Naveo

STEP 11 / 20

B6 MCP-DEBUG

DIAGNOSE · 1 CAUSE

Look at the spec. What's the most likely reason the agent never picks this tool?

TOOL SPEC

{
  "name": "execute_maintenance_command",
  "description": "Runs a maintenance command on a ship subsystem. Use whenever the user asks to fix, restart, reset, or repair something.",
  "input_schema": {
    "type": "object",
    "properties": {
      "command": { "type": "string" },
      "subsystem": { "type": "string" }
    },
    "required": ["command", "subsystem"]
  }
}

POSSIBLE CAUSES · 5

GUEST MODE

You're viewing this lesson as a guest. To save your progress, earn XP, and keep your streak, sign in when you're ready to check.

Costs 1 heart

A tool is a hole you punched in the ship's hull

Forge wired this tool last week. Atlas flagged it before it shipped. Find the same thing Atlas found.

Every tool you give an LLM is a capability the LLM can invoke without further authorization. If that capability is destructive. files deleted, accounts created, money moved, navigation rerouted. you have to design the tool so the worst-case invocation is survivable.

The model decides when to call a tool and what arguments to pass. You decide what the tool can do regardless of what arguments arrive. Where those two meet is your blast radius.

The blast-radius checklist

Before any tool ships, run it past these four questions:

Can the model construct destructive verbs from free text? If the tool takes a string that becomes part of a command, query, URL, or path. your blast radius is "anything the model can imagine."
What's the worst single-call outcome? Imagine the model is hostile. What does it do? If "drop the table" is on the list, you wrote SQL injection with extra steps.
Is destruction reversible? Soft-delete with an undo window > hard-delete. Two-phase confirm > one-shot execute.
Who's the authority on whether this call is allowed? It must NOT be the model. It must be your auth layer, against the user's session.

On the right is a tool spec with one fatal flaw. Pick it.