Overview
Tool Use is a foundational agentic pattern that extends LLM capabilities beyond text generation. Agents can invoke external tools to perform calculations, retrieve data, or execute actions.
Tool Definition
{
"name": "get_weather",
"description": "Get current weather for a location",
"parameters": {
"type": "object",
"properties": {
"location": {
"type": "string",
"description": "City name or coordinates"
}
},
"required": ["location"]
}
}
Tool Categories
Information Retrieval
- Database queries
- Web search
- API calls
- File reading
Computation
- Calculators
- Code execution
- Data analysis
Actions
- Email sending
- File writing
- API mutations
- System commands
Communication
- Agent-to-agent calls
- Human notifications
- External system updates
Tool Selection
Agents must decide:
- Whether to use a tool (vs. answering directly)
- Which tool to use
- What parameters to provide
Safety Considerations
Principle of Least Privilege
Only grant tools necessary for the task.
Input Validation
Validate tool parameters before execution.
Output Sanitization
Treat tool outputs as potentially untrusted.
Sandboxing
Execute dangerous tools (code, commands) in isolated environments.
Tool Chaining
Complex tasks often require multiple tools:
1. search_web("latest Tesla stock price")
2. calculate(price * shares)
3. send_alert(portfolio_update)
Common Failure Modes
- Wrong tool selection: Using search when calculation needed
- Parameter hallucination: Inventing invalid parameters
- Tool output misinterpretation: Misreading results
- Over-tooling: Using tools when unnecessary