参考数据:工具使用概念
Data: Tool use concepts
v2.1.63Conceptual foundations of tool use with the Claude API including tool definitions, tool choice, and best practices
工具使用概念
本文档涵盖 Claude API 工具使用的概念基础。如需特定语言的代码示例,请查看 python/、typescript/ 或其他语言文件夹。
用户定义工具
工具定义结构
注意: 使用 Tool Runner(测试版)时,工具模式会自动从您的函数签名(Python)、Zod 模式(TypeScript)、带注解的类(Java)、
jsonschema结构体标签(Go)或BaseTool子类(Ruby)生成。下面的原始 JSON 模式格式适用于手动方法或不支持 tool runner 的 SDK。
每个工具都需要名称、描述和其输入的 JSON 模式:
{
"name": "get_weather",
"description": "获取指定位置的当前天气",
"input_schema": {
"type": "object",
"properties": {
"location": {
"type": "string",
"description": "城市和州,例如:San Francisco, CA"
},
"unit": {
"type": "string",
"enum": ["celsius", "fahrenheit"],
"description": "温度单位"
}
},
"required": ["location"]
}
}工具定义的最佳实践:
- 使用清晰、描述性的名称(例如
get_weather、search_database、send_email) - 编写详细的描述 — Claude 使用这些描述来决定何时使用工具
- 为每个属性包含描述
- 对具有固定值集的参数使用
enum - 在
required中标记真正必需的参数;其他参数设为可选并设置默认值
工具选择选项
控制 Claude 何时使用工具:
| 值 | 行为 |
|---|---|
{"type": "auto"} | Claude 决定是否使用工具(默认) |
{"type": "any"} | Claude 必须至少使用一个工具 |
{"type": "tool", "name": "..."} | Claude 必须使用指定的工具 |
{"type": "none"} | Claude 不能使用工具 |
任何 tool_choice 值也可以包含 "disable_parallel_tool_use": true 以强制 Claude 每次响应最多使用一个工具。默认情况下,Claude 可能在单个响应中请求多个工具调用。
Tool Runner 与手动循环
Tool Runner(推荐): SDK 的 tool runner 自动处理 agentic 循环 — 它调用 API、检测工具使用请求、执行您的工具函数、将结果反馈给 Claude,并重复直到 Claude 停止调用工具。可在 Python、TypeScript、Java、Go 和 Ruby SDK 中使用(测试版)。
手动 Agentic 循环: 当您需要对循环进行细粒度控制时使用(例如自定义日志记录、条件性工具执行、人工介入批准)。循环直到 stop_reason == "end_turn",始终附加完整的 response.content 以保留 tool_use 块,并确保每个 tool_result 包含匹配的 tool_use_id。
服务器端工具的停止原因: 使用服务器端工具(代码执行、网络搜索等)时,API 运行服务器端采样循环。如果此循环达到其默认的 10 次迭代限制,响应将具有 stop_reason: "pause_turn"。要继续,请重新发送用户消息和助手响应,并发出另一个 API 请求 — 服务器将从上次中断处恢复。不要添加额外的用户消息如 "Continue。" — API 会检测尾部的 server_tool_use 块并知道自动恢复。
# 在您的 agentic 循环中处理 pause_turn
if response.stop_reason == "pause_turn":
messages = [
{"role": "user", "content": user_query},
{"role": "assistant", "content": response.content},
]
# 发出另一个 API 请求 — 服务器自动恢复
response = client.messages.create(
model="{\{OPUS_ID}\}", messages=messages, tools=tools
)设置 max_continuations 限制(例如 5)以防止无限循环。完整指南请参阅:https://platform.claude.com/docs/en/build-with-claude/handling-stop-reasons
安全性: tool runner 在 Claude 请求时自动执行您的工具函数。对于具有副作用(发送电子邮件、修改数据库、金融交易)的工具,请在工具函数内验证输入,并考虑对破坏性操作要求确认。如果需要在每次工具执行前进行人工介入批准,请使用手动 agentic 循环。
处理工具结果
当 Claude 使用工具时,响应包含一个 tool_use 块。您必须:
- 使用提供的输入执行工具
- 在
