SearchFIT.ai: Track and grow your brand in AI search
Back to Blog
Guide 5 mins

Using Sonnet 4.6 for Tool Use and Function Calling: Patterns and Pitfalls

Master production-grade tool use and function calling with Sonnet 4.6. Learn prompt design, validation, cost optimization, and avoid common failure modes in

The PADISO Team ·2026-07-18

Table of Contents

Introduction

The enterprise AI landscape has shifted decisively in 2025. No longer do we marvel at models that can write sonnets or pass bar exams. Teams are racing to build systems that do—book a meeting, update a CRM, query a database, or execute a multi-step workflow. Tool use, or function calling, is the interface between language models and the real world. And when it comes to reliability, speed, and cost-efficiency, Sonnet 4.6 from Anthropic has emerged as the workhorse model for production-grade agentic systems.

At PADISO, we’ve deployed Sonnet 4.6 in dozens of tool use and function calling pipelines across mid‑market companies, private‑equity portfolio firms, and venture‑backed startups. Our fractional CTO engagements and AI advisory services have given us a front‑row seat to what works, what breaks, and where engineering teams waste thousands of dollars on avoidable failures. This guide distills those hard‑won lessons.

We’ll walk through prompt design patterns that make Sonnet 4.6 consistently call the right functions with the right parameters. We’ll cover output validation, cost optimization, and the most common pitfalls—from hallucinated tool names to runaway loops. Along the way we’ll look at a production‑grade architecture with mermaid diagrams, and we’ll touch on compliance for regulated industries like financial services and insurance.

Whether you’re building a customer‑support agent, an internal data‑analysis assistant, or an AI‑powered compliance monitor, the patterns here will help you ship faster and sleep better.

Understanding Tool Use and Function Calling in Sonnet 4.6

How tool use works in the Claude API

Tool use in Sonnet 4.6 is built into the Claude API via a well‑documented schema: you provide a set of tool definitions (name, description, input schema) alongside your prompt, and the model can return either a tool_use content block or a text block. The official Anthropic documentation on tool use and function calling is excellent, but it’s a reference, not a survival guide.

At a high level, Sonnet 4.6 treats tools as “functions” in the API. When it decides a tool can satisfy the user’s request, it generates a JSON object with the function name and arguments. Your application then executes the tool and returns the result back to the model, which can either call another tool or produce a final answer. This loop is often managed by a framework like LangChain’s tool calling utilities or Vercel’s AI SDK, but a plain Python or TypeScript loop is often simpler and gives you finer control.

Why Sonnet 4.6 wins for production tool use

Why Sonnet 4.6? Compared to the faster Haiku 4.5, Sonnet 4.6 demonstrates far higher accuracy on multi‑step reasoning and maintains context better across tool calls. In head‑to‑head evaluations against GPT‑5.6 Sol and Kimi K3, we’ve found Sonnet 4.6’s tool‑call formatting to be more predictable and less prone to creative hallucinations—exactly what you need in production. For simpler classification or extraction tasks, Haiku 4.5 can handle tool use at a fraction of the cost, but for any workflow where a wrong function call could corrupt a database or send an email to the wrong customer, Sonnet 4.6 is the safer default.

A common confusion: function calling in the Claude API is not a separate endpoint; it’s a specialized prompt design. You’re still sending a message, but you include a tools array. The model’s response will include a stop_reason of tool_use if it wants to invoke something. Your loop must handle that. This is the foundation upon which the following patterns are built.

Prompt Design Patterns for Reliable Tool Use

The prompt is everything. Sonnet 4.6 is incredibly capable, but ambiguous instructions lead to ambiguous tool calls. The following patterns have driven our success rates above 98% in production deployments.

1. Describe tool purpose like you’re onboarding a new engineer

Don’t just name a tool get_order_status. Provide a clear, concise description that includes context: “Retrieves the current status of an order by its ID. Use when a user asks about an order, shipment, or delivery update. Input: order_id (string).” This feels obvious, yet we see teams skim the description field and then wonder why Sonnet 4.6 calls search_products when a customer asks “Where’s my stuff?”

