Custom Tools - Runtools.ai

Define a Tool

tools/customer-api.ts

import { defineTool } from '@runtools/sdk';

export default defineTool({
  name: 'customer-api',
  description: 'Query customer records',
  category: 'support',
  credentials: {
    required: ['apiKey'],
    schema: {
      apiKey: { type: 'string', description: 'Customer API key' },
    },
  },
  actions: {
    lookup: {
      description: 'Find a customer by email',
      parameters: {
        type: 'object',
        properties: {
          email: { type: 'string', description: 'Customer email' },
        },
        required: ['email'],
      },
      execute: async (params, credentials) => {
        const res = await fetch(`https://api.example.com/customers?email=${params.email}`, {
          headers: { Authorization: `Bearer ${credentials.apiKey}` },
        });
        return res.json();
      },
    },
  },
});

Deploy

runtools deploy --tools-only
runtools tool list --custom

Set visibility:

runtools tool publish customer-api --org
runtools tool publish customer-api --unpublish

SDK:

await rt.tools.setVisibility('customer-api', 'org');

Tool Definition

Field	Required	Description
`name`	Yes	Tool slug
`description`	No	Human-readable summary
`category`	No	Marketplace grouping
`credentials`	No	Required fields and optional OAuth mapping
`actions`	Yes	Named executable actions

Each action needs description, parameters, and an async execute(params, credentials) function.

OAuth Mapping

credentials: {
  required: ['accessToken'],
  schema: {
    accessToken: { type: 'string', description: 'OAuth access token' },
  },
  oauth: {
    provider: 'google',
    scopes: ['https://www.googleapis.com/auth/drive.readonly'],
    credentialMapping: { accessToken: 'access_token' },
  },
}

When the user has connected the provider, Runtools resolves a fresh token server-side.

Execute

const result = await rt.tools.execute('customer-api', {
  action: 'lookup',
  params: { email: 'ada@example.com' },
});

Or from the CLI:

runtools tool exec customer-api \
  --action lookup \
  --params '{"email":"ada@example.com"}'

Best Practices

Return structured errors

Prefer { success: false, error: "..." } for recoverable provider failures so agents can react.

Keep secrets out of tool code

Use credentials, secrets, or OAuth mapping. Do not hardcode API keys.

Use JSON Schema carefully

Good action schemas make tool calls more reliable for agents.

TypeScript SDK

Documentation Index

​Define a Tool

​Deploy

​Tool Definition

​OAuth Mapping

​Execute

​Best Practices