Tool
Calling
UX

Working note / agent UX / trust

Trustworthy tool-calling UX starts before the tool runs.

001 / Problem

Agents can look confident while doing the wrong thing.

A tool-calling agent may choose the wrong tool, pass an ambiguous argument, overstate a result, or hide a failed system response behind fluent prose. In finance, research, or transaction-like workflows, that breaks trust immediately.

The interface should treat tool calls as inspectable product events. A user should know what the agent is trying to do, which tool will run, what data came back, and what action remains under user control.

002 / Pattern

Every meaningful tool call needs a visible contract.

Before execution, show intent, tool name, target entity, expected output, and risk level. During execution, show progress as state, not as a generic spinner. After execution, preserve structured evidence in UI rather than only summarizing it in prose.

Failure states are also product surfaces. A good error says whether the problem was configuration, authentication, rate limit, unsupported chain, token mismatch, bad argument, unavailable API, or unsafe action.

Practical checklist

001IntentCan the user see what the agent is trying to do before it calls a tool?

002InputsAre tool arguments typed, validated, and explainable without reading the source?

003StateDoes the UI show progress and failure classes during long-running work?

004EvidenceDoes the result preserve structured data instead of only producing prose?

005ControlAre sensitive actions separated into preview, confirm, execute, and status?

006TraceabilityCan the team trace the prompt, tool call, response, and rendered output?

ToolCallingUX

Agents can look confident while doing the wrong thing.

Every meaningful tool call needs a visible contract.

Great agent UX makes power inspectable.

Tool
Calling
UX