Glossary · Foundations

Tool Use

Tool use is when an LLM calls external APIs, databases, or code on its own. Definition, function calling, and how it powers AI agents.

By Kadin Nestler · May 28, 2026 · Updated May 28, 2026
On this page

How tool use works

The developer registers a set of tools with the LLM as JSON schemas — each tool has a name, a description, and a parameter signature. When the model receives a prompt, it can respond with a tool_call instead of text. The application code executes the tool, returns the result to the model, and the model continues. Loop until the model decides it has enough information to answer the user. Anthropic, OpenAI, and Google all support this pattern in their APIs.

What tools look like in practice

  • get_calendar_availability(date_range) — check when the user is free.
  • create_crm_contact(name, phone, email, notes) — write a new lead.
  • search_knowledge_base(query) — RAG retrieval over the company docs.
  • send_text_message(phone, body) — outbound SMS via Twilio.
  • execute_python(code) — code interpreter for math or data analysis.
  • browse(url) — fetch a page and return cleaned content.

Tool use, function calling, and MCP

"Function calling" is the older OpenAI term; "tool use" is the more general one Anthropic and others adopted. The Model Context Protocol (MCP) standardizes how tools are described and invoked across LLM vendors, so a tool built once can be consumed by Claude, ChatGPT, and Cursor without rewrites. MCP is becoming the universal connector for tool ecosystems in 2026.

What can go wrong

  • Hallucinated tool calls — the model invents a tool that does not exist. Mitigate with strict schema validation.
  • Bad parameters — the model passes nonsense values. Mitigate with input validation and clear tool descriptions.
  • Infinite loops — the model keeps calling tools without converging. Hard-cap iterations.
  • Prompt injection via tool output — malicious data returned from a tool changes the model's behavior. Sanitize.

What it means for your business

Tool use is the bridge between an LLM and your actual business systems. Every useful AI agent is a model plus tools — and the quality of the tool descriptions matters more than most teams realize.

  • AI Agent — An AI agent is an LLM-driven program that uses tools to complete tasks autonomously. Definition, architecture, and real SMB examples.
  • Agentic AI — Agentic AI is software that plans, acts, and uses tools to complete multi-step goals with limited human input. Definition, examples, and SMB use cases.
  • Model Context Protocol (MCP) — MCP is an open standard for connecting AI models to tools, data, and APIs. Definition, ecosystem, and why it matters for AI interoperability.
  • Large Language Model (LLM) — A Large Language Model is a transformer-based neural network trained on trillions of tokens to predict the next token. Definition, key models, and business use.
  • AI Guardrails — AI guardrails are runtime rules and filters that constrain LLM behavior. Definition, types, and how SMBs should use them in production.
← Back to the full glossary