tool_result消息中发送结果 - 继续对话
工具结果中的错误处理: 当工具执行失败时,设置 "is_error": true 并提供信息丰富的错误消息。Claude 通常会确认错误并尝试不同的方法或请求澄清。
多个工具调用: Claude 可以在单个响应中请求多个工具。在继续之前处理所有工具 — 在单个 user 消息中发送所有结果。
服务器端工具:代码执行
代码执行工具让 Claude 在安全的沙盒容器中运行代码。与用户定义工具不同,服务器端工具在 Anthropic 的基础设施上运行 — 您无需在客户端执行任何操作。只需包含工具定义,Claude 会处理其余部分。
关键事实
- 在隔离容器中运行(1 个 CPU,5 GiB RAM,5 GiB 磁盘)
- 无网络访问(完全沙盒化)
- Python 3.11 预装数据科学库
- 容器持续 30 天,可在多个请求中重复使用
- 与网络搜索/网络获取工具一起使用时免费;否则每月每个组织 1,550 免费小时后 $0.05/小时
工具定义
该工具不需要模式 — 只需在 tools 数组中声明:
{
"type": "code_execution_20260120",
"name": "code_execution"
}Claude 自动获得对 bash_code_execution(运行 shell 命令)和 text_editor_code_execution(创建/查看/编辑文件)的访问权限。
预装的 Python 库
- 数据科学:pandas、numpy、scipy、scikit-learn、statsmodels
- 可视化:matplotlib、seaborn
- 文件处理:openpyxl、xlsxwriter、pillow、pypdf、pdfplumber、python-docx、python-pptx
- 数学:sympy、mpmath
- 实用工具:tqdm、python-dateutil、pytz、sqlite3
其他包可以通过 pip install 在运行时安装。
支持上传的文件类型
| 类型 | 扩展名 |
|---|---|
| 数据 | CSV、Excel (.xlsx/.xls)、JSON、XML |
| 图像 | JPEG、PNG、GIF、WebP |
| 文本 | .txt、.md、.py、.js 等 |
容器重用
在多个请求中重用容器以保持状态(文件、安装的包、变量)。从第一个响应中提取 container_id 并将其传递给后续请求。
响应结构
响应包含交错的文本和工具结果块:
text— Claude 的解释server_tool_use— Claude 正在做什么bash_code_execution_tool_result— 代码执行输出(检查return_code了解成功/失败)text_editor_code_execution_tool_result— 文件操作结果
安全性: 在将下载的文件写入磁盘之前,始终使用
os.path.basename()/path.basename()清理文件名,以防止路径遍历攻击。将文件写入专用的输出目录。
服务器端工具:网络搜索和网络获取
网络搜索和网络获取让 Claude 搜索网络并检索页面内容。它们在服务器端运行 — 只需包含工具定义,Claude 会自动处理查询、获取和结果处理。
工具定义
[
{ "type": "web_search_20260209", "name": "web_search" },
{ "type": "web_fetch_20260209", "name": "web_fetch" }
]动态过滤(Opus 4.6 / Sonnet 4.6)
web_search_20260209 和 web_fetch_20260209 版本支持动态过滤 — Claude 编写并执行代码以在搜索结果到达上下文窗口之前进行过滤,提高准确性和 token 效率。动态过滤内置于这些工具版本中并自动激活;您无需单独声明 code_execution 工具或传递任何测试版头信息。
{
"tools": [
{ "type": "web_search_20260209", "name": "web_search" },
{ "type": "web_fetch_20260209", "name": "web_fetch" }
]
}如果没有动态过滤,之前的 web_search_20250305 版本也可用。
注意: 仅当您的应用程序需要代码执行用于其自身目的(数据分析、文件处理、可视化)且独立于网络搜索时,才包含独立的
code_execution工具。将其与_20260209网络工具一起包含会创建第二个执行环境,可能会使模型混淆。
服务器端工具:编程式工具调用
编程式工具调用让 Claude 在代码中执行复杂的多工具工作流,将中间结果排除在上下文窗口之外。Claude 编写直接调用您工具的代码,减少多步操作的 token 使用。
完整文档,请使用 WebFetch:
- URL:
https://platform.claude.com/docs/en/agents-and-tools/tool-use/programmatic-tool-calling
服务器端工具:工具搜索
工具搜索工具让 Claude 从大型库中动态发现工具,而无需将所有定义加载到上下文窗口中。当您有许多工具但只有少数与任何给定查询相关时非常有用。
完整文档,请使用 WebFetch:
- URL:
https://platform.claude.com/docs/en/agents-and-tools/tool-use/tool-search-tool
