(So you can skip ahead, if you want.)

00:00 Itential MCP Tagging Introduction
00:44 Basic Configuration Setup
02:21 Individual Tool Tag Configuration
05:12 Experimental Tag Testing
07:26 Tag Exclusion Methods
09:27 Dynamic Bindings Configuration
11:32 Wrap Up & Implementation Tips

Joksan Flores • 00:01

Hi everybody. Today I wanted to do a quick rundown on the Itential MCP tagging system. A lot of you know energy has been put into this to make sure that we got the necessary tooling when you’re building things like agents that are based on a persona. By default, most MCPs load a lot of tools into the LLMs, which cause from a context engineering standpoint, it becomes a nightmare and it confuses the LLMs very quickly, right? When there’s a lot of tools and too much information. So we built a pretty robust tagging on the Attential MCP so that you can control what tools get loaded based on what’s configured. By default, I have here my very basic config.

Joksan Flores • 00:44

I got my transport log level. I exclude tax, beta, and experimental for the purposes of this, we’ll exclude those. Um, that’s you know, best practice to um exclude any tools that are in development. And then I have my platform config as well. Uh, this is a placeholder file. I will be following along in the background with my real config that has my keys and my server, my true server. By default, when you don’t have any tagging, filtering, or anything like that included, we will load every single tool.

Joksan Flores • 01:12

So we’ll use Cloud Desktop to illustrate the point here. So when I go to Cloud Desktop, it has my default config with no filtering. I get every single tool. Now, there’s a lot of tools offered here that serve different purposes. Some of them run scripts and workflows, some of them are custom services that I have created. We’ll talk about those in a 2nd . Some of them run workflows, but some of them also serve for platform administration.

Joksan Flores • 01:36

If you look at get applications, restart application, adapters, things like that, and there’s a little bit of a clash on roles there, right? If you’re using the platform as a customer to only run workflows and provision services, you don’t necessarily have the role or should have the permissions to restart an application or an adapter on the platform. That’s where the tagging system comes in, right? We can actually restrict what tools the operator or the assistant gets access to in order to accomplish the what they need to accomplish. So, what we’ll do very quickly is start with the simple the basic example here of individual tool tags static. So every tool, every tool is a function and code. Every tool gets its own tag based on the tool’s name.

Joksan Flores • 02:21

So in this case, we’re gonna include only get health, start workflow, get workflows and describe job. And this would be what the normal, you know, super basic for showcasing workflows would look like, right? You need to be able to get all the workflows to know what’s exposed. Also, this gives you the parameters to execute every workflow, start workflow to trigger them, and then you need to describe job to monitor the job based on the job ID, which is returned by this call, and then get health just to have a baseline of how to you know be able to talk to the platform. So I’m gonna go ahead and do that. I’m gonna go kill my clot. You have to restart your agent every single time, or your MCP process rather, whenever you’re doing this.

Joksan Flores • 03:00

If you do using Docker, you have to restart your container every time you do this or rebuild it depending on how you’re passing the config. After restarting my clot, I can see that if I go to included tools, now I only have describe job, get workflows, start workflow, and get health. Really cool, right? I can actually filter down to the only the four tools that I need. And this would be the mode that I would go uh with deploying this, right? I go firewall rule style on a need to know basis. I’d only provide the tools that are needed instead of providing them all and pray for the best, right?

Joksan Flores • 03:33

Again, LLMs get really confused. Now, also, one thing that’s really cool is that we actually have tags that are based on predefined collections. So if you look at this set here, we got Configuration manager health and uh configuration manager and health. So those will actually enable a series of tools that are related to configuration management, right? Run command, get devices, and so forth. And also health for the platform.

Joksan Flores • 04:02

So this is just an interesting combination just to showcase. I really don’t know what tools will show up here. So let’s go and try it out. I’m gonna kill my claw again and I’ll put my claw desktop and let’s see what shows up. So these two collections are all documented in the repo. There’s a tags.md file in the docs. So now you can see what got loaded based on the config manager tag and the health tag.

Joksan Flores • 04:29

Very cool. So I can get health, I can render templates, a bunch of the configuration manager tools. Apply config to devices that are brokered through the platform, backup a devices config, etc. Run compliance plans. Very cool. Awesome. Let’s look at the next example.

Joksan Flores • 04:45

So I’ll go ahead and disable that. Nope, not that. Like that. And then let’s look at the next one over. So let’s look at experimental. And I don’t know what we’ll load off of there, but we’ll do is we’ll actually uh let’s remove experimental out of here because we’re going to include them and we’re going to exclude beta. And this is something that the attentional mcp actually lets you create your own tags in the system and also bring your own tools.

Joksan Flores • 05:12

So you could use this experimental tag yourselves if you’re gonna if you want to experiment things, experiment with different tools in the platforms. You could actually bring your own tools if you wanted to. Okay, so we’re gonna exclude exclude beta. Oh, that’s how we want it. Include experimental, exclude beta. Let’s make sure that files are saved. And let’s skill our clot.

Joksan Flores • 05:34

Let’s open clot. No tools available at the moment. Okay, so no tools are marked as experimental. Maybe they’re excluded as beta as well. So let me go do do that. Let me disable the beta tag. And there might be something that we get out of that.

Joksan Flores • 05:56

Let’s see. And I have not rehearsed a lot of this stuff, so we’ll see. Um sort of improvise, just make sure that it’s organic and we kind of showcase the capability there. Okay. It’s actually not letting me, it’s not liking that tag. So it’s okay. We’ll move on.

