AI Agent

The AI agent action allows you to securely and privately run a large language model (LLM) at any point in your workflow. It supports two modes of operation: task and chat, enabling both behind-the-scenes automation and interactive user experiences.

AI agent action usage is based on a credits system: all tenants include a monthly credit allowance, and each execution of the action deducts credits. See more details on credits and executions.

Learn more about how AI works in Tines at Tines Explained.

Features

Invoke an LLM on demand in your workflow
AI models run inside Tines's infrastructure, with strong security and privacy guarantees.
Choose from a variety of language models (Claude 3 Haiku, Claude 3.7 Sonnet, Claude 4 Sonnet, Claude Opus 4, Amazon Nova Pro, Amazon Nova Lite, Llama 3)
Support for the AI agent action to use tools
Configure system-level instructions to guide the AI’s behavior
Include image data to take advantage of Claude's vision capabilities
Host a user-facing AI chat experience (Chat mode)

Modes

Task Mode

Task mode supports invoking a large language model either in a simple one-shot fashion (prompt → response) or as an autonomous agent that can use tools to complete tasks.

When tools are attached, the model engages in a self-directed reasoning loop, invoking tools as needed until a solution is reached.

Chat Mode

Chat mode enables a conversational experience hosted on a Tines page.

End-users can interact with the AI agent action in real time. The chat continues until the AI achieves a defined objective specified in the system instructions, at which point the action completes and emits a final event.

Tools

Tools are functions the model can access to perform specialized tasks beyond its built-in capabilities.

There are three categories of tools you can attach to the AI agent action, supported in both task and chat mode.

Templates

Tines provides pre-built public templates for popular products to save you time building out workflows.

These templates can be added and configured as tools for the AI agent action.

Additionally, you can add private, user-defined templates as tools.

See our templates documentation for more information.

Send to Story

You can attach existing Tines Stories as tools using Send to Story, which lets the AI agent action pass data into another Story as input.

Note that these external Stories exist within a separate change control scope from the Story containing the AI agent action.

See our Send to Story documentation for more information.

Custom tools

Custom tools allow builders to define and configure tools directly within the same Story as the AI agent action, keeping everything under a single change control scope.

This facilitates tasks that may not be covered by existing public templates or tasks that require multi-action workflows that reference dynamic input values.

Configuration options

System instructions: Optional system-level instructions that define the rules, context, and constraints for the AI. In Chat mode, this should define the bot’s goal; the chat ends when the goal is achieved.
Tools: A list of tools the AI agent action can use. When provided, the AI acts autonomously to decide if/when to use each tool.
Output schema: A JSON schema to validate the output structure.
Model: The LLM to use (default: Claude 3.7 Sonnet).

Task mode options

Prompt: The input to send to the model. Can include input data, examples, or instructions.
Image: (Claude 3/4 only) Base64-encoded image content, or an array of images.
Temperature: Controls the creativity of the output. Range: 0–1 (default: 0.2).
Json mode: If enabled, prompts the model to return JSON-formatted data.
Timeout: Timeout for the LLM request in seconds (default: 30).
Retries: Max number of retries (default: 25).

Chat mode options

URL identifier: Defines the public URL for the chat page.
Access control: Configuration for who can access the chat.
Theming options: Customize the chat page’s appearance:
- Action color: Primary UI color
- Page logo: Image to display
- Appearance: "light" or "dark" mode
Initial message: Message displayed to the user when the chat starts.

Emitted event

When in task mode with no tools attached, a single event is emitted each time the action runs. This event contains output from the AI model.

{
  "output": "Estimated severity: high"
}

If the model returns valid JSON, you have JSON mode enabled, or an output schema configured, Tines will automatically parse this in the event data:

{
  "output": {
    "estimated_severity": "high"
  }
}

When using chat or task mode with tools, the event payload will also include the full conversation steps. For example:

{
  "steps": [
    {
      "role": "user",
      "text": "How many users are on this tenant?"
    },
    {
      "role": "agent",
      "text": "I'll help you find out how many users are on this tenant by retrieving the user list"
    },
    {
      "role": "tool",
      "tool_name": "think",
      "inputs": {
        "input": "The user wants to know the total number of users on this tenant. I should use the list_users function to get this information."
      },
      "output": "Thought logged"
    }
  ]
}

Tines will include a metadata field in the event payload that specifies the model used, input and output token counts, credits consumed, and remaining credits.

