No suitable installed tool
The current tool set lacks the capability type, protocol, citation behavior, or latency boundary the task requires. This is the clean fallback trigger.
Fallback architecture
A tool fallback is not a second attempt with the same tool. It begins when the agent can state that its installed, eligible capabilities cannot satisfy a bounded intent. The fallback then resolves a connection; the client still controls execution.
Trigger
Treating every tool error as a discovery problem creates loops. The agent should first distinguish absence from bad input, denied permission, provider failure, and an invalid result.
The current tool set lacks the capability type, protocol, citation behavior, or latency boundary the task requires. This is the clean fallback trigger.
A nominal match exists, but its definition is stale, its risk class is too broad, or required evidence is absent. Do not silently relax the constraint.
Authentication, rate limits, malformed arguments, and provider outages are execution failures. Retry policy comes before discovery unless the failure is terminal.
A tool can return successfully while missing a citation, freshness boundary, schema field, or domain requirement. Record the outcome before choosing another candidate.
Control loop
A narrow exchange reduces disclosure and keeps the provider credential, request body, and returned content inside the client-controlled execution path.
Describe capability type, allowed protocols, risk class, citation need, and latency budget without sending source content.
Rank only manually approved connections that satisfy the stated constraints; return unresolved when none qualify.
Connect directly to the selected provider using the client's credential and provider-specific request contract.
Return status, duration, and a bounded failure code so later selection can use observed outcomes.
Guardrails
The missing capability is still constrained by the original task. Discovery is not permission to broaden access or execute an action the agent was not allowed to take.
V0 resolves read-only digital capabilities. A missing read path never authorizes mutation, purchase, message delivery, or other side effects.
ResolveMesh receives a sanitized intent, not raw prompts, documents, credentials, provider output, or tool output.
If no candidate clears every constraint and eligibility gate, the correct result is unresolved.
Fit test
The first production integration should be one repeated read-only failure with a stable success condition.
One agent repeatedly needs a public document, status, catalog, or research result that its installed tools cannot retrieve.
The client can report success or failure, duration, and a bounded reason without returning the provider response.
A workflow that needs purchases, messages, sensitive personal data, private documents, or delegated user authority.
Primary sources
Protocol behavior comes from the current official MCP documentation. ResolveMesh adds a cross-provider resolution and outcome layer; it does not redefine MCP.
Primary protocol reference for capability negotiation, discovery methods, and the separation between listing and execution.
Read the primary sourcePrimary reference for schema-defined tools, tools/list discovery, tools/call execution, and user control.
Read the primary source