Overview

What Are Tools?

Tools are the building blocks that extend your AI agents' capabilities beyond text generation. They're TypeScript functions that agents can call during workflow execution, running in a secure, sandboxed Bun runtime environment.

Tools enable agents to interact with external systems, process data, and perform complex operations that require deterministic logic and type safety.

Why Use Tools?

When building AI-powered applications, you often need agents to perform specific actions like fetching data from APIs, processing files, or interacting with databases. Tools provide a structured, type-safe interface for these operations while maintaining security and performance.

Extend Agent Capabilities

Enable agents to perform any operation you can code in TypeScript

Type-Safe Execution

JSON Schema validation ensures predictable inputs and outputs

Secure Runtime

Isolated Bun processes with configurable permissions protect your system

Performance Optimized

Pre-compiled workers and efficient resource management for speed

How Tools Work

Agent Request

During workflow execution, an agent decides to use a tool based on the task requirements

Input Validation

The tool's input is validated against its JSON Schema definition

Isolated Execution

The tool runs in a sandboxed Bun process with configured permissions

Output Processing

Results are validated and returned to the agent for further processing

Tool Inheritance

Compozy supports hierarchical tool inheritance so you can define reusable tools once and make them available across workflows and agents.

1
Project Tools
Define shared tools at the project level under tools: in compozy.yaml. These are available to all workflows and agents by default.
2
Workflow Overrides
Workflows can declare their own tools:. When a tool ID matches a project tool, the workflow version overrides it.
3
Agent Overrides
If an agent declares any tools, inheritance is disabled for that agent and only the agent's tools are advertised to the LLM.
4
Deterministic Order
When tools are inherited, the final set is sorted alphabetically by tool ID to keep LLM context stable.

compozy.yaml (project tools)

tools:
  - id: code-analyzer
    description: Analyzes code quality and patterns
  - id: data-processor
    description: Processes and transforms data

workflow.yaml (override a shared tool)

tools:
  - id: code-analyzer   # Overrides project definition with workflow-specific config
    description: Analyzer tuned for this workflow

agent.yaml (agent tools disable inheritance)

agents:
  - id: reviewer
    tools:
      - code-analyzer
      - read_file

Core Features

Schema-First Design

Every tool defines its interface using JSON Schema, providing:

Type Safety
Catch errors before runtime with validated inputs/outputs
Self-Documentation
Clear parameter descriptions for agents and developers
LLM Integration
Seamless function calling with structured data

input:
  type: object
  properties:
    query:
      type: string
      description: "Search query to execute"
    limit:
      type: integer
      default: 10
      minimum: 1
      maximum: 100
  required: [query]

Secure Execution Environment

Tools run in isolated Bun processes with granular security controls:

Permission System
Control file, network, and environment access
Resource Limits
Set memory, CPU, and timeout constraints
Environment Isolation
Secure credential management with filtered variables
Output Validation
Prevent memory exhaustion with size limits

runtime:
  permissions:
    - --allow-read=./data
    - --allow-net=api.example.com
  limits:
    memory: "256MB"
    timeout: "30s"

Performance Optimization

Built-in optimizations ensure tools run efficiently:

Worker Caching
Pre-compiled templates for faster startup
Buffer Pooling
Efficient memory management for I/O operations
Parallel Execution
Run multiple tools concurrently when needed
Connection Pooling
Reuse HTTP connections across requests

Basic Tool Example

// tools/data-processor.ts
interface Input {
  data: unknown[];
  operation: 'filter' | 'map' | 'reduce';
  expression: string;
}

interface Output {
  result: unknown;
  processed: number;
  duration: number;
}

export async function dataProcessor(input: Input): Promise<Output> {
  const start = Date.now();

  // Validate and process data
  if (!Array.isArray(input.data)) {
    throw new Error('Input data must be an array');
  }

  let result: unknown;
  switch (input.operation) {
    case 'filter':
      result = input.data.filter(item =>
        evaluate(item, input.expression)
      );
      break;
    case 'map':
      result = input.data.map(item =>
        transform(item, input.expression)
      );
      break;
    case 'reduce':
      result = input.data.reduce((acc, item) =>
        aggregate(acc, item, input.expression),
        {}
      );
      break;
  }

  return {
    result,
    processed: input.data.length,
    duration: Date.now() - start
  };
}

Best Practices

Single Responsibility

Each tool should do one thing well. Create multiple focused tools rather than one complex tool.

Input Validation

Always validate inputs using JSON Schema and runtime checks for predictable behavior.

Error Handling

Provide clear error messages that help agents understand what went wrong and how to fix it.

Performance

Set appropriate timeouts and resource limits based on expected workload and usage patterns.

Security

Follow the principle of least privilege when configuring permissions and access controls.

Testing

Write comprehensive unit tests before integrating tools into workflows for reliability.

Start with the TypeScript Development guide to build your first tool, then explore the Runtime Environment documentation to understand security and performance considerations.

Core Concepts

Understand how tools fit into the Compozy architecture

Agent Integration

Learn how agents discover and use tools during execution

Task Execution

See how tools are invoked within workflow tasks

MCP Protocol

Extend tools with external Model Context Protocol servers