Lesson 1270 of 2116
Letting an Agent Discover Tools at Runtime (and the Risks)
Patterns for runtime tool registration vs. static registries — and why runtime is harder than it looks.
Lesson map
What this lesson covers
Learning path
The main moves in order
- 1The premise
- 2dynamic-tools
- 3tool-registry
- 4MCP
Concept cluster
Terms to connect while reading
Section 1
The premise
Runtime tool discovery sounds elegant but expands the attack surface and the cost surface of every agent invocation.
What AI does well here
- Pull a fresh tool catalog from MCP or a registry per session
- Filter tools by user scope before they enter the prompt
- Cache the catalog within a session to avoid re-fetch cost
- Log which tools were exposed for every run
What AI cannot do
- Guarantee a freshly registered tool is safe to call without review
- Predict token cost when the catalog grows unboundedly
- Detect a malicious tool definition by description alone
Key terms in this lesson
End-of-lesson quiz
Check what stuck
15 questions · Score saves to your progress.
Tutor
Curious about “Letting an Agent Discover Tools at Runtime (and the Risks)”?
Ask anything about this lesson. I’ll answer using just what you’re reading — short, friendly, grounded.
Progress saved locally in this browser. Sign in to sync across devices.
Related lessons
Keep going
Builders · 40 min
MCP — How Agents Connect to Tools
MCP (Model Context Protocol) is a standard way for agents to safely talk to tools.
Creators · 55 min
MCP Deep Dive: The USB-C for AI Tools
Model Context Protocol is the most important open standard in agents. One protocol, 1,200+ servers, and your agent can plug into almost any system. Here's how it actually works.
Creators · 48 min
Computer Use API: Letting AI Click Through GUIs
Computer Use lets Claude see your screen and use it — mouse, keyboard, apps. The capability is real, the gotchas are real. A hands-on look at what works in 2026.