> ## Documentation Index
> Fetch the complete documentation index at: https://trickest.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Adding Private Tools

> Import custom Docker-based tools into your Vault and use them in workflows like any public tool.

<Warning>
  Private tools are available exclusively for [Enterprise](https://trickest.com/pricing/) users with the private tooling feature enabled on their Vault. To learn more, [contact us](https://trickest.com/talk-with-us/).
</Warning>

## Overview

Private tools let you bring your own Docker-based CLI tools into the platform and use them in workflows alongside public Library tools. They are visible only within your Vault and never exposed publicly.

## Importing a Tool

<Steps>
  <Step title="Open the Library">
    Navigate to **Library**, click **Create** and choose **Tool**.
  </Step>

  <Step title="Configure the tool">
    Fill in the tool details in the form that appears. See the field reference below for what each field expects.
  </Step>

  <Step title="Add input parameters">
    Define the input parameters the tool accepts. At least one parameter is typically needed. See [Input Parameters](#input-parameters) below.
  </Step>

  <Step title="Save">
    Click **Save** to import the tool. It will appear in the Library and can be added to any workflow in your Vault.
  </Step>
</Steps>

## Tool Fields

### Required

| Field            | Description                                                                 |
| ---------------- | --------------------------------------------------------------------------- |
| **Name**         | Display name for the tool as it appears in the Library and workflow editor. |
| **Docker Image** | The Docker image to run, without the tag (e.g., `quay.io/myorg/mytool`).    |
| **Output Flag**  | The CLI flag the tool uses to specify its output path (e.g., `-o`).         |
| **License URL**  | URL pointing to the tool's license file.                                    |

### Optional

| Field           | Description                                                                                                                                                                          |
| --------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **Docker Tag**  | The image tag to use (e.g., `v1.2.0`). Defaults to `latest` if not set. Pinning a specific tag is recommended for stability.                                                         |
| **Category**    | Library category the tool belongs to (e.g., `Recon`, `Network`).                                                                                                                     |
| **Description** | Short description of what the tool does.                                                                                                                                             |
| **Output Type** | Whether the tool outputs a `file` or a `folder`. Defaults to `file`.                                                                                                                 |
| **Command**     | Overrides the Docker image entrypoint. Use this when you need to call a specific binary or subcommand (e.g., `/bin/mytool scan`). Leave blank to use the image's default entrypoint. |
| **Source URL**  | URL to the tool's source code or repository.                                                                                                                                         |
| **Docs URL**    | URL to the tool's documentation.                                                                                                                                                     |

## Input Parameters

Each input parameter corresponds to a CLI flag the tool accepts. Add one entry per parameter.

| Field           | Description                                                                                              |
| --------------- | -------------------------------------------------------------------------------------------------------- |
| **Name**        | Label shown in the workflow editor for this input.                                                       |
| **Flag**        | The CLI flag passed to the tool (e.g., `-d`, `--target`).                                                |
| **Type**        | Data type for this input: `string`, `file`, `folder`, or `bool`.                                         |
| **Description** | Short explanation of what this input controls.                                                           |
| **Required**    | When enabled, the tool cannot be executed in a workflow unless this input is connected or given a value. |

<Note>
  Parameters marked as required will block workflow execution if left unset. Use this to enforce mandatory inputs such as a target domain or an input file.
</Note>

## Finding Private Tools in the Library

In **Library > Tools**, use the **Visibility** dropdown to filter by:

* **Public** — tools from the Trickest public Library.
* **Private** — tools imported into your Vault.

Private tools can be added to workflows the same way as any public tool.
