch
group:delegationdelegate
group:skillsskill_gen
group:mcpAll MCP server tools
Last updated: February 12, 2026
Edit this page