
Tool calling lets models act — query DB, call APIs, run MCP tools — with schemas that bound what they can do.
In my daily workflow
- I define tools with minimal parameters and strict types.
- Destructive tools require confirmation or human-in-the-loop nodes.
- I log every tool call with inputs redacted where needed.
- I test tool routing with eval cases that should and should not invoke tools.
How it makes me work smarter
Tools turn language into operations. The copilot can update experience registry entries because tools expose safe, narrow mutations — not raw SQL. Bad tool design causes runaway loops; good design makes the model predictable.
My setup
- Zod-validated tool arguments
- MCP for third-party systems
- Server-side authorization on every tool handler
- Timeouts and max call limits per turn
On this portfolio
Copilot tools wrap admin registry operations with validation. MCP tools expose read-only PostHog and Sentry queries to the IDE agent. The assistant uses retrieval tools instead of fabricating portfolio facts.


