Skip to content

Add support for npm packages and .env files to custom tools #10336

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
cte wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add support for npm packages and .env files to custom tools #10336

cte wants to merge 1 commit into from
+185 −3

Conversation

@cte
Copy link
Collaborator

@cte cte commented Dec 25, 2025
edited
Loading

You can now have a custom tool that looks like:

import { fileURLToPath } from "url";
import path from "path";

import dotenv from "dotenv";
import { type ModelMessage, streamText } from "ai";
import { parametersSchema as z, defineCustomTool } from "@roo-code/types";

const dotenvPath = path.join(
  path.dirname(fileURLToPath(import.meta.url)),
  ".env"
);

dotenv.config({ path: dotenvPath });

const parameters = z.object({
  text: z.string().describe("The text to generate a fortune for"),
});

type Parameters = z.infer<typeof parameters>;

export default defineCustomTool({
  name: "fortune",
  description: "Generate a fortune for a given text",
  parameters,
  async execute({ text }: Parameters) {
    if (!process.env.AI_GATEWAY_API_KEY) {
      throw new Error(`AI_GATEWAY_API_KEY is not set in ${dotenvPath}`);
    }

    const messages: ModelMessage[] = [
      {
        role: "system",
        content: `You are a fortune teller. You will be given a question and you will need to generate a fortune for it.`,
      },
      { role: "user", content: text },
    ];

    const result = streamText({
      model: "anthropic/claude-sonnet-4.5",
      messages,
    });

    let content = "";

    for await (const delta of result.textStream) {
      content += delta;
      process.stdout.write(delta);
    }

    return content;
  },
});

Where your sensitive env vars (like AI_GATEWAY_API_KEY) are stored in a .env file in the same directory as the custom tool.

Screenshot 2025-12-25 at 12 17 56 AM Screenshot 2025-12-25 at 12 42 45 AM

@cte cte requested review from jr and mrubens as code owners December 25, 2025 08:46
@dosubot dosubot bot added size:L This PR changes 100-499 lines, ignoring generated files. Enhancement New feature or request labels Dec 25, 2025
@roomote
Copy link
Contributor

roomote bot commented Dec 25, 2025
edited
Loading

Rooviewer Clock   See task on Roo Cloud

Review completed. Found 1 issue worth noting.

  • .env files from different tools may overwrite each other in the shared cache directory

Mention @roomote in a comment to request specific changes to this pull request or fix all unresolved issues.

roomote[bot]
roomote bot reviewed Dec 25, 2025
View reviewed changes
packages/core/src/custom-tools/custom-tool-registry.ts
Comment on lines +339 to +361
private copyEnvFiles(toolDir: string): void {
try {
const files = fs.readdirSync(toolDir)
const envFiles = files.filter((f) => f === ".env" || f.startsWith(".env."))

for (const envFile of envFiles) {
const srcPath = path.join(toolDir, envFile)
const destPath = path.join(this.cacheDir, envFile)

// Only copy if source is a file (not a directory).
const stat = fs.statSync(srcPath)
if (stat.isFile()) {
fs.copyFileSync(srcPath, destPath)
console.log(`[CustomToolRegistry] copied ${envFile} to cache directory`)
}
}
} catch (error) {
// Non-fatal: log but don't fail if we can't copy env files.
console.warn(
`[CustomToolRegistry] failed to copy .env files: ${error instanceof Error ? error.message : String(error)}`,
)
}
}
Copy link
Contributor

@roomote roomote bot Dec 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When multiple tools have .env files, they will overwrite each other in the shared cache directory. If tools A and B each have different .env files with different secrets, loading tool B will overwrite tool A's .env, causing tool A to potentially read incorrect environment variables. Consider using tool-specific subdirectories (e.g., path.join(this.cacheDir, hash)) or documenting that users should use distinct env var names across tools.

Fix it with Roo Code or mention @roomote and request a fix.

Copy link
Collaborator Author

@cte cte Dec 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a really good point. I'll follow up with a fix for this.

@cte
Copy link
Collaborator Author

cte commented Dec 25, 2025

Addresses part of #10323

@hannesrudolph hannesrudolph added the Issue/PR - Triage New issue. Needs quick review to confirm validity and assign labels. label Dec 25, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@roomote roomote[bot] roomote[bot] left review comments

@mrubens mrubens Awaiting requested review from mrubens mrubens is a code owner

@jr jr Awaiting requested review from jr jr is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

Enhancement New feature or request Issue/PR - Triage New issue. Needs quick review to confirm validity and assign labels. size:L This PR changes 100-499 lines, ignoring generated files.

Projects

Roo Code Roadmap
Status: Triage

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cte @hannesrudolph