This document describes the tool execution infrastructure in Sim: how tools are invoked during workflow execution, parameter merging and validation, credential resolution, SSRF protection, retry logic, and response handling. The executeTool function is the central execution point for all tool types.
For tool configuration and parameter schemas, see Tool Registry System (4.2). For agent-specific tool usage, see Agent Block (4.4). For tool parameter configuration UI, see SubBlock Configuration System (4.5).
The executeTool function at apps/sim/tools/index.ts225-536 is the unified execution interface for all tools in Sim. It handles:
workflow_executor_<uuid> → workflow_executor) apps/sim/tools/index.ts233-238validateRequiredParametersAfterMerge apps/sim/tools/utils.ts155-183postProcess apps/sim/tools/index.ts466-476| Method | Use Case | Implementation |
|---|---|---|
| Direct execution | In-process tools | tool.directExecution(params) apps/sim/tools/index.ts420-424 |
| Internal route | Platform APIs | Routes to /api/function/execute or /api/mcp/tools/execute apps/sim/tools/index.ts709-727 |
| External URL | Third-party services | OAuth-protected APIs or public endpoints via secureFetchWithPinnedIP apps/sim/tools/index.ts807-836 |
Sources: apps/sim/tools/index.ts225-536 apps/sim/tools/utils.ts84-135
The execution pipeline bridges natural language intent (from Agents) or workflow structure to concrete code entities.
Diagram: executeTool() Function Flow
load_skill for agent progressive disclosure via resolveSkillContent apps/sim/tools/index.ts243-265getToolAsync() fetches from DB apps/sim/tools/utils.ts5-6executeMcpTool() routes to /api/mcp/tools/execute apps/sim/tools/index.ts1091-1197getTool() from in-memory registry apps/sim/tools/utils.ts32getBYOKKey, then falls back to Sim-hosted keys with rate limiting apps/sim/tools/index.ts50-138user-or-llm parameters are present apps/sim/tools/utils.ts155-183executeToolRequest apps/sim/tools/index.ts699-1013Sources: apps/sim/tools/index.ts225-536 apps/sim/tools/utils.ts32-35 apps/sim/tools/index.ts50-138
Sim allows tools to use hosted API keys (e.g., Perplexity, Serper) if the user has not provided their own.
getBYOKKey apps/sim/tools/index.ts67-74 These are used without billing the user's Sim account.getHostedKeyRateLimiter().acquireKey() apps/sim/tools/index.ts81-95hostedKeyUserThrottled event is emitted apps/sim/tools/index.ts97-117Sources: apps/sim/tools/index.ts50-138 apps/sim/lib/api-key/byok.ts
For external tool requests, Sim implements multi-layer protection against Server-Side Request Forgery (SSRF) in apps/sim/lib/core/security/input-validation.server.ts.
Diagram: SSRF Protection Layer
validateUrlWithDNS ensures the target URL does not resolve to local or private network addresses (e.g., 127.0.0.1, 169.254.169.254) apps/sim/tools/index.ts9-10secureFetchWithPinnedIP performs the fetch using the pre-validated IP to prevent DNS rebinding attacks where the hostname resolution changes between validation and execution apps/sim/tools/index.ts8validatePathSegment blocks directory traversal patterns like ../ or null bytes apps/sim/lib/core/security/input-validation.ts50-160Sources: apps/sim/lib/core/security/input-validation.ts apps/sim/tools/index.ts8-10
Sim implements sophisticated retry logic for both hosted keys and upstream tool APIs in apps/sim/tools/index.ts.
isRateLimitError checks for HTTP 429/503 or specific error messages like "insufficient_quota" apps/sim/tools/index.ts144-157executeWithRetry uses a base delay (default 1000ms) multiplied by 2^attempt apps/sim/tools/index.ts171-206hostedKeyRateLimited and hostedKeyUserThrottled events to monitor provider health and user usage apps/sim/tools/index.ts202-210Sources: apps/sim/tools/index.ts144-223 apps/sim/tools/types.ts27-28
Every tool execution is tracked for logging and billing purposes.
ExecutionLogger records the start and end of tool calls, including duration, status, and input/output apps/sim/lib/logs/execution/logger.ts51-60wand or perplexity), usage is recorded via recordUsage and billed against the user's workspace apps/sim/app/api/wand/route.ts137-151TraceSpan objects for visualization in the execution timeline apps/sim/lib/logs/types.ts204-234Sources: apps/sim/lib/logs/execution/logger.ts apps/sim/lib/logs/types.ts apps/sim/app/api/billing/update-cost/route.ts
Before execution, parameters from the LLM and the User (defined in the workflow) are merged.
user-only, llm-only, or user-or-llm to determine which entity can provide the value apps/sim/tools/types.ts54-59validateRequiredParametersAfterMerge is the last check before execution, ensuring all required parameters are present regardless of their source apps/sim/tools/utils.ts155-183Sources: apps/sim/tools/utils.ts84-183 apps/sim/tools/types.ts54-59