{
  "input_tokens": 1943,
  "output_tokens": 417,
  "credits_used": 3,
  "remaining_credits": 4759,
  "model": "eu.anthropic.claude-3-7-sonnet-20250219-v1:0"
}

Example configuration options

Proposing remediation steps for a security alert (alert_data):

{
  "prompt": "Summarize the potential remediation steps for the alert\n\n Data:<<alert_data>>"
}

Analyzing a support request from a user (support_request):

{
  "prompt": "Help the user with their product issue.\n\n Data:<<support_request.query>>",
  "image": "=support_request.screenshot.contents"
}

A security remediation agent.

{
  "mode": "task",
  "prompt": "Remediate the following alert based on the step defined below:\n\n<alert>\n```\n<<cases_action.body.case>>\n```\n</alert>\n\n<remediation_task>\n<<cases_action.body.button.label>>\n</remediation_task>",
  "instructions": "You are a Security Remediation Agent responsible for executing remediation actions for security alerts.\n\nYour primary responsibilities are:\n\n1. Carefully analyze the remediation instructions provided in security alerts\n2. Execute the specified remediation actions using the appropriate tools available to you\n3. Report back on the outcome of each remediation action to the originating case using a Case Note\n4. Delete the \"Case Action\" that triggered the alert. This can be found by its ID.\n\nWhen receiving remediation instructions:\n- Parse the instruction carefully (e.g., \"Block URL xyz\", \"Disable user account abc\")\n- Identify the specific action required and the target of that action\n- Select the appropriate tool to execute the requested action\n- Execute the action precisely as instructed\n- Document all steps taken during remediation\n- Report success or failure of the remediation action\n- Include any relevant details or errors encountered during remediation\n\nAvailable remediation actions may include:\n- Blocking URLs/domains\n- Disabling user accounts\n- Revoking access tokens\n- Isolating endpoints\n- Adding IPs to blocklists\n- Removing malicious files\n- Resetting credentials\n\nAfter completing the remediation action, always:\n1. Verify the action was successful\n2. Create a detailed Case Note on the originating case with:\n   - The action that was taken\n   - The outcome (success/failure)\n   - Any relevant details or metrics\n   - Timestamp of when the action was completed\n   - Any recommended follow-up actions\n3. Delete the \"Case Action\" that triggered the alert. This can be found by its ID.\n\nNever deviate from the explicit remediation instructions provided. If instructions are unclear or appear potentially harmful, request clarification before proceeding.\n\nUse the following example for formatting:\n```\n## Remediation Action Completed: Block Sender Domain\n\nCompleted the remediation action to block the sender domain **suspicious.ru**.\n\n### Actions Taken:\n1. ✅ Successfully added the domain to the Sublime Security suspicious email addresses list\n2. ❌ Attempted to add the domain to CrowdStrike IOC blocklist but received an error: \"No IOCs could be identified\"\n\n### Recommendation:\nConsider manually adding this domain to your email gateway blocklist to ensure complete protection.\n\n"
}

Chat mode

A support assistant that assists users troubleshoot IT issues.

{
  "mode": "chat",
  "instructions": "You are a helpful assistant that helps users troubleshoot IT issues.",
  "initial_message": "Hi, how can I help you today?",
  "visibility": "tenant",
  "pages_appearance_mode": "light",
  "pages_action_color": "#777FFF",
  "page_mode": "success_page",
  "page_logo": null,
  "url_identifier": "6922c10ca8fe089ad0706eb31cb3a4de"
}

Solutions

By product

Professional services

By team

Tines for

Partners

Blog

Tines Blog →

Discover & Learn

Case studies

Library

University

Tines Explained ^↗

Customer center

Join the team

Careers

Company

About

Tines Store ^↗

Features

Modes

Task Mode

Chat Mode

Tools

Templates

Send to Story

Custom tools

Configuration options

Task mode options

Chat mode options

Emitted event

Example configuration options

Chat mode

Platform

Solutions

Resources

Company

Connect

RSS

By product

Professional services

Partners

Tines Blog →

Case studies

Library

University

Tines Explained ↗

Customer center

Careers

About

Tines Store ↗

Features

Modes

Task Mode

Chat Mode

Tools

Templates

Send to Story

Custom tools

Configuration options

Task mode options

Chat mode options

Emitted event

Example configuration options​

Chat mode

Tines Explained ^↗

Tines Store ^↗

Example configuration options