Tool Use in Agents

What are Tools?

Tools = Functions agents can call to interact with the world.

Available tools for agent:
- calculator: Perform math
- search: Web search
- code_interpreter: Execute Python
- email: Send emails
- database: Query database
- weather_api: Get weather
- calendar: Check schedules

Agent picks appropriate tools based on goal!

Function Calling (OpenAI Style)

Modern LLMs support explicit function calling.

Define tools as JSON schema:
{
  "name": "search",
  "description": "Search the web for information",
  "parameters": {
    "query": "string - what to search for",
    "max_results": "integer - max results (default 5)"
  }
}

Agent LLM response:
{
  "name": "search",
  "arguments": {
    "query": "best flights NYC to LA",
    "max_results": 10
  }
}

System executes tool and returns result back to agent.

Tool Design Best Practices

1. Clear Descriptions

Bad: "Search tool"
Good: "Search the internet for current information. Use this when you need real-time data, recent news, or information not in your training data."

2. Focused Scope

Bad: Tool does everything (search, analyze, summarize)
Good: Tool does one thing well (just search)

3. Predictable Behavior

Tool should:
- Always return consistent format
- Handle errors gracefully
- Provide useful error messages

Common Agent Tools

Search Tool

search(query: string, max_results: int)
Returns: List of search results with URL, title, snippet

Calculator

calculate(expression: string)
Returns: Numeric result
Example: calculate("sqrt(16) + 3^2") → 13.0

Code Executor

execute_python(code: string)
Returns: Output and errors
Example: execute_python("print(sum([1,2,3]))") → 6

Database Query

query_db(sql: string)
Returns: Query results
Example: query_db("SELECT * FROM users WHERE age > 18") → [[user1], [user2], ...]

Tool Calling Flow

Agent Thought: "I need to search for flights"
    ↓
Agent generates function call:
{
  "tool": "search",
  "args": {"query": "cheap flights NYC to LA"}
}
    ↓
System executes tool
    ↓
Tool returns result:
{
  "results": [
    {"airline": "AA", "price": $150},
    {"airline": "UA", "price": $180}
  ]
}
    ↓
Agent observes result and continues reasoning

Tool Safety

Dangerous Tools:
- Delete_file (could destroy data)
- Send_money (financial risk)
- System_shutdown (operational risk)

Safety measures:
1. Rate limiting (limit calls per minute)
2. Approval required (human in loop)
3. Rollback capability (undo actions)
4. Audit logging (track all tool use)
5. Sandboxing (restrict tool scope)