Quick Start
1
Simple Usage
Built-in search tools are protected automatically:
2
With Configuration
Mark custom tools as external:
How It Works
Auto-protected built-ins includeduckduckgo, web_search, tavily_search, scrape_page, fetch_url, and others in the external tools set. MCP tools can be marked at registration time.
Configuration Options
Best Practices
Mark external data sources as external
Mark external data sources as external
Web APIs, scraping, MCP servers you do not control, and third-party feeds should use
trust_level="external".Do not strip safety markers
Do not strip safety markers
Removing
<external_tool_result> tags breaks the model’s boundary between data and instructions.Prefer external when unsure
Prefer external when unsure
Wrapping cost is minimal; under-marking exposes you to injection.
Layer with other guards
Layer with other guards
Combine with Tool Circuit Breaker and input validation for defence in depth.
Related
Tool Circuit Breaker
Automatic tool failure detection and recovery
Security Overview
Complete security features and best practices

