Capabilities
Agent tools
Tools are what make an agent act rather than just answer. You enable them per agent; the model then calls them during a run. GET /v1/tools lists everything available to you.
The ten tools
http_request call any REST API (SSRF-guarded)
send_webhook POST to your outbound webhook
send_email send email (rate-limited)
slack_message post to Slack
discord_message post to Discord
telegram_message send a Telegram message
google_chat_message post to Google Chat
notion_create_page create a Notion page
google_calendar_list_events read calendar events
google_calendar_create_event create a calendar eventCredentials
Connect Slack, Discord, Telegram, Notion, an outbound webhook, or Google Calendar (OAuth) under Account → Integrations. Credentials are encrypted at rest, and the model never sees the secret — the platform injects it when the tool executes.
The SSRF guard
Every outbound call goes through an SSRF guard: public IPs only (no localhost, no link-local, no private ranges) and no redirect-following. This matters because tools re-open a class of attack that a pure text model doesn’t have.
Each outbound tool has a per-user daily rate limit. Agents also carry a per-agent tool allow-list, so an agent can only use what you explicitly grant it.