tools/list through the gateway, it sees the tools available in the project — filtered by the agent’s identity and policies.
View tools
Navigate to Tools in your project sidebar. You’ll see all tools discovered from your registered MCP servers, including:- Tool name — the identifier used in
tools/callrequests - Server — which MCP server provides this tool
- Description — what the tool does
- Input schema — the expected arguments and their types
How tool visibility works
Not every agent sees every tool. The gateway filters the tool list based on:- Identity allowed tools — if the identity has a restricted tool list, only those tools are visible
- Task allowed tools — if a task session is active with its own tool list, that takes priority
- Policies — even if a tool is visible, the policy engine decides whether a call is actually allowed
Tool naming
Tools are namespaced using the formatserverName__toolName (double underscore). For example, a tool called list_issues on a server named github becomes github__list_issues.
This prevents collisions when multiple MCP servers expose tools with the same name. If you have both a GitHub and a Linear server, their list_issues tools are distinct:
github__list_issueslinear__list_issues
Referencing tools in policies
Userequest.tool.name with the full namespaced name in your CEL expressions:
Next steps
Create identities
Create agent identities and restrict which tools they can see.
Write policies
Author policies that control tool access at the call level.