Builtin Tools

Name/description advertise cross-platform small utilities (filesystem, search, web fetch, install, memory, tasks) and the package includes scripts that implement exactly those capabilities. Required env/config/credentials are none, which aligns with a pure-Python toolset.

SKILL.md and scripts allow broad operations: arbitrary shell command execution (execute_command mode 'command'), reading/writing/deleting files, recursive searches, web fetching, and runtime binary downloads. This is consistent with the advertised purpose, but these capabilities are high-privilege: the agent (or a caller) can read/write most files, execute arbitrary shell commands, and download/expand archives. The delete_file script blocks literal root and user home deletion, but most other filesystem paths are writable by the skill. execute_command uses a shell (sh -c or PowerShell -Command), so commands are interpreted by the platform shell.

No install spec; skill is instruction + bundled Python scripts (no remote install). The only runtime downloader is install_binary.py which pulls from official python.org and nodejs.org URLs and extracts archives — expected for a runtime installer and documented in SKILL.md.

The skill declares no required environment variables or credentials. Scripts copy os.environ when spawning subprocesses and accept optional env overrides for executed commands, which is normal for a tool that runs local commands. There are no hard-coded secrets or requests for unrelated cloud credentials.

always is false and the skill does not autonomously modify other skills or global agent config. It persists files under user home (e.g., ~/.builtin-tools, ~/.workbuddy memory dir) and can write todo/memory files; this matches the stated persistent memory feature and is scoped to the user's filesystem rather than system-wide privilege escalation.