# Topic 29: Groq Tool Use & MCP Strategy **Audit Date**: 2026-02-01 **Auditor**: Agent Antigravity **Scope**: Tool Calling, MCP, Remote vs Local Execution --- ## 1. Tool Use Architecture The Sentinel System implements **Local Tool Calling**, where the LLM defines the action, but the application code executes it. This provides maximum control and security for forensic operations. ### 1.1 Native Groq Tool Use (Local) **Implementation**: `GroqClient.generate_tool_call` **Compliance**: ✅ **Pass**. The system correctly implements the chat completions tool format: * **Parallel Execution**: explicit support via `parallel_tool_calls` parameter. * **Retry Logic**: Smart handling of 400 errors with temperature scaling. * **Rate Limits**: Telemetry integration. ```python # app/core/llm_client.py async def generate_tool_call(self, ...): payload = { "tools": tools, "tool_choice": "auto", "parallel_tool_calls": True # Feature flagged } # ... ``` ### 1.2 Remote MCP (Model Context Protocol) **Implementation**: **Detected Gap**. The `ModelRegistry` lists `Capability.REMOTE_MCP` for models like `llama-3.3-70b`, but the `GroqClient` logic currently **does not** support the specific `type: "mcp"` tool definition or the `responses.create` endpoint required for Server-Side MCP orchestration. * **Current State**: System uses Local Execution (Standard Function Calling). * **Missing**: Logic to construct `{"type": "mcp", "server_url": ...}` payloads. * **Impact**: No access to third-party MCP servers (Stripe, Firecrawl) without custom local connectors. **Recommendation**: For Phase 7 (Future Expansion), implement a dedicated `generate_mcp_response` method in `GroqClient` that leverages Groq's `responses.create` API to offload orchestration. --- ## 2. Groq Built-In Tools **Implementation**: `GroqClient.generate` (via `compound_custom`) **Compliance**: ✅ **Pass**. The system supports Groq's unique `groq/compound` models by injecting `compound_custom` capabilities when `enabled_tools` are provided. ```python # app/core/llm_client.py if enabled_tools: payload["compound_custom"] = { "tools": {"enabled_tools": enabled_tools} } headers["Groq-Model-Version"] = "latest" ``` --- ## 3. Security & Control Sentinel prioritizes **Local Tool Execution** for security reasons. By executing tools locally: 1. **Data Sovereignty**: Sensitive PI I/scam data does not leave the secure enclave to remote MCP servers. 2. **Forensic Logging**: Every tool execution is logged internally for chain-of-custody. 3. **Approval Gates**: Critical actions (e.g., "Report Takedown") can be intercepted by human operators (Human-in-the-Loop), which Remote MCP "Auto-Approval" might bypass. --- ## 4. Conclusion The system effectively uses **Local Tool Calling** for its internal forensic tools. While **Remote MCP** is not implemented, this is an acceptable architectural choice for a high-security application. **Status**: **PASSED (with MCP Roadmap Note)**.