工具使用示例
您可以直接在工具定义中提供示例工具调用,以演示使用模式并减少参数错误。这有助于 Claude 理解如何正确格式化工具输入,特别是对于具有复杂模式的工具。
完整文档,请使用 WebFetch:
- URL:
https://platform.claude.com/docs/en/agents-and-tools/tool-use/implement-tool-use
服务器端工具:计算机使用
计算机使用让 Claude 与桌面环境交互(截图、鼠标、键盘)。它可以是 Anthropic 托管的(服务器端,如代码执行)或自托管的(您提供环境并在客户端执行操作)。
完整文档,请使用 WebFetch:
- URL:
https://platform.claude.com/docs/en/agents-and-tools/computer-use/overview
客户端工具:内存
内存工具使 Claude 能够通过内存文件目录跨对话存储和检索信息。Claude 可以创建、读取、更新和删除在会话之间持久存在的文件。
关键事实
- 客户端工具 — 您通过实现控制存储
- 支持命令:
view、create、str_replace、insert、delete、rename - 操作
/memories目录中的文件 - SDK 提供用于实现内存后端的辅助类/函数
安全性: 切勿在内存文件中存储 API 密钥、密码、token 或其他秘密。对个人身份信息(PII)要谨慎 — 在持久化用户数据之前检查数据隐私法规(GDPR、CCPA)。参考实现没有内置的访问控制;在多用户系统中,在您的工具处理程序中实现每个用户的内存目录和身份验证。
完整实现示例,请使用 WebFetch:
- 文档:
https://platform.claude.com/docs/en/agents-and-tools/tool-use/memory-tool.md
结构化输出
结构化输出约束 Claude 的响应以遵循特定的 JSON 模式,保证有效、可解析的输出。这不是一个单独的工具 — 它增强了 Messages API 响应格式和/或工具参数验证。
提供两个功能:
- JSON 输出(
output_config.format):控制 Claude 的响应格式 - 严格工具使用(
strict: true):保证有效的工具参数模式
支持的模型: 、 和 。旧版模型(Claude Opus 4.5、Claude Opus 4.1)也支持结构化输出。
推荐: 使用
client.messages.parse(),它会自动根据您的模式验证响应。直接使用messages.create()时,使用output_config: {format: {...}\}。某些 SDK 方法(例如.parse())也接受output_format便利参数,但output_config.format是规范的 API 级参数。
JSON 模式限制
支持:
- 基本类型:object、array、string、integer、number、boolean、null
enum、const、anyOf、allOf、$ref/$def- 字符串格式:
date-time、time、date、duration、email、hostname、uri、ipv4、ipv6、uuid additionalProperties: false(所有对象必需)
不支持:
- 递归模式
- 数值约束(
minimum、maximum、multipleOf) - 字符串约束(
minLength、maxLength) - 复杂数组约束
additionalProperties设置为除false以外的任何值
Python 和 TypeScript SDK 通过从发送到 API 的模式中移除不支持的约束并在客户端验证它们来自动处理不支持的约束。
重要注意事项
- 首次请求延迟:新模式会产生一次性编译成本。使用相同模式的后续请求使用 24 小时缓存。
- 拒绝:如果 Claude 出于安全原因拒绝(
stop_reason: "refusal"),输出可能不匹配您的模式。 - Token 限制:如果
stop_reason: "max_tokens",输出可能不完整。增加max_tokens。 - 不兼容:引用(返回 400 错误)、消息预填充。
- 兼容:Batches API、流式传输、token 计数、扩展思考。
有效工具使用的技巧
- 提供详细描述:Claude 严重依赖描述来理解何时以及如何使用工具
- 使用特定的工具名称:
get_current_weather比weather更好 - 验证输入:在执行前始终验证工具输入
- 优雅地处理错误:返回信息丰富的错误消息,以便 Claude 能够适应
- 限制工具数量:太多工具可能会使模型混淆 — 保持工具集专注
- 测试工具交互:在各种场景中验证 Claude 是否正确使用工具
详细的工具使用文档,请使用 WebFetch:
- URL:
https://platform.claude.com/docs/en/agents-and-tools/tool-use/overview
英文原文 / English Original
Tool Use Concepts
This file covers the conceptual foundations of tool use with the Claude API. For language-specific code examples, see the python/, typescript/, or other language folders.
