This topic was automatically generated from Slack. You can find the original thread here.
hey guys, is there a way to restrict the tools per app that we give agents access to? For example, if I want my agent to only be able to call the add single row tool for Google Sheets with the pipedream mcp in the subagent mode, is there a way to configure that? The use case is I want to give the list of tools per connected app to my users and allow them to select which tools specifically they want to give the agent access to. Like, a way to give it access to just this
Not currently. How would you ideally envision that working — would you want to define the list of available tools dynamically when you load tools for a given app and let the user pick? Or define them offline separately via some other flow or mechanism? Do you think that’d be a user-specific config?
Essentially I’d like to show the user the full list of tools they have available for each of their integrated apps, allow them to select some amount of them before calling the agent, and each time the agent is called it gets only those tools available. So this would require fetching all of the available tools per app (like we fetch the actions per app) to show them in the UI, and then allowing the user to select some set of tools and pass through those tools the moment they make the agent call to only expose the selected ones as “available tools” to the agent. So it would be moreso per chat message sent config
Yea, makes sense. You could build this on your end today — that’s exactly what Claude, ChatGPT, Cursor, etc have built. If you add Pipedream MCP to any of those apps, they’ll present you with a list of available tools, and you have the option to allow or disallow each: Pipedream MCP in ChatGPT | Loom
Sorry jumping in a bit late hear, but that’s exactly what we wanted to do in what we are building. Not sure if this is exactly applicable to your use case but we (using AWS):
Kept a dynamodb table of allowed/dissalowed tools for each MCP server. The user configured these on the front end. They know what tools are available as we can fetch this using the connect API (can’t remember which one off by heart). If they toggle a tool off, we update the dynamodb record.
Inside our lambda (where we run the agent with the MCP server) we create the client to pipedream MCP, and then filter the tools against the allow list in the dynamo table before passing the tools to our agent.
So this gives our users control to globally disallow tools. In your case you could hard code it in the backend with a config file etc. Sorry I can’t provide more detail but it’s definitely feasible