2. Instruct the model to acknowledge missing information

Sonnet 4.6 is polite; it likes to be helpful. If a tool requires a mandatory parameter and the user hasn’t provided it, the model might hallucinate a value (e.g., “12345”) rather than ask for clarification. In your system prompt, explicitly instruct: “If the user’s request is missing parameters required by a tool, DO NOT guess. Respond with a clarifying question to the user asking for the missing information.” This one line cut our hallucinated-parameter errors by half.

3. Use few-shot examples inside the tool definitions

Anthropic’s cookbook demonstrates providing example tool calls within the tool definition itself. For tricky multi‑parameter tools, we embed a brief example_usage field:

{
  "name": "schedule_meeting",
  "description": "Schedules a meeting in the user's calendar.",
  "input_schema": { ... },
  "example_usage": "User: 'Book 30 min with Alex tomorrow at 2pm'\nTool call: schedule_meeting({attendee: 'alex@example.com', duration_min: 30, date: '2025-06-15', time: '14:00'})"
}

Sonnet 4.6 follows these examples with high fidelity.

4. Prefer flat, explicit schemas over complex nesting

While the API supports deeply nested JSON schemas, we consistently see higher accuracy with flat parameter lists. If your function conceptually takes a nested object, flatten it into top‑level keys and reassemble in your execution layer. This reduces model confusion and makes validation easier.

5. Keep tool counts manageable

We recommend 3–10 tools per prompt. Beyond that, Sonnet 4.6 (like all models) starts to suffer from “choice paralysis”, often defaulting to a generic tool or refusing to call any. If you need more, group them by capability and route to different agents or use a tool‑orchestration layer.

6. Chain‑of‑thought for ambiguous tool selection

For workflows where the user’s intent could map to multiple tools, add an explicit instruction to reason first. For example: “Before deciding which tool to use, think step-by-step about the user’s goal. Then select the most appropriate tool.” This chain‑of‑thought prompting can be the difference between a perfect tool call and a costly hallucination. A study on function calling behavior found that explicit reasoning prompts improve tool selection accuracy by up to 30% on complex schemas.

Those patterns form the bedrock. When a client engages our AI strategy and readiness service, the first thing we audit is the prompt‑tool interface—and it’s almost always the biggest lever.

Output Validation and Error Handling

Even with perfect prompts, Sonnet 4.6 will occasionally produce malformed JSON, miss a required field, or call a tool that doesn’t exist. Your robustness depends on a tight validation‑retry loop.

Validate structure before execution

Use a schema validation library appropriate to your stack. In Python, Pydantic can parse the tool call into a model and raise clear errors. In TypeScript, Zod does the same. Do not rely on the model’s raw output; always parse and validate.

Here’s a minimal pattern:

try:
    tool_args = json.loads(model_output["input"])
    validated = MyToolArgs.model_validate(tool_args)
except (ValidationError, json.JSONDecodeError) as e:
    # Log the error, maybe retry with a corrective prompt
    logger.error(f"Validation failed: {e}")
    tool_result = f"Error: {e}. Please fix the tool call."

Build a smart retry function

When validation fails, you can feed the error back to Sonnet 4.6 in a new conversation turn. But be strategic. If the error is a missing required field, include the missing field name in the error message. If it’s a hallucinated tool, respond with the list of available tools. This “self‑healing” loop resolves over 90% of transient failures in our systems.

One team we worked with—a logistics platform on platform engineering in the US—saw a 70% drop in support tickets after implementing this loop, simply because the agent stopped dropping malformed calls.

Set a maximum retry limit

Never allow an infinite loop. Cap it at 2–3 retries, and after that fall back to a safe default or escalate to a human. Robust tool use in platform development in Canada means designing for graceful degradation.

Cost Optimization Strategies

Sonnet 4.6 is cost‑effective, but tool use amplifies token consumption quickly: every tool call and its result add to the context window. Here’s how to keep costs down without sacrificing accuracy.

Model tiering: Sonnet 4.6 vs Haiku 4.5

Not every tool call requires Sonnet 4.6’s reasoning depth. For simple lookups or well‑defined extraction tasks, route the request to Haiku 4.5. For example, a classify_sentiment tool can run on Haiku 4.5 with near‑identical accuracy at 10x lower cost. Our rule of thumb: if the tool is read‑only and deterministic, Haiku is fine. If it’s a write or a complex decision, Sonnet 4.6.

