> ## Documentation Index
> Fetch the complete documentation index at: https://docs.responsibleailabs.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Agent Evaluation

> Intercept tool calls, scan tool results, and detect prompt injection in AI agent pipelines.

Agent Evaluation provides three safety checkpoints for agentic AI systems: evaluate tool calls before execution, scan tool results before passing them back to the agent, and detect prompt injection in any text the agent is about to process.

This is for systems where an AI agent can call tools (functions, APIs, retrieval) on its own. If your application only generates text, you can skip this and use [Evaluation](/concepts/evaluation). If you build agents, these checkpoints guard the points where an agent can take or be influenced by an action.

## The three checkpoints

```mermaid theme={null}
flowchart LR
    User["User input"] -->|"prompt-injection"| Agent["AI Agent"]
    Agent -->|"tool-call"| Tool["Tool execution"]
    Tool -->|"tool-result"| Agent
    Agent --> Response["Final response"]
```

<CardGroup cols={3}>
  <Card title="Tool Call Evaluation" icon="wrench" href="/api-reference/agent-tool-call">
    ALLOW / FLAG / BLOCK before a tool runs.
  </Card>

  <Card title="Tool Result Scanning" icon="shield" href="/api-reference/agent-tool-result">
    PII detection and injection check on tool output.
  </Card>

  <Card title="Prompt Injection Detection" icon="shield-halved" href="/api-reference/agent-prompt-injection">
    Fast injection scan on any input text.
  </Card>
</CardGroup>

Integrate them in the order the agent runs: detect injection on **incoming** input first, evaluate a **tool call** before it executes, then scan the **tool result** before it returns to the agent. You can adopt one checkpoint or all three; if you start with one, prompt-injection detection on user input gives the broadest protection.

## Quick example

```python theme={null}
from rail_score_sdk import RailScoreClient

client = RailScoreClient(api_key="YOUR_RAIL_API_KEY")

# 1. Check for injection in user input
injection = client.agent.detect_injection(text=user_input)
if injection.injection_detected:
    return "Invalid input detected."

# 2. Evaluate tool call before execution
tool_check = client.agent.evaluate_tool_call(
    tool_name="send_email",
    tool_input={"to": "user@example.com", "body": agent_draft},
    agent_context="Customer support agent",
)
if tool_check.recommendation == "block":
    return f"Tool call blocked: {tool_check.explanation}"

# 3. Execute the tool, then scan the result
tool_output = execute_tool(tool_name, tool_input)
result_scan = client.agent.scan_tool_result(
    tool_name="send_email",
    tool_result=tool_output,
)
if result_scan.pii_detected:
    tool_output = result_scan.redacted_result
```

## What's next

<CardGroup cols={2}>
  <Card title="API Reference: Tool Call" icon="code" href="/api-reference/agent-tool-call">
    Full specification for tool call evaluation.
  </Card>

  <Card title="Python SDK: Agent Evaluation" icon="python" href="/sdk/python/agent-evaluation">
    Python SDK reference for all three agent endpoints.
  </Card>
</CardGroup>