This page covers all configuration options for the CodeCall plugin, from quick presets to fine-grained control.
Plugin Initialization
Tool Visibility Modes
Control which tools appear inlist_tools vs. CodeCall.
codecall_only (Recommended)
Default mode. Hides all tools from list_tools, exposes via CodeCall.
| Tool Location | Behavior |
|---|---|
list_tools | Only CodeCall meta-tools visible |
| CodeCall | All tools searchable and callable |
| Override | Set visibleInListTools: true per tool |
codecall_opt_in
Tools must explicitly opt into CodeCall. All tools visible in list_tools by default.
| Tool Location | Behavior |
|---|---|
list_tools | All tools visible (default MCP behavior) |
| CodeCall | Only tools with enabledInCodeCall: true |
metadata_driven
Full control via per-tool metadata. No global assumptions.
| Tool Location | Behavior |
|---|---|
list_tools | Based on visibleInListTools (default: true) |
| CodeCall | Based on enabledInCodeCall (default: false) |
Per-Tool Metadata
Control individual tool behavior with thecodecall metadata field:
Metadata by Mode
| Mode | enabledInCodeCall default | visibleInListTools default |
|---|---|---|
codecall_only | true | false |
codecall_opt_in | false | true |
metadata_driven | false | true |
Common Patterns
Hide from list_tools, available in CodeCall
Hide from list_tools, available in CodeCall
codecall_only mode.Visible everywhere
Visible everywhere
Direct access only, no CodeCall
Direct access only, no CodeCall
CodeCall meta-tools only
CodeCall meta-tools only
codecall:search, codecall:describe, etc.Global Tool Filtering
Filter tools globally withincludeTools:
ToolEntry with:
VM Configuration
Configure the JavaScript sandbox:VM Presets
| Preset | Timeout | Max Iterations | Console | Use Case |
|---|---|---|---|---|
locked_down | 2s | 2,000 | No | Ultra-sensitive environments |
secure | 3.5s | 5,000 | Yes | Production default |
balanced | 5s | 10,000 | Yes | Complex workflows |
experimental | 10s | 20,000 | Yes | Development only |
Preset Details
- locked_down
- secure
- balanced
- experimental
Reference Sidecar Configuration (Pass-by-Reference)
The Reference Sidecar handles large data transfer between scripts and tools. Instead of passing full data through the VM, large values are stored externally with reference IDs.Sidecar Presets by Security Level
| Config | STRICT | SECURE | STANDARD | PERMISSIVE |
|---|---|---|---|---|
| maxTotalSize | 16MB | 64MB | 256MB | 1GB |
| maxReferenceSize | 4MB | 16MB | 64MB | 256MB |
| extractionThreshold | 64KB | 256KB | 1MB | 4MB |
| maxResolvedSize | 8MB | 32MB | 128MB | 512MB |
| maxReferenceCount | 50 | 100 | 500 | 1,000 |
| maxResolutionDepth | 5 | 10 | 20 | 50 |
| allowComposites | No | No | Yes | Yes |
How Pass-by-Reference Works
Benefits:- Scripts don’t need to handle large data in memory
- VM stays lightweight and secure
- Tool results can exceed VM memory limits
- Reference IDs are opaque strings (no data leakage)
Embedding Configuration
Configure how tools are indexed for search:Strategy Comparison
| Strategy | Speed | Relevance | Setup | Best For |
|---|---|---|---|---|
tfidf | ⚡ Fast | Good | None | Most use cases, offline |
ml | Slower | Better | Model download | Large toolsets (100+) |
TF-IDF Configuration
- Tool name (tokenized:
users:list→users,list) - Description (weighted 3x)
- Key terms from description (4+ characters, no stop words)
ML Configuration
ML strategy uses VectoriaDB internally. The model (~22MB) is downloaded on first use and cached locally.
Direct Invocation
Configure thecodecall:invoke meta-tool for direct tool calls without VM overhead:
When to Use Direct Invoke
Use codecall:invoke | Use codecall:execute |
|---|---|
| Single tool, no transformation | Multi-tool orchestration |
| Latency-critical paths | Data filtering/joining |
| Simple CRUD operations | Conditional logic |
| Known tool name | Dynamic tool selection |
Performance Comparison
Error Response Format
Security Considerations
- allowedTools: Always specify an explicit allowlist in production
- No script execution: Direct calls cannot run arbitrary code
- Same tool access rules: Tool Access Control (whitelist/blacklist) still applies
- Audit logging: Direct calls are logged the same as scripted calls
Complete Configuration Example
Migration Guide
From Direct Tools to CodeCall
Related
Security Model
Security implications of configuration choices
Production & Scaling
Performance tuning and monitoring
AgentScript Guide
Scripting language reference and best practices
API Reference
Complete meta-tool schemas and examples