Subagents | Creor

Creor ships with built-in agents for common workflows. You can customize these or create entirely new agents with their own models, permissions, prompts, and behavior.

Built-in Agents

Creor comes with several agents out of the box:

Agent	Mode	Description
build	primary	The default agent. Full tool access based on your permission config. Used for writing code, running commands, and making changes.
plan	primary	Read-only planning mode. Can read files and write plans to .creor/plans/*.md but denies all other file edits.
general	subagent	General-purpose subagent for research and multi-step tasks. Used by the primary agent to parallelize work.
explore	subagent	Read-only codebase exploration. Can search files, read code, and use LSP tools but cannot make any changes.

Internal agents like title, summary, and compaction are hidden from the UI and handle background tasks automatically.

Agent Config

Each agent is configured with the following fields:

Field	Type	Description
model	string	Model in provider/model format (e.g., "anthropic/claude-sonnet-4-20250514")
variant	string	Default model variant for this agent
temperature	number	Sampling temperature (0-2)
top_p	number	Nucleus sampling parameter
prompt	string	System prompt appended to the agent's instructions
description	string	When to use this agent (shown in autocomplete)
mode	"primary" \| "subagent" \| "all"	How this agent can be invoked
hidden	boolean	Hide from the @ autocomplete menu (subagents only)
color	string	Hex color (#FF5733) or theme name (primary, accent, etc.)
steps	number	Max agentic iterations before forcing text-only response
permission	object	Tool permission overrides for this agent
disable	boolean	Remove a built-in agent entirely
options	object	Additional options (e.g., preferSmallModel)

Agent Modes

The mode field controls how an agent can be used:

Mode	Behavior
primary	Can be selected as the active agent from the agent picker. Used directly for conversations. The build and plan agents are primary by default.
subagent	Invoked by primary agents via @mention. Cannot be set as the main conversation agent. Good for specialized tasks delegated by the primary agent.
all	Available both as a primary agent and as a subagent. Custom agents default to this mode.

Note

The default_agent config field controls which primary agent is selected on startup. It defaults to build. You cannot set a subagent as the default.

Creating Agents in JSON

Define agents in the agent section of your creor.json:

{

"agent": {

"review": {

"description": "Code reviewer — reads code and provides feedback, never edits",

"mode": "subagent",

"model": "anthropic/claude-sonnet-4-20250514",

"temperature": 0.3,

"prompt": "You are a senior code reviewer. Analyze code for bugs, performance issues, security concerns, and style. Never modify files — only read and report.",

"permission": {

"edit": "deny",

"bash": "deny",

"read": "allow",

"glob": "allow",

"grep": "allow"

}

You can also override built-in agents. For example, to change the default model for the build agent:

{

"agent": {

"build": {

"model": "openai/gpt-4.1",

"temperature": 0.1

}

Creating Agents in Markdown

For agents with longer system prompts, use markdown files in the .creor/agents/ directory. The filename becomes the agent name, and the markdown body becomes the prompt.

File Structure

.creor/

agents/

review.md

security-audit.md

Example: review.md

---

description: Code reviewer that reads code and provides feedback

mode: subagent

model: anthropic/claude-sonnet-4-20250514

temperature: 0.3

permission:

edit: deny

bash: deny

read: allow

glob: allow

grep: allow

---

You are a senior code reviewer working on a production codebase.

## Review Guidelines

1. **Correctness**: Check for logic errors, off-by-one mistakes, null pointer risks

2. **Performance**: Flag O(n^2) patterns, unnecessary allocations, missing indexes

3. **Security**: Look for injection risks, hardcoded secrets, improper auth checks

4. **Readability**: Suggest clearer names, simpler control flow, better abstractions

## Output Format

For each issue found, report:

- **File**: path/to/file.ts:line

- **Severity**: critical | warning | suggestion

- **Issue**: one-line description

- **Fix**: recommended change

Never modify files. Only read and report findings.

Tip

Markdown agents are great for long, detailed prompts. The frontmatter supports the same fields as JSON agent config. The markdown body is used as the prompt field.

Invoking Agents

@Mention Syntax

In the chat input, type @agent-name to invoke a subagent. For example:

@review Check the authentication module for security issues

The primary agent (build) will delegate the task to the review subagent, which runs with its own model, prompt, and permissions.

Agent Picker

Primary agents can be selected from the agent picker in the UI. Click the agent name in the chat header or use the configured keybind to switch between primary agents.

Auto-Routing

When auto_route is enabled in your config, Creor uses LLM intent classification to automatically route messages to the most appropriate agent. A question about code structure might be routed to the explore agent, while a request to build a feature goes to the build agent.

Permissions

Each agent has its own permission set that controls which tools it can use. Permissions are merged from multiple sources:

Built-in defaults (e.g., all agents allow read by default, deny .env files)
Global permission config from your creor.json
Agent-specific permission overrides

The permission values are:

Value	Behavior
allow	Tool executes without asking for confirmation
ask	Creor shows a permission prompt before executing
deny	Tool call is blocked entirely

For file-based tools (read, edit, external_directory), you can use glob patterns to set per-path permissions:

{

"permission": {

"read": {

"*": "allow",

"*.env": "deny",

"*.env.*": "deny",

"*.env.example": "allow"

"edit": {

"*": "allow",

"src/generated/**": "deny"

}

Examples

Security Audit Agent

{

"agent": {

"security": {

"description": "Security auditor — scans for vulnerabilities and compliance issues",

"mode": "subagent",

"model": "anthropic/claude-sonnet-4-20250514",

"prompt": "You are a security auditor. Scan code for OWASP Top 10 vulnerabilities, hardcoded secrets, and insecure patterns. Report findings with severity ratings.",

"permission": {

"edit": "deny",

"bash": "deny",

"read": "allow",

"grep": "allow",

"glob": "allow",

"websearch": "allow"

}

Documentation Writer

{

"agent": {

"docs": {

"description": "Documentation writer — generates and updates docs",

"mode": "subagent",

"temperature": 0.5,

"prompt": "You are a technical writer. Generate clear, concise documentation. Use JSDoc for code comments and Markdown for standalone docs. Match the existing documentation style in the project.",

"permission": {

"bash": "deny",

"read": "allow",

"edit": {

"*": "deny",

"docs/**": "allow",

"**/*.md": "allow",

"README.md": "allow"

}

Disabling a Built-in Agent

To remove a built-in agent, set disable: true:

{

"agent": {

"explore": {

"disable": true

}