Skip to content

Domain 2 — Mixed Scenario Quiz

Tool Design & MCP Integration — Exam Style

Use this as a closed-book drill. Each question has one best answer.


Question 1: Tool Description Misrouting

Production logs show that a support agent often calls get_customer when users ask about order status, for example: “Where is order #78321?” The tools are defined as:

get_customer: Retrieves customer information.
lookup_order: Retrieves order details.

Both accept a string identifier.

What is the most effective first step?

A. Add 8 few-shot examples showing order queries routing to lookup_order.
B. Expand each tool description to include expected inputs, example queries, outputs, edge cases, and when to use it versus the other tool.
C. Add a routing classifier that pre-selects the correct tool based on keywords.
D. Merge both tools into lookup_entity.

Answer **B.** Tool descriptions are the primary mechanism Claude uses for tool selection. The root problem is that the descriptions are too minimal and overlapping. Few-shot examples add token overhead without fixing the interface. A routing classifier is over-engineered as a first step. Merging the tools may be valid later, but it is not the lowest-effort fix for unclear descriptions.

Question 2: Generic Analysis Tool

A tool named analyze_document does summarization, data extraction, claim verification, and document classification. Users report that the agent often summarizes when they asked for exact data extraction.

What is the best redesign?

A) Rename it to analyze_document_better.
B) Add “be careful to choose the correct analysis mode” to the system prompt.
C) Split it into purpose-specific tools such as summarize_document, extract_data_points, and verify_claim_against_source.
D) Force the tool to run twice and compare outputs.

Answer **C.** The tool has too many responsibilities. Splitting it into narrower tools gives the model clearer choices and defined input/output contracts. Renaming alone does not fix the ambiguity. Prompt reminders and repeated calls are weaker than correcting the tool interface.

Question 3: System Prompt Interference

After improving get_customer and lookup_order descriptions, order queries still sometimes route to get_customer. The system prompt says:

Always check customer details before proceeding with any request.

What is the most likely issue?

A) The model cached the old tool descriptions.
B) The tool schemas are too strict.
C) The system prompt creates a keyword-sensitive association that overrides the intended tool boundaries.
D) The agent needs more tools.

Answer **C.** The system prompt biases the model toward `get_customer` for many requests. This is a classic D2.1 failure mode: tool descriptions may be good, but prompt wording can still distort selection. The fix is to revise the prompt so it does not create broad keyword-triggered routing.

Question 4: Validation Error

An MCP tool receives:

{
  "orderId": "order-abc"
}

but expects order IDs in the format #NNNNN, such as #12345.

What should the tool return?

A) isError: true, errorCategory: "validation", isRetryable: true, with expected format and an example.
B) isError: true, errorCategory: "business", isRetryable: false.
C) isError: false, because the tool understood the request.
D) A generic “Operation failed” message.

Answer **A.** This is a validation error: the input format is wrong. It is retryable after correction. The response should tell the agent what was invalid, what format is expected, and how to retry.

Question 5: Business Rule Error

A refund tool receives a valid transaction ID and refund amount, but the amount exceeds the company’s automatic refund limit.

What is the best response?

A) errorCategory: "transient", isRetryable: true; retry later.
B) errorCategory: "validation", isRetryable: true; reformat the amount.
C) errorCategory: "business", isRetryable: false; explain the policy and escalate for approval.
D) isError: false; the tool successfully understood the request.

Answer **C.** The request is technically valid but violates a business rule. Retrying will not help. The agent needs a customer-friendly explanation and an alternative path, usually escalation or approval.

Question 6: Empty Result vs Access Failure

A customer lookup tool successfully queries the database and finds no customer matching john@example.com.

What should it return?

A) isError: true, errorCategory: "transient".
B) isError: false, resultCount: 0, and a clear “no matches found” message.
C) isError: true, errorCategory: "permission".
D) Retry three times before responding.

Answer **B.** A valid empty result is not an error. The tool executed successfully and found no matching data. Retrying would waste effort. This must be structurally different from an access failure or timeout.

Question 7: Subagent Error Propagation

A research subagent searches five sources. Three succeed. Two time out after local retries. What should the subagent report to the coordinator?

A) Only the three successful results, hiding the timeouts.
B) A generic “research failed” message.
C) Partial results plus a structured error summary describing which sources failed and what retries were attempted.
D) Nothing; the coordinator should infer failure.

Answer **C.** Subagents should recover locally from transient failures when possible. If unresolved, they should propagate partial results and what was attempted. This lets the coordinator decide whether to proceed, retry elsewhere, ask the user, or escalate.

Question 8: Too Many Tools

A synthesis agent has access to 18 tools, including web_search, fetch_url, send_email, refund_payment, summarize_findings, and verify_fact. It often performs new searches instead of producing the final answer.

What is the best fix?

A) Increase the synthesis agent’s temperature.
B) Restrict the synthesis agent to role-relevant tools, such as summarize_findings and a narrow verify_fact.
C) Force web_search whenever the synthesis agent is uncertain.
D) Add more tools so the model has more options.

Answer **B.** Too many tools increase decision complexity and invite cross-role misuse. A synthesis agent should not perform open-ended research. A constrained `verify_fact` tool is acceptable for frequent narrow verification, while complex research should route through the coordinator.

Question 9: tool_choice: "any"

You need Claude to call one of three extraction tools because the output must come from a tool call, but the correct extraction type depends on the document.

