Tool Catalog
Two-tier registry. Org tools approved by Platform Admin and visible to every team. Team tools registered by a Team Admin and scoped to that team.
The model-driving runtime holds zerotool IAM. It can only invoke its agent's Tool Dispatcher, which holds each Tool's scoped permissions (granted at deploy time), enforces the Agent's allowlist and input schema, invokes the Tool, and records the call in the Trajectory. One enforcement and audit point per agent — so a prompt injection can never reach an AWS API the Dispatcher doesn't already gate.
tool spans.| Tool | Kind | Scope | IAM actions | Approved by | In use by |
|---|---|---|---|---|---|
Zendesk Search Read-only ticket search across Zendesk. | http | org | none (in-VPC HTTP) | Platform Admin 2026-02-04 | 4 agents |
Salesforce Lookup Read accounts, contacts, opportunities. | http | org | none (in-VPC HTTP) | Platform Admin 2026-01-22 | 6 agents |
Confluence KB MCP server fronting the Confluence space. | mcp | org | bedrock:Retrieve | Platform Admin 2026-01-22 | 5 agents |
Stripe Charges Quote refunds, list charges. Mutations gated by approval-broker. | http | team | none (in-VPC HTTP) | Priya Shah (Team Admin) 2026-03-11 | 1 agents |
Approval Broker Issues human-in-the-loop approval requests via Slack + email. | lambda | org | sns:Publishses:SendEmail | Platform Admin 2026-01-30 | 3 agents |
GitHub Issues File and read issues on configured repos. | http | team | none (in-VPC HTTP) | Marcus Chen (Team Admin) 2026-04-02 | 1 agents |
Datadog Query Query metrics, logs, traces. Read-only. | http | team | none (in-VPC HTTP) | Marcus Chen (Team Admin) 2026-04-02 | 1 agents |
Policy Lookup (Guidewire) Read insurance policy data from Guidewire. | http | team | none (in-VPC HTTP) | Linnea Park (Team Admin) 2026-03-18 | 2 agents |
Duck Creek Write Post claim decisions to the core system. Mutations only. | http | team | none (in-VPC HTTP) | Linnea Park (Team Admin) 2026-03-18 | 2 agents |
Document Upload S3 multipart upload to the team's intake bucket. | aws | org | s3:PutObject | Platform Admin 2026-02-15 | 1 agents |
KYC Vendor (Persona) Initiate and read KYC verification cases. | http | team | none (in-VPC HTTP) | Priya Shah (Team Admin) 2026-05-15 | 1 agents |
Calendly Create Create scheduling links for end users. | http | org | none (in-VPC HTTP) | Platform Admin 2026-02-15 | 1 agents |
A Team Admin can register a team tool immediately. Promotion to org tier requires Platform Admin review and a security questionnaire.
Every tool advertises a typed schema (input + output). The interview agent uses these to suggest tools that fit the user's described intent.
Every Tool endpoint is reachable from inside the air-gapped VPC — a Lambda ARN, an in-VPC HTTP API over PrivateLink/interface endpoint, or an AWS service action. There is no public-internet egress: no IGW, no NAT, no forward proxy.