User-Defined Tools
Tool Definition Structure
Note: When using the Tool Runner (beta), tool schemas are generated automatically from your function signatures (Python), Zod schemas (TypeScript), annotated classes (Java),
jsonschemastruct tags (Go), orBaseToolsubclasses (Ruby). The raw JSON schema format below is for the manual approach or SDKs without tool runner support.
Each tool requires a name, description, and JSON Schema for its inputs:
{
"name": "get_weather",
"description": "Get current weather for a location",
"input_schema": {
"type": "object",
"properties": {
"location": {
"type": "string",
"description": "City and state, e.g., San Francisco, CA"
},
"unit": {
"type": "string",
"enum": ["celsius", "fahrenheit"],
"description": "Temperature unit"
}
},
"required": ["location"]
}
}Best practices for tool definitions:
- Use clear, descriptive names (e.g.,
get_weather,search_database,send_email) - Write detailed descriptions — Claude uses these to decide when to use the tool
- Include descriptions for each property
- Use
enumfor parameters with a fixed set of values - Mark truly required parameters in
required; make others optional with defaults
Tool Choice Options
Control when Claude uses tools:
| Value | Behavior |
|---|---|
{"type": "auto"} | Claude decides whether to use tools (default) |
{"type": "any"} | Claude must use at least one tool |
{"type": "tool", "name": "..."} | Claude must use the specified tool |
{"type": "none"} | Claude cannot use tools |
Any tool_choice value can also include "disable_parallel_tool_use": true to force Claude to use at most one tool per response. By default, Claude may request multiple tool calls in a single response.
Tool Runner vs Manual Loop
Tool Runner (Recommended): The SDK's tool runner handles the agentic loop automatically — it calls the API, detects tool use requests, executes your tool functions, feeds results back to Claude, and repeats until Claude stops calling tools. Available in Python, TypeScript, Java, Go, and Ruby SDKs (beta).
Manual Agentic Loop: Use when you need fine-grained control over the loop (e.g., custom logging, conditional tool execution, human-in-the-loop approval). Loop until stop_reason == "end_turn", always append the full response.content to preserve tool_use blocks, and ensure each tool_result includes the matching tool_use_id.
Stop reasons for server-side tools: When using server-side tools (code execution, web search, etc.), the API runs a server-side sampling loop. If this loop reaches its default limit of 10 iterations, the response will have stop_reason: "pause_turn". To continue, re-send the user message and assistant response and make another API request — the server will resume where it left off. Do NOT add an extra user message like "Continue." — the API detects the trailing server_tool_use block and knows to resume automatically.
# Handle pause_turn in your agentic loop
if response.stop_reason == "pause_turn":
messages = [
{"role": "user", "content": user_query},
{"role": "assistant", "content": response.content},
]
# Make another API request — server resumes automatically
response = client.messages.create(
model="{\{OPUS_ID}\}", messages=messages, tools=tools
)Set a max_continuations limit (e.g., 5) to prevent infinite loops. For the full guide, see: https://platform.claude.com/docs/en/build-with-claude/handling-stop-reasons
Security: The tool runner executes your tool functions automatically whenever Claude requests them. For tools with side effects (sending emails, modifying databases, financial transactions), validate inputs within your tool functions and consider requiring confirmation for destructive operations. Use the manual agentic loop if you need human-in-the-loop approval before each tool execution.
