Coding Agent
Give your agents full-stack software development capabilities — reading, writing, editing files, searching code, and executing commands — all within a sandboxed project directory.
Overview
The coding agent feature provides six MCP tools that let agents work with code the way a developer would. Agents follow a structured methodology: gather context, take action, verify results.
Agent receives coding task
│
├── 1. Gather Context
│ ├── coding_list_files → Understand project structure
│ ├── coding_search → Find relevant files
│ └── coding_file_read → Read existing code
│
├── 2. Take Action
│ ├── coding_file_edit → Modify existing files
│ ├── coding_file_write → Create new files
│ └── coding_bash → Run commands (with approval)
│
└── 3. Verify Results
└── coding_bash → Run tests, check build
Getting Started
1. Assign the Skill
The coding tools require the coding-agent skill. Assign it to your agent:
await client.skills.assign({
skillId: 'coding-agent',
agentId: 'agent-123'
});
Or let the platform suggest it automatically — connecting a GitHub integration triggers a suggestion for the coding-agent skill.
2. Agent Gets Coding Tools
Once the skill is assigned, the agent can use all six coding tools. The skill also provides methodology guidance that the agent follows when working on tasks.
Available Tools
coding_file_read
Read file contents with line numbers.
// Read entire file
{ name: "coding_file_read", arguments: { path: "src/index.ts" } }
// Read specific lines
{ name: "coding_file_read", arguments: { path: "src/index.ts", startLine: 10, endLine: 50 } }
Returns numbered content:
1 import express from 'express'
2 const app = express()
3 ...
coding_file_write
Create a new file or overwrite an existing one.
{
name: "coding_file_write",
arguments: {
path: "src/utils/helper.ts",
content: "export function add(a: number, b: number) {\n return a + b\n}\n"
}
}
Parent directories are created automatically. Prefer coding_file_edit for modifying existing files.
coding_file_edit
Edit a file by replacing an exact string match.
{
name: "coding_file_edit",
arguments: {
path: "src/index.ts",
oldString: "const port = 3000",
newString: "const port = process.env.PORT || 3000"
}
}
The oldString must match exactly, including whitespace. If it appears multiple times, set replaceAll: true or provide more surrounding context to make it unique.
coding_search
Search file contents or find files by name.
// Search file contents (grep-like)
{
name: "coding_search",
arguments: { pattern: "handleAuth", type: "content", glob: "*.ts" }
}
// Find files by name (glob-like)
{
name: "coding_search",
arguments: { pattern: "*.test.ts", type: "files" }
}
coding_bash
Execute a shell command in the project directory.
{
name: "coding_bash",
arguments: { command: "npm test", timeoutMs: 60000 }
}
Every bash execution requires human-in-the-loop approval. The agent proposes a command, and you approve or reject it before it runs.
Common uses:
- Running tests:
npm test,pytest - Building:
npm run build,cargo build - Git operations:
git diff,git status - Package management:
npm install,pip install
coding_list_files
List directory contents to understand project structure.
// List project root
{ name: "coding_list_files" }
// List a subdirectory recursively
{ name: "coding_list_files", arguments: { path: "src", recursive: true } }
Security & Sandboxing
All coding operations run inside a sandbox that enforces safety boundaries.
Project Directory Isolation
Every file operation is confined to the project directory. Path traversal attempts (../../etc/passwd) are blocked. The agent cannot read or write files outside its workspace.
Blocked Paths
Sensitive paths are blocked by default:
- System directories (
/etc,/root,/usr,/var) - Environment files (
.env,.env.local,.env.production) - Dependencies (
node_modules)
Bash Safety
Destructive commands are blocked:
| Blocked Pattern | Why |
|---|---|
rm -rf / | Filesystem destruction |
chmod 777 | Insecure permissions |
curl | sh | Remote code execution |
| Fork bombs | Resource exhaustion |
shutdown, reboot | System control |
Network access from bash is disabled by default. When enabled, only whitelisted hosts are accessible.
Audit Trail
Every operation is logged with timestamp, tool name, action, path/command, and whether it was allowed or blocked. Retrieve the full audit log at any time for compliance review.
File Size Limits
File read and write operations are limited to 1MB by default to prevent resource exhaustion.
Works with Any Model
The coding tools work with every LLM provider supported by MeetLoyd:
- Anthropic — Claude Opus, Sonnet, Haiku
- OpenAI — GPT-4o, o1, o3
- Google — Gemini 2.0
- Self-hosted — Ollama, vLLM (DeepSeek, Llama, Qwen, Mixtral)
The tools plug into the existing agent execution loop — no special model or SDK required.
Configuration
The sandbox can be configured per agent or per tenant:
| Option | Default | Description |
|---|---|---|
projectDir | /workspace | Root directory for all file operations |
allowBash | true | Enable bash tool |
allowNetwork | false | Allow network access in bash |
allowedHosts | [] | Network whitelist when enabled |
maxFileSizeKb | 1024 | Max file size for read/write |
blockedPaths | System dirs, .env, node_modules | Additional paths to block |
blockedCommands | Destructive patterns | Additional commands to block |
auditEnabled | true | Full audit logging |
Best Practices
Read Before Editing
Always read a file before modifying it. This ensures the agent understands context and gets the exact string to replace.
Small, Focused Changes
Make one logical change at a time. Large, multi-file changes are harder to verify and more likely to introduce errors.
Verify After Every Change
Run tests and check the build after each modification. Use coding_bash with npm test or your project's test command.
Match Existing Patterns
The agent follows the codebase's existing conventions for naming, structure, and style — don't fight the codebase.
Use Git
Leverage git for safety. git diff shows what changed, git stash provides a safety net, and git status gives a clear picture of the current state.
Next: Learn about Human-in-the-Loop controls for governing agent actions.