Skip to main content
Tools are how Neo agents get work done. The agent reasons about what to do and why, and tools handle the how: running a scanner, sending an HTTP request, driving a browser, searching code, or filing an issue. Each agent is given a focused set of tools that match its job, so the Sandbox Agent can execute commands while the Research Agent can search the web. Neo tools come from four sources. Understanding the difference helps you reason about what Neo can do and how to extend it.

Pre-installed Tools

The full security toolchain baked into every sandbox, invoked from the terminal

MCP Tools

External tools connected over the Model Context Protocol

Purpose-built Tools

Over 40 native tools designed by ProjectDiscovery for security work

Custom Tools

Tools you write yourself to wrap internal APIs and team workflows

How tools run safely

Every tool, regardless of where it comes from, runs through the same execution layer that keeps the agent durable. Tools have timeouts so a slow command cannot stall a task, and their output is truncated to fit the model’s context while the full output still streams to you. Your secrets are injected where a tool needs them and redacted from anything the model sees. Tools never crash the agent: a failure comes back as a structured error the agent can reason about and recover from. For sensitive actions, a tool can pause and ask for your approval before it proceeds.