Context Boundary | Patterns for Agentic Tools

arcade.dev/patterns

Context

Tools that operate on file systems, databases, or multi-tenant systems.

Problem

Tools need clear boundaries on what they can access or modify.

Solution

Define context boundaries:
- Root paths: What directories are accessible
- Tenant scope: What data tenant to use
- Permission scope: What operations are allowed
- Resource limits: Quotas and limits

Examples

Python

@tool
def list_files(
    path: str = "."
) -> FileList:
    """List files in the allowed workspace.
    
    Boundary: Only files within /workspace are accessible.
    Attempting to access parent directories will fail.
    """
    root = context.get_root()  # e.g., /workspace
    full_path = os.path.join(root, path)
    
    # Enforce boundary
    if not full_path.startswith(root):
        raise PermissionError("Access outside workspace not allowed")
    
    return FileList(files=os.listdir(full_path))

Considerations

Define boundaries explicitly at tool initialization
Validate all paths against boundaries
Return clear errors when boundaries are violated

Related Patterns

More in Tool Context

Identity Anchor

Establish user identity and context at the start of a session.

Resource Reference

Point to external data by URI instead of embedding it.

Context Injection

Automatically inject relevant context the agent didn't request.

LLM-Optimized View

# Context Boundary

Define the scope or boundaries of tool operations.

## Category
Tool Context

## Context
Tools that operate on file systems, databases, or multi-tenant systems.

## Problem
Tools need clear boundaries on what they can access or modify.

## Solution
Define context boundaries:
- **Root paths**: What directories are accessible
- **Tenant scope**: What data tenant to use
- **Permission scope**: What operations are allowed
- **Resource limits**: Quotas and limits

## Example (Python)
```python
@tool
def list_files(
    path: str = "."
) -> FileList:
    """List files in the allowed workspace.
    
    Boundary: Only files within /workspace are accessible.
    Attempting to access parent directories will fail.
    """
    root = context.get_root()  # e.g., /workspace
    full_path = os.path.join(root, path)
    
    # Enforce boundary
    if not full_path.startswith(root):
        raise PermissionError("Access outside workspace not allowed")
    
    return FileList(files=os.listdir(full_path))
```

## Considerations
- Define boundaries explicitly at tool initialization
- Validate all paths against boundaries
- Return clear errors when boundaries are violated

## Related Patterns
- permission-gate
- identity-anchor
- secret-injection

---
Source: https://arcade.dev/patterns/context-boundary