🔧

Tool Architecture — 40+ Plugin System

Every capability is a discrete, permission-gated tool

P1Infrastructure

Summary

~40 tools in plugin architecture. Base tool definition spans 29,000 lines. Each tool has own permission model, validation logic, and output formatting. 23 security checks on bash commands alone. Terminal UI built with React + Ink using game-engine techniques.

Architecture Diagram

Technical Details

Known tools include: BashTool (shell execution with safety guards), file manipulation, web fetching, MCP integration, LSP support, sub-agent spawning. Architecture earned community respect. As one HN commenter noted: 'multi-agent orchestration fits in a prompt rather than a framework, which makes LangChain and LangGraph look like solutions in search of a problem.' Claude Code at v2.1.88 is a serious engineering artifact: 512K lines, custom context compression, granular per-tool permissions, multi-agent coordinator, 108+ gated modules. Building comparable from scratch = multi-year effort with a real team.

Implementation Pattern

TypeScript (conceptual)

// Tool plugin architecture (conceptual)
interface Tool {
  name: string;
  description: string;
  permissions: PermissionLevel[];
  validate(input: unknown): ValidationResult;
  execute(input: ValidatedInput): Promise<ToolOutput>;
  format(output: ToolOutput): string;
}

// BashTool security checks (23 checks including):
const BASH_SECURITY_CHECKS = [
  'no_rm_rf_root',
  'no_sudo_without_approval',
  'no_network_exfiltration',
  'no_env_file_cat',
  'no_credential_exposure',
  // ... 18 more checks
];

Architecture Insight

Multi-agent orchestration fits in a prompt rather than a framework — this is the key architectural insight. LangChain and LangGraph add complexity; Claude Code proves you can orchestrate with well-structured prompts and a plugin tool system.

Official / Public Basis

Tool architecture partially documented in official Claude Code docs (settings, permissions). ~40 tools confirmed. 23 security checks on BashTool found in source.

Governance Concerns

Per-tool permission model is essential for safety. 23 security checks on bash alone shows the depth required. Every tool needs: validation logic, permission gate, output formatting, error handling.

LightHope Ecosystem Mapping

LightHope — tool architecture patterns for agent platform, permission model design, MCP integration strategy, plugin system architecture

Related Discoveries

🎯Coordinator Mode — Multi-Agent Orchestration 🧹Context Entropy Solution — 5 Compaction Strategies 👁️Advisor Agent — Session Overseer

← Advisor Agent — Session Overseer User Frustration Detection →