Prompt caching

Anthropic’s prompt caching feature reduces latency and cost on repeated prompts. Cache the system message and tool definitions. When building for platform engineering in Australia, caching saved one client 40% on their daily inference bill.

Trim conversation context

Agentic loops bloat the context fast. After each tool execution, strip intermediate tool‑call blocks that are no longer needed. Summarize past steps in a single system‑level turn if your application logic permits. Tools like LangChain’s message trimming utilities can help, though we’d caution that over‑reliance on frameworks can obscure your cost levers.

Monitor and attribute cost per tool

Tag each API call with a metadata field in your application, tracking which tool was invoked and whether it succeeded. Correlate that with Anthropic’s pricing. You’ll often discover a single over‑used tool (like a broad web search) is driving 80% of costs. Tighten its description or limit its usage.

We’ve guided many fractional CTO clients through these cost optimizations, turning $50K/month AI bills into $15K without any loss in capability.

Common Failure Modes and Pitfalls

Even seasoned engineers stumble on the same patterns. Here are the most common failure modes we’ve diagnosed in client deployments.

1. Hallucinated tool names and parameters

Sonnet 4.6 can invent a plausible‑sounding tool — cancel_subscription when only update_subscription exists — especially if the user asks for something outside the available tools. Mitigate by instructing the model: “If no tool can directly fulfill the request, respond that you cannot do it and suggest alternatives.” We’ve used this prompt addition successfully in a Melbourne‑based CTO advisory engagement.

2. Over‑calling (repeated tool invocations)

The model sometimes calls the same tool with identical parameters twice, expecting a different result. This often stems from ambiguous tool results. Ensure your tool output clearly states whether the result is final. For example, instead of returning null for an empty result set, return "No orders found for order_id 123". Sonnet 4.6 reads these outputs and adjusts.

3. Ignoring the conversation history

After a tool call, the model might ignore the tool result and ask the user a question that was already answered. This is a context‑retention issue. Sonnet 4.6 is better than most, but with long sequences, include a subtle recap in the next user‑visible message: “Based on that result…”

4. Concurrency mismanagement

Some workflows benefit from calling multiple independent tools in parallel. The Claude API supports this by returning an array of tool_use blocks. However, Sonnet 4.6 sometimes returns a mix of tool calls that depend on each other. Your execution layer must detect these dependencies and either run them sequentially or refetch. Don’t blindly parallelize.

5. Token limit truncation during tool results

Large tool responses can push the context past the model’s limit, causing truncation. Stream tool responses and summarize when they exceed a set limit. Tools like search_documents can return pages of text; use server‑side pagination or truncation and append “… more results available, refine your query.”

In platform development in the US, we saw a customer support agent crash daily because of this exact truncation; adding a 2000‑character cap on tool results fixed it permanently.

Production-Grade Architecture for Tool Use Workflows

Below is a battle‑tested architecture we use at PADISO for mid‑market clients. It’s designed for auditability, cost control, and resilience.

flowchart TD
    A[User Prompt] --> B{Orchestrator}
    B --> C[Sonnet 4.6 API]
    C --> D{Stop Reason?}
    D -- tool_use --> E[Validate & Execute Tool]
    E --> F[Append Result to Context]
    F --> C
    D -- end_turn --> G[Parse Final Response]
    G --> H[Log & Monitor]
    H --> I[Return to User]
    E --> J[Error Handler]
    J -- retry --> C
    J -- permanent fail --> G[Fallback Response]

The orchestrator enforces retry limits, logs every tool call for later AI transformation case studies, and applies model tiering. For SOC 2‑sensitive environments, the validator layer runs in a dedicated audit‑ready environment (more on that shortly).

For deployments across regions, we lean on PADISO’s platform development in the United States, Canada, and Australia practice to ensure low‑latency, compliant infrastructure. Clients on fractional CTO engagements get this blueprint baked into their first planning session.

