What This Does
This guide helps you create a custom agent that uses LoopIQ MCP safely. A custom agent can use MCP to read LoopIQ records, retrieve release governance evidence, run AI/ML agents, and request approved actions such as remediation work-package creation.Recommended Architecture
Use this pattern for production agents:- The user authenticates with your application.
- Your backend obtains or receives a LoopIQ-approved access token.
- Your backend connects to the LoopIQ MCP server.
- The agent discovers available tools.
- The agent uses read tools first to ground its answer.
- The agent previews any write action.
- The user approves or rejects the payload.
- The backend executes approved writes with an idempotency key.
- Your app stores the audit trail.
Good First Custom Agents
Start with agents that read context before they write:- Release readiness copilot
- Evidence gap reviewer
- Security blocker summarizer
- Sprint planning assistant
- Incident triage assistant
- Compliance evidence packager
- Analytics dashboard assistant
- Remediation work-package creator
Required Safety Behavior
Every production custom agent should:- preserve tenant and user context
- pass request ID and trace ID
- use read-only tools before write tools
- prefer semantic tools over raw route invocation
- use
dryRun: truebefore important mutations - show the exact payload before approval
- use an idempotency key for approved writes
- store the approval ID and tool result
- reject actions with missing parent records, missing titles, or unclear ownership
Example Agent Flow
For a release remediation agent:- Ask the user for a release or certification.
- Call
loopiq_get_release_certification. - Call
loopiq_get_release_certification_evidence_graph. - Identify failed controls, evidence gaps, and provider blockers.
- Draft one parent remediation story and child tasks.
- Call
loopiq_create_remediation_work_packagewithdryRun: true. - Show the user the payload.
- If approved, call the same tool with
dryRun: false,approvalId, andidempotencyKey. - Show created story and task IDs.
Openai Custom Agent Example
The exact SDK syntax may vary by OpenAI SDK version, but the production pattern is stable:Approval Loop Example
Prompt Template for a Custom LoopIQ Agent
Use a system prompt like this:Tool Selection Guide
Use these rules:- Use
loopiq_get_mcp_reliability_contractat startup to understand server guarantees. - Use
loopiq_list_ai_ml_agentsbefore running AI/ML agents. - Use
loopiq_list_resourcesbefore generic record operations. - Use
loopiq_list_routesbefore fallback route invocation. - Use release certification tools for release compliance workflows.
- Use evidence graph tools for provider-normalized evidence.
- Use analytics tools for metrics, charts, and dashboard workflows.
- Use
loopiq_create_remediation_work_packagefor approved parent-story-plus-child-task creation.
Tenant and Auth Setup
Your custom agent should not ask the user to paste a token into a prompt. Use one of these patterns:- backend session exchanges user auth for a LoopIQ token
- short-lived user token stored server-side
- organization-approved service account token with strict tenant allow-list
- Helix backend-mediated flow where LoopIQ handles MCP auth propagation
Dry-run and Approval Strategy
For read-only tools, execute normally. For write tools:- Call with
dryRun: truewhen supported. - Show the exact payload.
- Ask for approval.
- Add
approvalId. - Add
idempotencyKey. - Execute once.
- Store the result.
Testing Checklist
Before production, test:- tool discovery works
- tenant context is correct
- read-only calls return expected records
- unauthorized tenants are rejected
- stale or expired tokens fail safely
- dry-run write calls do not create records
- approved writes create exactly the expected records
- duplicate idempotency keys do not create duplicates
- action results include created IDs
- audit metadata is stored
Troubleshooting
The Agent Sees Too Many Tools
Constrain the agent with instructions to prefer semantic tools and specific tool families. Useloopiq_list_resources or loopiq_list_ai_ml_agents instead of listing every route.

