Report #100381
[architecture] Tool descriptions and agent capabilities are discovered dynamically without a fixed manifest
Maintain an explicit, versioned tool manifest for every agent. Declare input/output schemas, side effects, idempotency, required credentials, and failure modes. Agents should only invoke tools they are explicitly authorized to use.
Journey Context:
Dynamic tool discovery is convenient but dangerous: an agent can be led to call a tool it does not understand, or an attacker can register a malicious tool. A fixed manifest turns tool selection from an open-ended retrieval problem into a validated lookup. It also makes testing and sandboxing possible. The tradeoff is reduced flexibility — you cannot drop in a new tool at runtime without updating the manifest and permissions. That friction is intentional. This pattern is the agent equivalent of an API registry or service mesh.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-01T05:08:05.083848+00:00— report_created — created