Handling Tool Results
When Claude uses a tool, the response contains a tool_use block. You must:
- Execute the tool with the provided input
- Send the result back in a
tool_resultmessage - Continue the conversation
Error handling in tool results: When a tool execution fails, set "is_error": true and provide an informative error message. Claude will typically acknowledge the error and either try a different approach or ask for clarification.
Multiple tool calls: Claude can request multiple tools in a single response. Handle them all before continuing — send all results back in a single user message.
Server-Side Tools: Code Execution
The code execution tool lets Claude run code in a secure, sandboxed container. Unlike user-defined tools, server-side tools run on Anthropic's infrastructure — you don't execute anything client-side. Just include the tool definition and Claude handles the rest.
Key Facts
- Runs in an isolated container (1 CPU, 5 GiB RAM, 5 GiB disk)
- No internet access (fully sandboxed)
- Python 3.11 with data science libraries pre-installed
- Containers persist for 30 days and can be reused across requests
- Free when used with web search/web fetch tools; otherwise $0.05/hour after 1,550 free hours/month per organization
Tool Definition
The tool requires no schema — just declare it in the tools array:
{
"type": "code_execution_20260120",
"name": "code_execution"
}Claude automatically gains access to bash_code_execution (run shell commands) and text_editor_code_execution (create/view/edit files).
Pre-installed Python Libraries
- Data science: pandas, numpy, scipy, scikit-learn, statsmodels
- Visualization: matplotlib, seaborn
- File processing: openpyxl, xlsxwriter, pillow, pypdf, pdfplumber, python-docx, python-pptx
- Math: sympy, mpmath
- Utilities: tqdm, python-dateutil, pytz, sqlite3
Additional packages can be installed at runtime via pip install.
Supported File Types for Upload
| Type | Extensions |
|---|---|
| Data | CSV, Excel (.xlsx/.xls), JSON, XML |
| Images | JPEG, PNG, GIF, WebP |
| Text | .txt, .md, .py, .js, etc. |
Container Reuse
Reuse containers across requests to maintain state (files, installed packages, variables). Extract the container_id from the first response and pass it to subsequent requests.
Response Structure
The response contains interleaved text and tool result blocks:
text— Claude's explanationserver_tool_use— What Claude is doingbash_code_execution_tool_result— Code execution output (checkreturn_codefor success/failure)text_editor_code_execution_tool_result— File operation results
Security: Always sanitize filenames with
os.path.basename()/path.basename()before writing downloaded files to disk to prevent path traversal attacks. Write files to a dedicated output directory.
Server-Side Tools: Web Search and Web Fetch
Web search and web fetch let Claude search the web and retrieve page content. They run server-side — just include the tool definitions and Claude handles queries, fetching, and result processing automatically.
Tool Definitions
[
{ "type": "web_search_20260209", "name": "web_search" },
{ "type": "web_fetch_20260209", "name": "web_fetch" }
]Dynamic Filtering (Opus 4.6 / Sonnet 4.6)
The web_search_20260209 and web_fetch_20260209 versions support dynamic filtering — Claude writes and executes code to filter search results before they reach the context window, improving accuracy and token efficiency. Dynamic filtering is built into these tool versions and activates automatically; you do not need to separately declare the code_execution tool or pass any beta header.
{
"tools": [
{ "type": "web_search_20260209", "name": "web_search" },
{ "type": "web_fetch_20260209", "name": "web_fetch" }
]
}Without dynamic filtering, the previous web_search_20250305 version is also available.
Note: Only include the standalone
code_executiontool when your application needs code execution for its own purposes (data analysis, file processing, visualization) independent of web search. Including it alongside_20260209web tools creates a second execution environment that can confuse the model.
Server-Side Tools: Programmatic Tool Calling
Programmatic tool calling lets Claude execute complex multi-tool workflows in code, keeping intermediate results out of the context window. Claude writes code that calls your tools directly, reducing token usage for multi-step operations.
For full documentation, use WebFetch:
- URL:
https://platform.claude.com/docs/en/agents-and-tools/tool-use/programmatic-tool-calling
Server-Side Tools: Tool Search
The tool search tool lets Claude dynamically discover tools from large libraries without loading all definitions into the context window. Useful when you have many tools but only a few are relevant to any given query.
