Skip to content
Sundar Shahi ThakuriSundar Shahi.
Book a call

Tool Calling (Function Calling)

Tool calling is how an LLM acts on the world: you describe a set of tools (name, description, parameter schema) and the model chooses which to call and with what arguments, picking entirely from the text of those definitions.

also: function calling · tool use · tool calling · MCP tools · tool definitions

name + description + schemathe model picks from text aloneweak definitions = wrong tool calls

A tool definition is a contract written for the model, not for a compiler. Each tool carries a name, a description, and a JSON-Schema for its parameters, and the model selects among them using nothing but that text plus the conversation. The protocol differs by provider (Anthropic's input_schema, OpenAI's function with strict mode, Gemini's functionDeclarations, and MCP's tools/list), but the shape is the same, and the Model Context Protocol (MCP) has become the common way to expose a server's tools to any agent.

Because selection runs on the descriptions alone, the tool set is where agents quietly break. Two tools that read the same get picked at random; a parameter with no description gets a guessed value; a destructive tool with no confirmation in its contract is the first thing a prompt-injection payload reaches for; and the whole block is re-sent every turn, so it is also a standing token tax. None of that shows up in a happy-path demo, which is why the tool definitions deserve the same review as the code behind them.

free_toolMCP & Agent Tool AuditorPaste your tool definitions and grade the set for ambiguous tools, weak schemas, and unguarded destructive calls.

related_terms

see_also

faq

Questions & answers

What is the difference between tool calling and function calling?
They are the same mechanism under two names. OpenAI introduced it as 'function calling'; Anthropic and the broader ecosystem tend to say 'tool use' or 'tool calling'. In every case you describe a set of callable operations with a name, a description, and a parameter schema, and the model decides which to invoke and with what arguments.
Why does the model call the wrong tool?
Almost always because the definitions don't let it choose. Two tools whose names or descriptions read the same are picked between at random, and a description that says what a tool is but not when to use it gives the model no trigger. The fix is in the text: make each tool's description name the case it owns, and add an explicit 'use this when…' clause.
What is MCP and how does it relate to tool calling?
The Model Context Protocol is an open standard for exposing tools (and other context) from a server to any LLM client. An MCP server returns its tools from a tools/list call in the same name/description/inputSchema shape every provider uses, so the same definition-quality rules apply: the model still selects from the description text, so ambiguous or unguarded MCP tools fail the same way native ones do.

Want this applied to your stack, not just defined?

The free tools run the numbers; an audit tells you where the real cost and risk are. Book a call, or leave your email and I'll reach out.

Book a call

No spam. You'll get a reply from me.

Prefer proof first? See how this plays out in real case studies →