Tools Workers – Auxot Docs

How Tools Workers Work

A tools worker handles tool_call execution on behalf of the LLM. When the router receives a completion request with tool calls, it dispatches the tool execution to a connected tools worker, waits for results, and injects them back into the conversation.

Tools workers are separate from inference workers — you can run them independently and connect multiple to a single router.

Installation

# Binary
curl -Lo auxot-tools https://github.com/auxothq/auxot/releases/latest/download/auxot-tools-$(uname -s)-$(uname -m)
chmod +x auxot-tools

# Docker (includes bun + pnpm for MCP servers)
docker pull ghcr.io/auxothq/auxot-tools:latest

Running a Tools Worker

The tools worker connects to the router using a separate key (AUXOT_TOOLS_KEY_HASH on the router side):

AUXOT_TOOLS_KEY=tls_xxx AUXOT_ROUTER_URL=router:8080 ./auxot-tools

Built-in Tools

Tool	Description
`code_executor`	Sandboxed JavaScript execution via goja. No network or filesystem access
`web_fetch`	HTTP client — fetches URLs without CORS restrictions
`web_search`	Web search via Brave Search API
`web_answers`	AI-summarized answers via Brave Answers API

MCP Servers

The tools worker supports dynamic MCP server spawning per request. MCP servers are started on demand via bun and terminated after the request completes. The Docker image (ghcr.io/auxothq/auxot-tools) includes bun and pnpm for zero-setup MCP support.

Shell Tools

Add custom tools by placing .sh scripts alongside .tool.json descriptors in a ./tools/ directory:

./tools/
  my-tool.sh          # Shell script that executes the tool
  my-tool.tool.json   # JSON Schema descriptor (name, description, parameters)

Tool Credentials

Credentials for built-in tools are passed via environment variables:

# Brave Search
AUXOT_TOOLS_WEB_SEARCH__BRAVE_SEARCH_API_KEY=BSA...

# Brave Answers
AUXOT_TOOLS_WEB_ANSWERS__BRAVE_SEARCH_API_KEY=BSA...

Double underscores (__) separate the tool name from the credential name because tool names themselves may contain underscores.

Direct Tools API

You can call tools directly without going through the LLM:

curl http://localhost:8080/api/tools/v1/execute \
  -H "Authorization: Bearer rtr_xxx" \
  -H "Content-Type: application/json" \
  -d '{"tool": "web_search", "input": {"query": "llama.cpp quantization guide"}}'

List available tools:

curl http://localhost:8080/api/tools/v1/list \
  -H "Authorization: Bearer rtr_xxx"

Restricting Tools

Set AUXOT_ALLOWED_TOOLS on the router to limit which tools are accessible:

AUXOT_ALLOWED_TOOLS=code_executor,web_search

Leave unset to allow all registered tools.