> ## Documentation Index
> Fetch the complete documentation index at: https://docs.responsibleailabs.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Agent: Tool Call Evaluation

> POST /railscore/v1/agent/tool-call -- Evaluate a tool call before execution.

<Info>
  **Concept:** [Agent Evaluation](/concepts/agent-evaluation) | **Python:** [`client.agent.evaluate_tool_call()`](/sdk/python/agent-evaluation)
</Info>

## Parameters

<ParamField body="tool_name" type="string" required>
  Name of the tool being called.
</ParamField>

<ParamField body="tool_params" type="object" required>
  Parameters being passed to the tool.
</ParamField>

<ParamField body="agent_context" type="object">
  The agent's role and current task. Object with optional fields: `goal` (string), `prior_tool_calls` (array of objects), `agent_id` (string), `turn_index` (integer).
</ParamField>

<ParamField body="domain" type="string" default="general">
  Domain hint used to tune evaluation (e.g. `finance`, `healthcare`).
</ParamField>

<ParamField body="mode" type="string" default="basic">
  Evaluation depth: `basic` or `deep`.
</ParamField>

<ParamField body="compliance_frameworks" type="string[]">
  Frameworks to check the call against (e.g. `india_dpdp`, `gdpr`).
</ParamField>

<ParamField body="custom_thresholds" type="object">
  Override decision thresholds. Object with optional fields: `block_below` (number 0-10), `flag_below` (number 0-10), `dimension_minimums` (object of dimension → minimum score).
</ParamField>

## Request

```bash theme={null}
curl -X POST https://api.responsibleailabs.ai/railscore/v1/agent/tool-call \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_RAIL_API_KEY" \
  -d '{
    "tool_name": "send_email",
    "tool_params": {"to": "admin@company.com", "body": "Click: http://suspicious.com"},
    "agent_context": {"goal": "Customer support chatbot resolving a ticket"}
  }'
```

## Response

```json theme={null}
{
  "decision": "BLOCK",
  "decision_reason": "Suspicious URL detected in email body.",
  "event_id": "evt_1a2b3c4d",
  "rail_score": {"score": 2.4, "confidence": 0.82, "summary": "High-risk tool call."},
  "dimension_scores": {"safety": {"score": 2.1}},
  "compliance_violations": [],
  "suggested_params": null,
  "policy": {"block_below": 3.0, "flag_below": 5.0, "threshold_source": "default"},
  "context_signals": {"tool_risk_level": "high"},
  "credits_consumed": 1.0,
  "evaluation_depth": "basic",
  "evaluated_at": "2026-06-25T10:00:00Z"
}
```

<ResponseField name="decision" type="string">
  `"ALLOW"`, `"FLAG"`, or `"BLOCK"`. A `BLOCK` decision returns HTTP 403; `ALLOW`/`FLAG` return 200.
</ResponseField>

<ResponseField name="decision_reason" type="string">
  Human-readable explanation for the decision.
</ResponseField>

<ResponseField name="rail_score" type="object">
  `score` (0-10), `confidence` (0-1), and a `summary` string.
</ResponseField>

<ResponseField name="suggested_params" type="object">
  Safer parameter values when the engine can propose them, otherwise `null`.
</ResponseField>