diff --git a/devterm/tools/jwt_tool.py b/devterm/tools/jwt_tool.py
new file mode 100644
index 0000000..50df592
--- /dev/null
+++ b/devterm/tools/jwt_tool.py
@@ -0,0 +1,25 @@
+import jwt
+import json
+
+
+def decode_jwt(token: str, verify: bool = False) -> dict:
+    try:
+        parts = token.split(".")
+        if len(parts) != 3:
+            raise ValueError("Invalid JWT format")
+
+        header = json.loads(jwt.utils.base64url_decode(parts[0]).decode("utf-8"))
+        payload = json.loads(jwt.utils.base64url_decode(parts[1]).decode("utf-8"))
+
+        result = {
+            "header": header,
+            "payload": payload,
+            "signature": parts[2][:20] + "..." if len(parts[2]) > 20 else parts[2]
+        }
+
+        if verify:
+            jwt.decode(token, options={"verify_signature": False})
+
+        return result
+    except Exception as e:
+        raise ValueError(f"Failed to decode JWT: {str(e)}")