Skip to main content
Understanding these core concepts will help you use Jinba Toolbox effectively and navigate the platform with confidence.

Key Terms

TermDefinitionExample
OrganizationTeam or company that owns ToolSets. Users belong to one or more Organizations with roles (owner, admin, member).acme-corp — a team sharing a collection of AI tools
ToolSetCollection of related tools with a shared execution environment. Equivalent to an npm package or Docker image. Belongs to an Organization.slack-tools — a set of Slack integration tools
ToolIndividual executable unit within a ToolSet. Has input/output schemas and code written in TypeScript or Python.post-message — sends a message to a Slack channel
RunA single execution record of a Tool. Stores input, output, logs, status, and duration.Executing post-message with channel and text parameters
VersionImmutable snapshot of a ToolSet at a point in time. Uses semantic versioning (semver).1.2.0 — a published release of slack-tools
SandboxIsolated container environment where tool code executes. Prevents unsafe operations from affecting the host system.An E2B container running a Python tool

Domain Relationships

The entities in Jinba Toolbox are organized in a clear hierarchy: 
Organization
  └── ToolSet
        ├── Tool (1:N)
        ├── Version (1:N)
        └── Run (1:N)
  • An Organization contains one or more ToolSets.
  • A ToolSet contains one or more Tools, and can have multiple published Versions.
  • Each Run records a single execution of a Tool within a ToolSet.
  • Users belong to Organizations through memberships with assigned roles.

Entity Relationship Diagram

┌──────────┐
│   User   │
└────┬─────┘

     ├─────1:N─────┐
     │              │
     │         ┌────┴─────┐
     │         │  ApiKey   │
     │         └──────────┘

     └─────N:M─────┐

        ┌───────────┴───────────┐
        │  OrganizationMember   │  (role: owner / admin / member)
        └───────────┬───────────┘

        ┌───────────┴───────────┐
        │     Organization      │
        └───────────┬───────────┘

                   1:N

        ┌───────────┴───────────┐
        │       ToolSet         │
        └───────────┬───────────┘

         ┌──────────┼──────────┐
         │          │          │
        1:N        1:N        1:N
         │          │          │
    ┌────┴────┐ ┌───┴───┐ ┌───┴──────┐
    │  Tool   │ │  Run  │ │ Version  │
    └─────────┘ └───────┘ └──────────┘

Organizations

An Organization is the top-level ownership unit. All ToolSets, API keys, and billing belong to an Organization.
  • Users can be members of multiple Organizations.
  • Each membership has a role: owner, admin, or member.
  • API keys are scoped to an Organization and carry permission scopes: read, write, execute, and admin.

ToolSets

A ToolSet groups related tools together with a shared sandbox configuration. Key properties include:
PropertyDescription
SlugURL-friendly identifier, unique within the Organization
Sandbox ConfigDefines the execution environment: provider (E2B or Daytona), language (TypeScript or Python), packages, and resource limits
VisibilityControls access: private (organization only), public (anyone), or restricted (specific organizations)
TagsSearchable labels for discovery in the explore catalog

Tools

A Tool is the smallest executable unit. Each Tool defines:
PropertyDescription
SlugURL-friendly identifier, unique within the ToolSet
Input SchemaJSON Schema that validates the input before execution
Output SchemaJSON Schema that describes the expected output structure
CodeThe executable source code (TypeScript or Python)
EntrypointOptional custom entrypoint function name
Input and output schemas are validated automatically. If the input does not match the schema, the execution is rejected before any sandbox resources are consumed.

Versions

Versions are immutable snapshots of a ToolSet. Once published, a Version cannot be modified.
  • Versions follow semantic versioning (e.g., 1.0.0, 1.2.3).
  • Publishing a Version captures all Tools, schemas, and code at that point in time.
  • The latestVersion field on a ToolSet always points to the most recently published Version.
  • AI agents and external consumers should pin to a specific Version for stability.

Runs

A Run represents a single tool execution and records everything about it:
FieldDescription
Statuspending, running, success, failed, or timeout
InputThe validated input parameters
OutputThe structured result returned by the tool
LogsCaptured stdout and stderr from the sandbox
DurationExecution time in milliseconds
ErrorError details if the Run failed
Runs provide full observability into tool execution, making it easy to debug failures and monitor performance.

Sandbox Execution

Every tool runs inside an isolated sandbox container. The sandbox system is built on a pluggable provider architecture:
ProviderDescription
E2BCloud-based sandboxes with fast startup and broad language support
DaytonaSelf-hosted sandbox option for teams requiring on-premises execution
The sandbox provider is configured at the ToolSet level. All Tools in a ToolSet share the same sandbox configuration, including language runtime, installed packages, and resource limits.

Access Control

Jinba Toolbox provides multiple layers of access control:
  • Organization membership governs who can manage ToolSets and view Runs.
  • ToolSet visibility (private, public, restricted) controls who can discover and execute tools.
  • API key scopes (read, write, execute, admin) provide fine-grained permission control for programmatic access.

What’s Next?

Quickstart

Build your first ToolSet and run a tool

Web Console

Explore the web interface for managing tools