Invalid Tool Calls Reach User Approval Instead of Being Auto-Rejected

[will-lamerton]

Description

Models sometimes generate tool calls for non-existent tools or with invalid parameters, and these invalid calls are presented to users for approval rather than being automatically detected and rejected with an error response back to the model.

Expected Behavior

Invalid tool calls should be:

1. Detected automatically before reaching user approval prompts
2. Rejected immediately with appropriate error messages
3. Fed back to the model as tool execution errors to allow self-correction
4. Never presented to users for approval when they're guaranteed to fail

Actual Behavior

Currently, invalid tool calls are:

• Presented to users in approval prompts
• Only fail after user approval when execution is attempted
• Cause user confusion and workflow interruption
• Force users to manually reject calls they shouldn't see

Steps to Reproduce

1. Use a model that occasionally generates invalid tool calls
2. Interact in a context where the model might hallucinate tool names or parameters
3. Observe that invalid tool calls appear in user approval prompts
4. User must manually reject these calls instead of automatic handling

Examples of Invalid Tool Calls

Non-existent Tools

{
  "name": "non_existent_tool",
  "parameters": { "input": "some value" }
}

Invalid Parameters

{
  "name": "read_file", 
  "parameters": { "invalid_param": "value" }
}

Missing Required Parameters

{
  "name": "write_file",
  "parameters": { "content": "hello" }
  // Missing required "file_path" parameter
}

Impact

User Experience:

• Confusing approval prompts for tools that will obviously fail
• Interrupts workflow with unnecessary manual intervention
• Reduces trust in the system's intelligence

System Efficiency:

• Wastes user time on manual rejections
• Missed opportunity for model self-correction
• Inefficient error handling workflow

Model Learning:

• Models don't receive immediate feedback about invalid calls
• No opportunity to self-correct and retry with valid tools
• Poor training signal for tool usage patterns

Root Cause Analysis

The issue likely stems from:

• Validation gap: Tool validation happens after user approval instead of before
• Missing pre-flight checks: No validation of tool existence and parameter schemas
• Incorrect error handling flow: Invalid calls go to user instead of back to model

Proposed Solution

1. Pre-Approval Validation Pipeline

Implement validation before user approval:

// Pseudo-code for validation pipeline
function validateToolCall(toolCall: ToolCall): ValidationResult {
  // Check if tool exists
  if (!toolRegistry.hasToolDefinition(toolCall.name)) {
    return { valid: false, error: `Tool '${toolCall.name}' does not exist` };
  }
  
  // Validate parameters against schema
  const schema = toolRegistry.getToolSchema(toolCall.name);
  const validation = validateParameters(toolCall.parameters, schema);
  
  if (!validation.valid) {
    return { valid: false, error: validation.error };
  }
  
  return { valid: true };
}

2. Error Feedback Loop

When validation fails:

• Automatically reject the tool call
• Send error message back to model as tool result
• Allow model to retry with corrected tool call
• Never show invalid calls to user

3. Enhanced Tool Registry

• Maintain comprehensive tool definitions with schemas
• Support parameter validation with detailed error messages
• Include tool availability checking per provider/context

Technical Implementation

Files Likely Affected

• src/core/tools/tool-manager.ts - Add pre-validation logic
• src/core/chat.ts - Modify tool call approval flow
• Tool approval UI components - Skip invalid calls

Implementation Steps

1. Add validation layer: Create tool call validation before user prompts
2. Enhance error handling: Route validation failures back to model
3. Update approval flow: Only show valid tool calls to users
4. Improve feedback: Provide clear error messages to models
5. Add logging: Track invalid tool call patterns for debugging

Acceptance Criteria

• Invalid tool calls are detected before user approval prompts
• Non-existent tools are automatically rejected with clear error messages
• Missing required parameters are caught and reported to model
• Invalid parameter values are validated against tool schemas
• Models receive tool execution errors for invalid calls
• Users only see valid, executable tool calls in approval prompts
• System logs invalid tool call attempts for monitoring
• Model can self-correct after receiving validation errors

Environment Details

• Affects: All AI providers and models
• Severity: Medium (UX issue, not system breaking)
• Frequency: Intermittent, depends on model behavior
• User Impact: Workflow disruption and confusion

Additional Context

This bug particularly affects:

• Less reliable models that frequently hallucinate tool names
• Complex workflows where models might confuse available tools
• New users who may not understand why invalid calls appear
• Automation scenarios where manual approval interrupts flow

The fix would significantly improve user experience by ensuring only valid, executable tool calls reach the approval stage, while providing models with immediate feedback for self-correction.

Type of Change

• New feature
• Bug fix
• Breaking change
• Documentation update

[will-lamerton]

Release 1.8.0 greatly improves this – I'll continue to monitor this over more use and feedback before closing.