Tool-use failure
Tool Misuse in AI Agents
When agents pick the wrong tool, pass bad arguments, ignore tool output, or act without required confirmation.
Definition
Tool misuse occurs when an AI agent selects the wrong tool, calls a tool at the wrong time, passes invalid arguments, ignores tool output, overuses tools, or takes an action that should have required confirmation. This failure mode is central to agentic systems because tools connect model reasoning to real workflows.
Why it matters
A tool-use mistake can change records, send messages, retrieve the wrong data, expose sensitive information, trigger unnecessary costs, or create a cascade of downstream failures. Tool misuse is especially risky when agents have write access, customer-facing permissions, or operational authority.
Where it appears
Customer support agents, sales assistants, data analysts, IT automation agents, coding agents, CRM agents, procurement workflows, and internal operations copilots.
Symptoms
- The agent calls a tool unrelated to the user request.
- The tool is called with missing, malformed, or unsafe arguments.
- The agent ignores an error returned by the tool.
- The agent retries the same failing tool call repeatedly.
- The agent takes action without required approval.
- The final answer contradicts tool output.
Detection signals
- Tool-call error rates.
- Invalid argument frequency.
- Tool-output/output contradiction.
- Excessive retries.
- Tool calls outside allowed workflow state.
- Write actions without confirmation.
- User corrections after tool execution.
Example scenario
An internal support agent is asked to look up an employee device status. It accidentally calls the device reset tool instead of the inventory lookup tool because both tools have similar descriptions. The system executes an unnecessary reset workflow.
Severity scoring
Low
Unnecessary read-only tool call with no impact.
Medium
Wrong tool call causes user confusion or wasted work.
High
Tool misuse changes data, sends incorrect information, or triggers manual remediation.
Critical
Tool misuse causes security, compliance, financial, or production impact.
Eval strategy
Create task suites that require correct tool selection, correct argument construction, proper interpretation of tool output, and correct escalation behavior. Include decoy tools with similar names and ambiguous requests that should trigger clarification.
Runtime monitoring strategy
Monitor tool selection, argument validation, tool-call timing, retry patterns, error handling, and user corrections. Review traces where agents call tools outside expected workflow states.
Mitigation strategies
- Improve tool descriptions and schemas.
- Add strict argument validation.
- Require confirmation for write actions.
- Use policy gates for sensitive tools.
- Add tool-call allowlists by workflow.
- Add recovery behavior for tool errors.
- Evaluate tool-use behavior after model or prompt changes.
Where FailureModes.ai fits
FailureModes.ai helps teams classify tool-use failures, detect risky tool-call patterns, monitor agent traces, and connect tool misuse to mitigations such as validation, gating, approvals, and regression evals.
Related
Continue exploring.
- →
Schema Violation
Outputs that don't match a required format, contract, or structure — malformed JSON, bad fields, invalid tool arguments.
- →
Cascading Agent Failure
One local error in an agent workflow propagates into a larger workflow failure across tools, memory, or systems.
- →
Cost Runaway
AI systems consuming far more resources than expected through retries, loops, long context, or excessive tool calls.
- →
Unsafe Escalation
When an agent acts, approves, or escalates without the right review, policy check, or human handoff — or fails to escalate when it should.
- →
Planning Failure
When an AI agent decomposes a task incorrectly, picks a wrong strategy, skips required steps, or fails to adapt to new information.