For full documentation, use WebFetch:
- URL:
https://platform.claude.com/docs/en/agents-and-tools/tool-use/tool-search-tool
Tool Use Examples
You can provide sample tool calls directly in your tool definitions to demonstrate usage patterns and reduce parameter errors. This helps Claude understand how to correctly format tool inputs, especially for tools with complex schemas.
For full documentation, use WebFetch:
- URL:
https://platform.claude.com/docs/en/agents-and-tools/tool-use/implement-tool-use
Server-Side Tools: Computer Use
Computer use lets Claude interact with a desktop environment (screenshots, mouse, keyboard). It can be Anthropic-hosted (server-side, like code execution) or self-hosted (you provide the environment and execute actions client-side).
For full documentation, use WebFetch:
- URL:
https://platform.claude.com/docs/en/agents-and-tools/computer-use/overview
Client-Side Tools: Memory
The memory tool enables Claude to store and retrieve information across conversations through a memory file directory. Claude can create, read, update, and delete files that persist between sessions.
Key Facts
- Client-side tool — you control storage via your implementation
- Supports commands:
view,create,str_replace,insert,delete,rename - Operates on files in a
/memoriesdirectory - The SDKs provide helper classes/functions for implementing the memory backend
Security: Never store API keys, passwords, tokens, or other secrets in memory files. Be cautious with personally identifiable information (PII) — check data privacy regulations (GDPR, CCPA) before persisting user data. The reference implementations have no built-in access control; in multi-user systems, implement per-user memory directories and authentication in your tool handlers.
For full implementation examples, use WebFetch:
- Docs:
https://platform.claude.com/docs/en/agents-and-tools/tool-use/memory-tool.md
Structured Outputs
Structured outputs constrain Claude's responses to follow a specific JSON schema, guaranteeing valid, parseable output. This is not a separate tool — it enhances the Messages API response format and/or tool parameter validation.
Two features are available:
- JSON outputs (
output_config.format): Control Claude's response format - Strict tool use (
strict: true): Guarantee valid tool parameter schemas
Supported models: , , and . Legacy models (Claude Opus 4.5, Claude Opus 4.1) also support structured outputs.
Recommended: Use
client.messages.parse()which automatically validates responses against your schema. When usingmessages.create()directly, useoutput_config: {format: {...}\}. Theoutput_formatconvenience parameter is also accepted by some SDK methods (e.g.,.parse()), butoutput_config.formatis the canonical API-level parameter.
JSON Schema Limitations
Supported:
- Basic types: object, array, string, integer, number, boolean, null
enum,const,anyOf,allOf,$ref/$def- String formats:
date-time,time,date,duration,email,hostname,uri,ipv4,ipv6,uuid additionalProperties: false(required for all objects)
Not supported:
- Recursive schemas
- Numerical constraints (
minimum,maximum,multipleOf) - String constraints (
minLength,maxLength) - Complex array constraints
additionalPropertiesset to anything other thanfalse
The Python and TypeScript SDKs automatically handle unsupported constraints by removing them from the schema sent to the API and validating them client-side.
Important Notes
- First request latency: New schemas incur a one-time compilation cost. Subsequent requests with the same schema use a 24-hour cache.
- Refusals: If Claude refuses for safety reasons (
stop_reason: "refusal"), the output may not match your schema. - Token limits: If
stop_reason: "max_tokens", output may be incomplete. Increasemax_tokens. - Incompatible with: Citations (returns 400 error), message prefilling.
- Works with: Batches API, streaming, token counting, extended thinking.
Tips for Effective Tool Use
- Provide detailed descriptions: Claude relies heavily on descriptions to understand when and how to use tools
- Use specific tool names:
get_current_weatheris better thanweather - Validate inputs: Always validate tool inputs before execution
- Handle errors gracefully: Return informative error messages so Claude can adapt
- Limit tool count: Too many tools can confuse the model — keep the set focused
- Test tool interactions: Verify Claude uses tools correctly in various scenarios
For detailed tool use documentation, use WebFetch:
- URL:
https://platform.claude.com/docs/en/agents-and-tools/tool-use/overview