What is AIWiki Malaysia?

AIWiki Malaysia is a free, open AI knowledge base covering artificial intelligence concepts, tools, models, and use cases — written specifically for Malaysian professionals and students. It is maintained by AITG Sdn Bhd, an AI company based in Penang.

Who maintains AIWiki Malaysia?

AIWiki Malaysia is maintained by AITG Sdn Bhd (Registration: 202601016521 (1678618-W)), an AI company headquartered in George Town, Penang, Malaysia. The editorial team continuously updates and expands the knowledge base.

What topics does AIWiki Malaysia cover?

AIWiki Malaysia covers a wide range of AI topics including large language models (LLMs), AI agents, machine learning fundamentals, prompt engineering, AI automation, generative AI tools, Malaysian AI regulations, local vendor landscape, and real-world AI use cases relevant to the Malaysian market.

How do I search for AI topics on AIWiki Malaysia?

You can use the search bar at the top of the site to find articles by keyword or topic. Articles are also organised by category, so you can browse by subject area such as Models, Tools, Concepts, or Use Cases.

Is AIWiki Malaysia available in Bahasa Malaysia?

Yes. AIWiki Malaysia publishes content in both English and Bahasa Malaysia to serve the full breadth of the Malaysian professional and student community. Language availability is indicated on each article page.

How can I submit a topic or suggest an article?

You can suggest topics or submit article ideas by contacting the AIWiki Malaysia team at admin@aiteragrid.com. AITG Sdn Bhd reviews all submissions and publishes content that meets editorial accuracy standards.

Tool Use

Tool use in AI refers to the capability of language models to invoke external functions, APIs, or services to retrieve information, perform actions, or extend their abilities beyond text generation.

6 min readLast updated May 2026Applications

Tool use is the ability of a large language model (LLM) to take actions beyond producing text by calling externally defined functions, APIs, or services. When a model is granted tools, the application supplies a schema describing each tool name, parameters, and return type; during inference the model decides when to invoke a tool, produces a structured call, and receives the tool result back as part of the conversation. The model can then continue reasoning, call additional tools, or return a final answer to the user. Tool use is the foundational mechanism behind agentic AI systems, retrieval-augmented generation pipelines, and most production deployments of LLM-driven automation.

Tool use is closely related to function calling, a term popularised by OpenAI in 2023, but the concept predates that release. Earlier prompting techniques such as ReAct (Reason + Act) and Toolformer demonstrated that LLMs could be trained or prompted to interleave reasoning steps with tool invocations to solve tasks that required external information or computation. Modern instruction-tuned models from OpenAI, Anthropic, Google, Meta, Mistral, and Alibaba include native support for structured tool calls and are evaluated on benchmarks that measure tool selection accuracy and argument fidelity.

How tool use works

A typical tool-use interaction proceeds in three phases. First, the application supplies tool definitions to the model alongside the user prompt. Each definition includes a name, a natural-language description of when to use it, and a JSON schema for its parameters. Second, the model produces either a final text response or a structured tool call, indicated by a special token sequence or message field. Third, the application executes the requested tool, returns the result to the model as a tool-result message, and the model continues from that point. This loop may iterate many times before the model produces a final answer.

The reliability of tool use depends on several factors. The model must select the correct tool from a possibly long list, produce arguments that match the schema exactly, and reason about the returned data. Mistakes include calling the wrong tool, hallucinating non-existent parameters, mishandling errors returned by tools, or failing to call a tool when one is needed. Vendors have iterated on training procedures and prompt formats to improve these behaviours, and have introduced features such as parallel tool calling, where a model may issue multiple independent calls in a single turn, and forced tool choice, where the application requires the next response to be a specific tool call.

Common tool categories

Tools fall into several broad categories. Retrieval tools query a vector database, search engine, or document store and return relevant text chunks for grounding. Computation tools include calculators, Python interpreters, SQL engines, and code sandboxes that execute arbitrary code and return results. Action tools modify external state — sending email, creating calendar events, updating CRM records, posting to messaging platforms, or controlling devices. Memory tools allow the model to store and retrieve information across conversations or sessions.

