What Are Tools?
Tools are functions your agent can call to interact with the world. They’re the agent’s hands and eyes.
Without tools:
User: "What files are in ./notes?"
Agent: "I can't access your filesystem, but you could run 'ls notes' to check."With tools:
User: "What files are in ./notes?"
Agent: [calls list_files("./notes")]
Agent: "You have 3 files: 2026-01-20.md, 2026-01-21.md, 2026-01-22.md"Tools turn agents from advisors into actors.
Our Four Tools
We’ll implement four tools. Two are safe (read-only), two need approval (side effects):
Safe Tools (No Approval Needed)
1. list_files(directory)
- Lists files in a directory
- Read-only, no side effects
- Safe to run automatically
2. read_file(path)
- Reads content from a file
- Read-only, no side effects
- Safe to run automatically
Risky Tools (Approval Required)
3. write_file(path, content)
- Writes content to a file
- Side effect: Changes disk state
- Risk: Could overwrite important data
- Needs approval
4. send_message(channel, text)
- Sends a message (mocked in this tutorial)
- Side effect: External communication
- Risk: Could spam or leak information
- Needs approval
Tool Schemas: The Contract
Tools need schemas so the model knows:
- What the tool does
- What parameters it takes
- What types those parameters are
- Which parameters are required
We use JSON Schema format (OpenAI’s function calling standard):
Implementing Tool Schemas
Let’s define all four tools:
Interactive: Match Tools to Categories
Drag each tool to the correct category:
Implementing Tool Functions
Now let’s implement the actual Python functions that execute these tools:
Tool Dispatch: Routing Calls to Functions
We need a dispatcher that maps tool names to Python functions:
Approval Gate Logic
Finally, let’s implement the approval gate:
Visualizing Tool Execution Flow
Interactive Diagram
This interactive diagram requires JavaScript to be enabled.
Steps:
- Agent proposes a tool call
- Check if tool needs approval
- If risky, ask user for approval
- Execute tool function
- Return result to agent
Try It: Add a New Tool
Exercise: Add an extract_todos(text) tool that finds TODO items in text.
Requirements:
- Tool name:
extract_todos - Parameter:
text(string) - Returns: List of TODO items found
- Safety: Read-only (no approval needed)
Hint: Look for lines containing “TODO”, ”- [ ]”, or ”## Tomorrow”
Quick Knowledge Check
Key Takeaways
You now know how to:
- ✅ Define tool schemas using JSON Schema format
- ✅ Implement tool functions that return structured results
- ✅ Distinguish safe vs risky tools based on side effects
- ✅ Build a tool dispatcher to route calls to functions
- ✅ Add approval gates for operations with side effects
What’s Next?
In the next page, we’ll build the agent loop—the core logic that ties everything together. You’ll see how the model proposes tools, your code executes them, and results flow back to the model.