Recommended architecture for safe MCP tool execution in LiveKit agents

Aman · February 17, 2026, 7:30am

When agents call MCP tools that trigger real-world side effects (Google Calendar, Zoho updates), what’s the best way to enforce:

schema validation
permission checks
org-level policies

before execution?

Do LiveKit agents support a pre-call validation hook, or is wrapping MCP tools the intended approach?

darryncampbell · February 17, 2026, 11:25am

That’s a good question, and I do not have any examples I can point you towards.

There is nothing built-in, but you can use the llm_node to intercept the input going to the MCP.

async def llm_node(
    self,
    chat_ctx: llm.ChatContext,
    tools: list[Any],
    model_settings: ModelSettings,
) -> AsyncGenerator[llm.ChatChunk | str, None]:
    """Log all tool-call content from the LLM (what would be sent to MCP when it's an MCP tool)."""
    async for chunk in Agent.default.llm_node(
        self, chat_ctx, tools, model_settings
    ):
        if isinstance(chunk, llm.ChatChunk) and chunk.delta and chunk.delta.tool_calls:
            for tc in chunk.delta.tool_calls:
                logger.info(
                    "LLM tool call (content sent to MCP when MCP tool): name=%r arguments=%r",
                    tc.name,
                    tc.arguments,
                )
        yield chunk

Topic		Replies	Views
How to add pre/post say method to MCP tools Agents agent-development	1	23	January 21, 2026
How to enforce agent tool call pre-speech Agents agent-development	4	61	March 5, 2026
MCP tool definitions bloating prompt tokens and increasing latency in voice agents — how to handle this? Agents agent-development	3	41	March 11, 2026
I don't understand Getting Started	2	55	April 24, 2026
Invalid agent state leads to blocked call Agents agent-development , agent-sdk-node-js , node-js	7	61	February 19, 2026

Recommended architecture for safe MCP tool execution in LiveKit agents

Related topics