A growing ecosystem of standards aims to make tool definitions portable. The Model Context Protocol (MCP), introduced by Anthropic in late 2024, defines an open protocol for exposing tools and resources from external servers to any compliant LLM client. MCP has been adopted by Claude, OpenAI clients, and several open-source agent frameworks, reducing the per-vendor effort required to wire models to enterprise systems.

| System | Tool format | Notable features | |---|---|---| | OpenAI | JSON schema, parallel calls | Native function calling since June 2023 | | Anthropic Claude | JSON tools, MCP-native | Structured tool blocks, computer-use tools | | Google Gemini | JSON schema, code execution | Built-in code interpreter | | Mistral | JSON schema | Native function calling in Mixtral 8x22B and Large | | Open models | Function-calling templates | Hermes, NousResearch, Functionary fine-tunes |

Risks and design considerations

Tool use expands the surface area for harm. A model that can read email, schedule meetings, or move money can be exploited through prompt injection, in which adversarial text within a tool result instructs the model to take an unintended action. Defences include separating untrusted input from trusted instructions, requiring human confirmation for sensitive actions, allowlisting tool destinations, and applying capability-aware policies that restrict which tools are available in which contexts. Enterprise deployments commonly couple tool use with audit logging, rate limiting, and per-user authorisation.

Malaysian Context — Tool-Using AI in Malaysian Enterprises

Tool-using AI agents have moved from pilots to limited production across Malaysian financial services, telecommunications, and government sectors. Maybank, CIMB, Public Bank, and RHB have built customer-service and internal-productivity agents that combine LLMs with tools for account lookup, policy retrieval, and ticket creation. These deployments operate under the Bank Negara Malaysia (BNM) Risk Management in Technology (RMiT) policy and BNM 2024 discussion paper on AI in financial services, which require human-in-the-loop controls for any tool that affects customer state.

Telcos Maxis, Celcom (now CelcomDigi), TM, and U Mobile use tool-using agents for service provisioning, network diagnostics, and customer support, with tools that query internal CRM and OSS systems. Government adoption is coordinated through the MyDIGITAL Corporation and the National AI Office, which has profiled tool-using agents for JPN (National Registration Department), LHDN (tax administration), and MyGov portal use cases.

Local AI platform providers, including AITG Sdn Bhd and several MDEC-status companies, expose tool-use APIs to Malaysian developers. Integration with the Model Context Protocol (MCP) is increasingly common, allowing Malaysian SaaS vendors to expose their own data and actions to Claude, Gemini, GPT, and Qwen-class models without per-vendor custom code.

Data protection under the Personal Data Protection Act (PDPA) requires tool-use deployments to apply consent, purpose limitation, and minimisation principles when tools touch personal data. Cybersecurity Malaysia and the National Cyber Security Agency (NACSA) have issued guidance on prompt-injection risk in tool-using systems.

Talent training for tool use and agent development is supported by HRD Corp claimable courses delivered by MDEC, the AWS re/Start programme, and several local training providers.

References

Yao, S., et al. (2022). ReAct: Synergizing Reasoning and Acting in Language Models. arXiv:2210.03629.
Schick, T., et al. (2023). Toolformer: Language Models Can Teach Themselves to Use Tools. arXiv:2302.04761.
Anthropic. (2024). Introducing the Model Context Protocol. anthropic.com/news/model-context-protocol.
Bank Negara Malaysia. (2024). Discussion Paper on Artificial Intelligence in the Financial Services Industry. https://www.bnm.gov.my.

Tags:ai-agents function-calling llm agentic-ai

Alternative names	Function calling, Tool calling
Introduced (mainstream)	OpenAI ChatGPT plugins — March 2023
Key formats	OpenAI JSON schema, Anthropic Tools API, MCP
Common tools	Search, code interpreter, retrieval, calendars
Related concepts	Agents, ReAct, function calling, MCP