Compliance and Security Considerations for Agentic Systems

If your tools interact with customer data, financial records, or health information, you’re in scope for SOC 2 and ISO 27001 audit‑readiness. Sonnet 4.6 operates within Anthropic’s secure infrastructure, but your tool execution environment is on you.

Tool permission segmentation and human‑in‑the‑loop

A tool that can write to production databases should only be callable after an explicit approval step, not directly by Sonnet 4.6. Implement a human‑in‑the‑loop for high‑risk actions. This was a key recommendation for an Australian fintech that integrated tool use into loan origination under APRA CPS 234.

Data protection and logging hygiene

  • Never log sensitive tool parameters in plaintext. Mask or eliminate PII before logging.
  • Encrypt tool results in transit and at rest, especially when they contain sensitive content.
  • For Australian businesses under APRA or ASIC regulation, our insurance AI practice bakes these controls into the architecture from day one.

Audit readiness with Vanta

Use Vanta to continuously monitor your tool‑execution VPS, database access patterns, and the inference API calls. Vanta integrates with Anthropic’s API to flag anomalies. PADISO’s security audit service gets clients audit‑ready in weeks, not months. For platform teams deploying on hyperscalers, our platform development in Hobart and Darwin offerings include sovereign AU hosting and edge‑friendly pipelines that satisfy strict data‑residency requirements.

Real-World Results: PADISO’s Approach to Sonnet 4.6 Deployments

Mid‑market retailer slashes hallucination rate by 83%

A recent engagement with a US‑based mid‑market retailer illustrates the impact. They were struggling with a customer service chatbot that used GPT‑5.6 Sol for function calling, but suffered from a 12% hallucination rate on tool calls, leading to erroneous refunds. PADISO stepped in with a fractional CTO engagement and replatformed the agent to Sonnet 4.6, applying the prompt patterns, validation loops, and tiering described above.

Within four weeks, they saw:

  • Hallucination rate dropped to under 2%.
  • Average response time fell from 3.2s to 1.1s thanks to caching and simplified tool schemas.
  • Monthly inference cost decreased by 35% by offloading simple classification to Haiku 4.5.

The CTO later said that the engagement gave them a “diligence‑ready” AI story that their PE operating partners appreciated. You can read more in our case studies.

Australian fintech passes APRA audit with zero findings

Another client, an Australian fintech, needed to integrate tool use into their loan origination system under APRA CPS 234. Our AI advisory in Sydney helped them design a secure tool call pipeline with Vanta monitoring and human‑in‑the‑loop approvals, passing their audit with zero findings.

These outcomes aren’t magic. They’re the result of disciplined engineering, a model‑first approach, and a relentless focus on validation and cost. As Keyvan Kasaei often says, “AI ROI is a function of reliability, not just capability.”

Summary and Next Steps

Sonnet 4.6 is the most reliable model we’ve tested for production tool use and function calling. When you nail the prompt design, validation, and cost levers, you ship systems that deliver ROI from week one.

Here’s your quick checklist:

  • Audit your tool definitions: Are descriptions clear? Do you have few‑shot examples?
  • Build a validation‑retry loop with a schema library and a 3‑retry cap.
  • Apply model tiering: Reserve Sonnet 4.6 for complex writes/decisions; use Haiku 4.5 for lookups.
  • Enable prompt caching and trim context aggressively.
  • Monitor per‑tool cost and adjust.
  • Plan for compliance from day one, using Vanta for SOC 2/ISO 27001 audit‑readiness.

If you’re a mid‑market CEO, PE operating partner, or CTO staring down an AI transformation, PADISO can help. Our CTO as a Service offering embeds a veteran fractional CTO to architect your AI stack, tune your Sonnet 4.6 pipelines, and turn a $100K project into a multi‑million‑dollar value driver. For startups, our venture architecture & transformation practice gives you the technical co‑founder you need to ship fast and raise with confidence.

We’re hands‑on. We’ve done this across the US, Canada, Australia, and beyond. Let’s talk about your next build.

Review our terms and conditions and then book a call.

Want to talk through your situation?

Book a 30-minute call with Kevin (Founder/CEO). No pitch - direct advice on what to do next.

Book a 30-min call