For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
  • Getting Started
    • Welcome
    • Contributing
  • Concepts
    • Columns
    • Seed Datasets
    • Agent Rollout Ingestion
    • Custom Columns
    • Validators
    • Processors
    • Person Sampling
    • Traces
      • Overview
      • MCP Providers
      • Tool Configs
      • Enabling Tools
      • CLI Configuration
      • Safety & Limits
    • Architecture & Performance
    • Deployment Options
    • Security
  • Tutorials
    • Overview
    • The Basics
    • Structured Outputs, Jinja Expressions, and Conditional Generation
    • Seeding with an External Dataset
    • Providing Images as Context
    • Generating Images
    • Image-to-Image Editing
  • Recipes
    • Recipe Cards
  • Plugins
    • Overview
    • Example Plugin
    • FileSystemSeedReader Plugins
    • Discover
  • Code Reference
    • Overview
  • Dev Notes
    • Overview
    • Prompt Sensitivity
    • Retriever SDG Toolkit
    • Have It Your Way
    • VLM Long Document Understanding
    • Push Datasets to Hugging Face Hub
    • Text-to-SQL for Nemotron Super
    • Async All the Way Down
    • Owning the Model Stack
NVIDIANVIDIA
Developer-friendly docs for your API
Privacy Policy | Manage My Privacy | Do Not Sell or Share My Data | Terms of Service | Accessibility | Corporate Policies | Product Security | Contact

Copyright © 2026, NVIDIA Corporation.

LogoLogoNeMo Data Designer
On this page
  • Overview
  • Tool Allowlists
  • Behavior
  • Turn Budgets
  • Understanding Turns
  • Graceful Budget Exhaustion
  • Timeouts
  • Timeout Behavior
  • Default Timeout
  • Combining Controls
  • See Also
ConceptsTool Use & MCP

Safety and Limits

||View as Markdown|
Previous

Configuring MCP Using the CLI

Next

🏗️ Architecture & Performance

This guide covers the safety controls available for tool use, including allowlists, turn budgets, and timeouts. These controls help prevent runaway loops and ensure predictable generation behavior.

Overview

When LLM columns use tools, the model can make multiple tool calls in a loop until it produces a final answer. Without limits, this could lead to:

  • Excessive API calls and costs
  • Long generation times
  • Infinite loops if the model keeps requesting tools

Data Designer provides three types of controls:

ControlPurpose
Tool allowlistsRestrict which tools can be called
Turn budgetsLimit iterations of tool-calling
TimeoutsCap individual tool call latency

Tool Allowlists

Restrict which tools are available using allow_tools:

1import data_designer.config as dd
2
3tool_config = dd.ToolConfig(
4    tool_alias="restricted-tools",
5    providers=["demo-mcp"],
6    allow_tools=["search_docs", "list_docs"],  # Only these tools
7)

Behavior

SettingBehavior
allow_tools=None (default)All tools from the providers are available
allow_tools=["tool1", "tool2"]Only the specified tools are available

Tools not in the allowlist won’t be included in the schemas sent to the model, so the model won’t know they exist.

Use allowlists for untrusted tools If your MCP providers expose tools that could be dangerous or expensive, use allowlists to restrict access to only the tools you need.

Turn Budgets

Limit the number of tool-calling iterations using max_tool_call_turns:

1import data_designer.config as dd
2
3tool_config = dd.ToolConfig(
4    tool_alias="limited-tools",
5    providers=["demo-mcp"],
6    max_tool_call_turns=5,  # Maximum 5 iterations (default)
7)

Understanding Turns

A turn is one iteration where the LLM requests tool calls. With parallel tool calling, a single turn may execute multiple tools simultaneously.

ScenarioTurn Count
Model requests 1 tool1 turn
Model requests 3 tools in parallel1 turn
Model requests 1 tool, then 2 more, then 1 more3 turns

This approach gives models flexibility to use parallel calling efficiently while still bounding total iterations.

Graceful Budget Exhaustion

When the turn limit is reached, Data Designer doesn’t abruptly stop generation. Instead:

  1. The model’s tool call request is recorded in the conversation
  2. Tool “results” are returned with a refusal message explaining the limit was reached
  3. The model receives this feedback and can produce a final response

This ensures the model can still provide a useful answer based on the tools it already called, rather than failing silently.

Timeouts

Limit how long each tool call can take using timeout_sec:

1import data_designer.config as dd
2
3tool_config = dd.ToolConfig(
4    tool_alias="fast-tools",
5    providers=["demo-mcp"],
6    timeout_sec=30.0,  # 30 seconds per tool call
7)

Timeout Behavior

When a timeout occurs:

  1. The tool call is terminated
  2. An error message is returned to the model
  3. The model can attempt recovery (retry, skip, or answer without the result)
1# Example error in trace when timeout occurs
2{
3    "role": "tool",
4    "content": "Error: Tool 'search_docs' failed: Connection timeout after 30s",
5    "tool_call_id": "call_abc123"
6}

Default Timeout

The default timeout is 60 seconds. Adjust based on your tools:

Tool TypeRecommended Timeout
Fast lookups5-10 seconds
Database queries15-30 seconds
External API calls30-60 seconds
Complex computations60+ seconds

Combining Controls

You can use all controls together for defense in depth:

1import data_designer.config as dd
2
3tool_config = dd.ToolConfig(
4    tool_alias="secure-tools",
5    providers=["demo-mcp"],
6    allow_tools=["search_docs", "get_fact"],  # Restricted tools
7    max_tool_call_turns=3,                     # Limited iterations
8    timeout_sec=15.0,                          # Fast timeout
9)

See Also

  • Tool Configurations: Complete ToolConfig reference
  • Message Traces: Monitor tool usage patterns