Tools are discrete capabilities that Claude invokes automatically while working on your task. When you give Claude a coding task it may read source files, run a build command, search for relevant code, and edit files — all via tools — without you having to issue each operation manually.Each tool has:
A name — a stable string identifier (e.g. Bash, Read, WebFetch)
A description — plain-language explanation of what the tool does, used by Claude to decide when to invoke it
A typed input schema — a JSON Schema defining every parameter, its type, whether it’s required, and any constraints
Claude selects which tool to call based on your task description and the current conversation context. It composes tool calls, waits for results, and continues reasoning — repeating until the task is complete or a turn limit is reached.
Tools that have side effects (writing files, executing shell commands, fetching URLs) require your explicit permission before running. Claurst displays a prompt showing exactly what the tool is about to do; you can allow it once, allow it permanently for that tool/path, or deny it.Read-only tools (file reads, glob/grep searches) are allowed automatically in Default mode.
Permission mode
Behavior
Default
Read-only operations auto-approved; write/execute operations prompt you
AcceptEdits
File writes auto-approved; shell execution still prompts
BypassPermissions
All operations auto-approved (use with caution)
Plan
Only read-only operations are permitted
BypassPermissions mode skips all confirmation prompts. Only use it in trusted, isolated environments.
The full tool list is large. To keep the initial prompt lean, most tools are deferred — hidden from the first request. Claude uses ToolSearch to discover deferred tools by keyword when it needs one. Tools marked alwaysLoad are always included in the initial context.