Joksan Flores • 06:18

We’ll move on to the next one. Okay, so now let’s go and try how we do multiples of those. So let’s combine approach. If you start combining multiple sets of tools, say doing something like this, where we have configuration manager, all the tools from configuration manager that we saw earlier. Also get resources, which is a lifecycle manager tool, describe resources, run action, and experimental. We’ll disable that because we had issues with that one. So let’s disable that and let’s see what gets included.

Joksan Flores • 06:51

So let’s try those. So you can combine these tags as you see fit. I like the direct tool approach where I just create individual tool tags, but you can do what you need in order to accomplish your goals and assign your agents with the tools that they need. Okay, very cool. So that one works very well. We got the config manager stuff that we saw before, and we also have the LCM stuff. So describe resource, get resources, run action.

Joksan Flores • 07:17

Awesome. Okay, let’s look at another one. Let’s see. So let’s uh let’s look at excluding. Perfect. There we go. So let’s look at excluding tags.

Joksan Flores • 07:26

So by default, we saw earlier that we load all the tools. So what we’re gonna do here is we’re actually gonna exclude only exclude. So you could also be having you know, load all the tools and then exclude just the ones that you want. So I’m gonna exclude all the adapter stuff, stop application, restart application. Let’s go do that. Make sure that I got it all on both sides, and then I’m gonna kill my clot, open clot again. And let’s see, MCP loaded.

Joksan Flores • 07:55

Perfect. Okay, so if I do start application, oh, start application is not on the exclusion list. No, it is not. Only stop restart. Okay, so stop and restart, restart. Okay, restart is not there. And stop is not there.

Joksan Flores • 08:12

And then adapters. Uh adapters. Awesome. So I can’t add adapters, I can’t restart adapters. So you can actually have a very granular level of restriction on the amount of tools that you want to give it. If you want to create an agent that is dedicated to managing the apps of the platform, but not the adapters, that you could do things like this, right? You could tell it you can only stop and restart.

Joksan Flores • 08:34

You can’t start applications that are, you know, stopped already or something like that. Or you could use the restart function only. So, you know, lots of granular controls on the things that you can do. And then the last thing that I was going to show is okay. So let’s scroll down here to the bottom. I’ve spaced out this config just to make sure that we’re not distracted. I wanted to show these.

Joksan Flores • 08:57

So I want to do here. I want to do just let’s remove these tags. So these are actually dynamic bindings. I will do a separate video on this. Uh this is a little bit uh more um involved, but what we’ll do is one of the things that we’re capable of doing is actually have dedicated endpoints. So these are workflow endpoints. We can actually create dedicated tools out of workflows.

Joksan Flores • 09:27

I have the start workflow capability already, but we also provide this, and this is called the dynamic bindings functionality, and what that does is that loads this tool as a service. Dedicate and it’s a tool that the MCP loads on startup. Typically, this is you know a little bit more complex to wrap to grasp as a concept, but essentially, if I don’t include these, I can still trigger a workflow, but I have to go and fetch the workflows 1st in order to understand the parameters for it. These I can just include as tools directly so they get loaded on MCP startup. And this is really cool because if I wanted to only build an agent that only did these things, then I could just build these two services in here and move on. And that those are the only tools that I give it access to. So let’s go ahead and do I have a few dynamic services on mine.

Joksan Flores • 10:20

What I will do is we’ll do the AWS EC2 list. So let’s give this a tag here. I want to do that, and then um port turnup service. We’re gonna give it a tag of okay. So we’re gonna do this. This is what we’re gonna do tags equals AWS, and then we’re gonna do over here on port turnup service. We’re gonna do a tag of port turnups.

Joksan Flores • 10:48

So we’re gonna do that. This is what we’re gonna do. We’re gonna have tags equals port tonup and then tax. Let’s just do proper spacing here. Equals AWS. So now what we gotta do is in our config, we’re gonna go back and create a new include tax section. Include tags equals AWS port turnop.

Joksan Flores • 11:10

Okay, let’s try give that a shot. I’m gonna do that on my real file. I’m not gonna exclude anything, and that’s what we’re gonna do and see what happens. Kill my Claude, open it up. Let’s see. Okay, my MCP is up. Awesome.

Joksan Flores • 11:32

Look at that. So now I only have two things in there. If you go back, I’m gonna switch over the screen really quick. If we go to the bottom, I have a port turnop service, which is of type endpoint. So that means this is a workflow that does a port turnout. And it’s a port turn up service orchestrated with IPM and all those types of things. And I also have an AWS EC2 list, which is a service.

Joksan Flores • 11:57

That means it’s a gateway service. So this is a either a Python script or an Ansible playbook. So I have both types, and I only just by virtue of creating these tags here dynamically, I can load those only. So that means I can just create an agent out of workflows only or out of scripts only. Now, by default, all these dynamic tools get the tag dynamic on them. So that means that if you have 17 of this, you could just say include tags dynamic and it’ll include all of those things. But I can also have the ability to do it custom.

Joksan Flores • 12:36

So if I wanted to build workflows and scripts and playbooks and tofu plans that are all AWS related, and I want to tag in with the AWS tag, that means that I can create an agent that’s only doing AWS things. Same thing for iOS things or Aristed things or etc. Right? Lots and lots of capability here, lots of stuff that you can accomplish with this tagging system is one of those things again that I wanted to really document. I’ve been using it extensively for quite a bit for the type of demonstrations that we do. It helps me keep Context very tight on the tools that we got.

Joksan Flores • 13:12

So it’s really, really, really powerful. I hope you enjoy this and get some information out of it. And if you have questions, just let us know. Drop them in the comments. Thank you for tuning in.