Tool Calling
Summary
A panel discussion featuring experts from Arcade, Process, and Meaning Stack explored the critical role of "tool calling" in AI agents, emphasizing that an agent's ability to call tools defines its functionality. The discussion highlighted three main categories of agent use cases: employee-facing (e.g., Process's Tukan, used by 30,000 employees, supporting 8,000 custom agents), customer-facing (e.g., food ordering, travel, shopping assistants), and business-facing (e.g., iFood's 30-35 agents for restaurants). A key problem identified is the misconception of simply wrapping APIs as tools; effective tools require business logic and intent-aware design, such as a "get brochure" tool instead of direct Google Drive API calls. The panel also delved into the Multi-Agent Communication Protocol (MCP), its benefits for integrating diverse tools without custom code, and its significant challenges, including security vulnerabilities, lack of certification, and context bloat, where 300 tools can consume 50k tokens per turn. Governance, versioning, and authorization were discussed as crucial for production-grade agent systems, with a focus on adaptive governance and human-in-the-loop mechanisms.
Key takeaway
For CTOs and VPs of Engineering building AI agent systems, recognize that simply exposing raw APIs as tools will hinder production readiness. Your teams should focus on developing intent-aware, layered tools that embed business logic, rather than just API wrappers. Prioritize robust versioning, adaptive governance, and delegated user authorization to mitigate security risks and context bloat, ensuring your agents are accurate, performant, and cost-effective in production environments.
Key insights
Effective AI agents are defined by their ability to call well-designed, intent-aware tools, not just raw APIs.
Principles
- Tools should encapsulate business logic, not just expose raw APIs.
- Agent governance must be adaptive and risk-scaled, not uniform.
- Versioning is critical for production-grade agent tools and platforms.
Method
Build tools in layers: low-level system tools, mid-level workflow tools specific to an organization's business logic, and high-level agent-specific domain tools. Implement human-in-the-loop and runtime authorization for security.
In practice
- Prioritize building one or two agents before scaling tool governance.
- Use MCP for shared services or third-party integrations, not internal codebases.
- Implement delegated user authorization (OAuth) to manage agent access.
Topics
- AI Agents
- Tool Calling
- Multi-Agent Communication Protocol
- Agent Governance
- Cybersecurity
Best for: CTO, VP of Engineering/Data, Director of AI/ML, AI Engineer, MLOps Engineer, AI Architect
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by MLOps.community.