* docs: Align docs with current CLI behavior Update stale documentation and user-facing MCP OAuth guidance to match the current dialog-based flows, SDK permission semantics, current links, and Qwen OAuth status. Also replace Ink internal imports with public Ink APIs for the shared text input so the workspace builds against Ink 7. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: fix BaseTextInput Ink import (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#5589) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): surface MCP OAuth credential read failures Fix SSE OAuth credential pre-check failures by reporting token storage read errors before connecting. Update SDK coreTools docs and extension release link text from the follow-up review. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): harden MCP OAuth error handling Handle stderr warning failures as best-effort and keep SSE 401 OAuth guidance when credential re-read fails. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): keep SSE OAuth pre-read best effort Avoid blocking SSE MCP connections when the diagnostic credential pre-read fails, and cover BaseTextInput absolute-position edge cases. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): handle SSE OAuth validation errors Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): surface MCP OAuth recovery guidance Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): cover MCP OAuth retry paths Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): address OAuth guidance review Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
4.7 KiB
Qwen Code tools
Qwen Code includes built-in tools that the model uses to interact with your local environment, access information, and perform actions. These tools enhance the CLI's capabilities, enabling it to go beyond text generation and assist with a wide range of tasks.
Overview of Qwen Code tools
In the context of Qwen Code, tools are specific functions or modules that the model can request to be executed. For example, if you ask the model to "Summarize the contents of my_document.txt," it will likely identify the need to read that file and will request the execution of the read_file tool.
The core component (packages/core) manages these tools, presents their definitions (schemas) to the model, executes them when requested, and returns the results to the model for further processing into a user-facing response.
These tools provide the following capabilities:
- Access local information: Tools allow the model to access your local file system, read file contents, list directories, etc.
- Execute commands: With tools like
run_shell_command, the model can run shell commands (with appropriate safety measures and user confirmation). - Interact with the web: Tools can fetch content from URLs.
- Take actions: Tools can modify files, write new files, or perform other actions on your system (again, typically with safeguards).
- Ground responses: By using tools to fetch real-time or specific local data, responses can be more accurate, relevant, and grounded in your actual context.
How to use Qwen Code tools
To use Qwen Code tools, provide a prompt to the CLI. The process works as follows:
- You provide a prompt to the CLI.
- The CLI sends the prompt to the core.
- The core, along with your prompt and conversation history, sends a list of available tools and their descriptions/schemas to the configured model API.
- The model analyzes your request. If it determines that a tool is needed, its response will include a request to execute a specific tool with certain parameters.
- The core receives this tool request, validates it, and (often after user confirmation for sensitive operations) executes the tool.
- The output from the tool is sent back to the model.
- The model uses the tool's output to formulate its final answer, which is then sent back through the core to the CLI and displayed to you.
You will typically see messages in the CLI indicating when a tool is being called and whether it succeeded or failed.
Security and confirmation
Many tools, especially those that can modify your file system or execute commands (write_file, edit, run_shell_command), are designed with safety in mind. Qwen Code will typically:
- Require confirmation: Prompt you before executing potentially sensitive operations, showing you what action is about to be taken.
- Utilize sandboxing: All tools are subject to restrictions enforced by sandboxing (see Sandboxing in Qwen Code). This means that when operating in a sandbox, any tools (including MCP servers) you wish to use must be available inside the sandbox environment. For example, to run an MCP server through
npx, thenpxexecutable must be installed within the sandbox's Docker image or be available in thesandbox-execenvironment.
It's important to always review confirmation prompts carefully before allowing a tool to proceed.
Learn more about Qwen Code's tools
Qwen Code's built-in tools can be broadly categorized as follows:
- File System Tools: For interacting with files and directories (reading, writing, listing, searching, etc.).
- Shell Tool (
run_shell_command): For executing shell commands. - Monitor Tool (
monitor): For running long-lived shell commands that stream output back as background task notifications. - Web Fetch Tool (
web_fetch): For retrieving content from URLs. - Todo Write Tool (
todo_write): For creating and managing structured task lists during coding sessions. - Agent Tool (
agent): For delegating complex tasks to specialized subagents. - Exit Plan Mode Tool (
exit_plan_mode): For exiting plan mode and proceeding with implementation.
Additionally, these tools incorporate:
- MCP servers: MCP servers act as a bridge between the model and your local environment or other services like APIs.
- MCP User Guide: Configure MCP servers and manage them from Qwen Code
- Web Search via MCP: Connect to web search services (Bailian, Tavily, GLM) through MCP
- Sandboxing: Sandboxing isolates the model and its changes from your environment to reduce potential risk.