What should you configure?

A. tool_choice: {"type": "auto"} with all project tools available.
B. tool_choice: {"type": "any"} with only the three scoped extraction tools available.
C. Forced web_search.
D. Give Claude all tools and rely on the system prompt.

Answer **B.** `any` guarantees that Claude calls a tool, but it does not guarantee tool correctness. It works best when the tool set is already scoped to a small set of appropriate options.

Question 10: Forced Tool Selection

A document enrichment workflow must always run extract_metadata before any enrichment tools are available.

What is the best design?

A. Use auto and hope Claude chooses extract_metadata first.
B. Force extract_metadata in the first turn, execute it, then expose enrichment tools in a follow-up turn.
C. Give Claude all enrichment tools and tell it metadata is important.
D. Use tool_choice: "any" with all tools.

Answer **B.** Forced tool selection is appropriate when a specific tool must run first. After the result is available, continue in a follow-up turn with the next scoped tool set.

Question 11: Generic vs Constrained Tools

A document agent has access to fetch_url, and it sometimes fetches arbitrary webpages instead of loading approved source documents.

What is the best fix?

A) Keep fetch_url and add a warning in the system prompt.
B) Replace fetch_url with load_document, which validates approved document URLs and rejects arbitrary webpages.
C) Give the agent web_search too.
D) Force fetch_url on the first turn.

Answer **B.** Generic tools invite misuse. A constrained tool such as `load_document` narrows the agent’s behavior, improves safety, and matches the agent’s role.

Question 12: MCP Server Scope

A team wants every developer in a repository to use the same GitHub MCP server, but each developer must use their own token.

Where should the configuration go?

A) Project .mcp.json with ${GITHUB_TOKEN} environment variable expansion.
B) Project .mcp.json with a shared committed token.
C) Each developer’s private ~/.claude.json, with no shared config.
D) CLAUDE.md.

Answer **A.** Shared team tooling belongs in project-scoped `.mcp.json`. Secrets should not be committed, so tokens should be supplied through environment variables such as `${GITHUB_TOKEN}`.

Question 13: MCP Resources

Claude repeatedly calls search_docs("auth"), search_docs("login"), search_docs("SSO"), and search_docs("permissions") just to understand what documentation exists.

What should you expose?

A) A broader search_docs tool.
B) A documentation catalog as an MCP resource.
C) A system prompt telling Claude to search less.
D) A forced search_docs call.

Answer **B.** MCP resources are useful for exposing content catalogs, documentation hierarchies, issue summaries, and database schemas. They reduce exploratory tool calls by giving the agent visibility into available data.

Question 14: Built-in Tool Selection

Claude needs to find every caller of calculateDiscount across a TypeScript codebase.

Which built-in tool should it use first?

A) Glob
B) Grep
C) Write
D) Edit

Answer **B.** Callers are content inside files, so use Grep. Glob is for finding files by path or filename pattern.

Question 15: Glob vs Grep

Claude needs to find all files matching:

**/*.test.tsx

Which tool should it use?

A) Grep
B) Glob
C) Edit
D) Bash

Answer **B.** This is file path pattern matching. Glob finds files by name, extension, or path pattern. Grep searches inside file contents.

Question 16: Edit Failure

Claude tries to use Edit to replace:

return null;

but the same text appears five times in the file.

What should Claude do?

A) Retry the same Edit.
B) Use Bash sed to replace the first occurrence.
C) Read the file for context, then use a longer unique anchor or fall back to Read + Write.
D) Use Glob.

Answer **C.** Edit requires unique exact matching. When the target text is not unique, Claude should inspect the file and either create a unique edit anchor or use Read + Write for a reliable full-file modification.

Question 17: Incremental Codebase Understanding

Claude is asked to understand how submitOrder flows through the application.

What is the best first workflow?

A) Read every file under src/.
B) Grep for submitOrder, Read relevant files, follow imports, and Grep again for called symbols.
C) Write a new implementation immediately.
D) Run all tests before inspecting code.

Answer **B.** The exam favors incremental understanding: start with Grep to find entry points, then Read relevant files, follow imports, and continue tracing. Reading the whole codebase upfront wastes context.

Question 18: Wrapper Module Tracing

A function getCurrentUser is re-exported as getUser from a barrel file and wrapped as loadUser in another module. You need to find all usages.

What should Claude do?

A) Search only for getCurrentUser(.
B) Identify exported aliases first, then Grep for getCurrentUser, getUser, and loadUser.
C) Use Glob only.
D) Read every file manually.

Answer **B.** Wrapper modules and aliases can hide real usage. The correct strategy is to identify exported names and aliases, then search each name across the codebase.

Answer Key

1. B
2. C
3. C
4. A
5. C
6. B
7. C
8. B
9. B
10. B
11. B
12. A
13. B
14. B
15. B
16. C
17. B
18. B

Scoring guide

16–18 correct: Strong Domain 2 readiness.
13–15 correct: Good, but review the missed modules.
10–12 correct: You know the basics; drill scenario tradeoffs.
Below 10: Revisit D2.1–D2.5 before moving on.

The hardest exam traps in this domain are usually: generic tool descriptions, treating business errors as retryable, using tool_choice: any as if it guarantees correctness, exposing too many tools to subagents, and confusing Grep with Glob.