curl -sf -X POST https://gateway.flocks.local/v1/tool \
  -H 'Content-Type: application/json' \
  -d '{
    "auth_token": "ops",
    "namespace":  "flocks.builtin",
    "name":       "shell",
    "arguments":  { "command": "echo flocks-tool-ok" }
  }'

Response

{
  "result": {
    "exit_code": 0,
    "stdout":    "flocks-tool-ok\n",
    "stderr":    ""
  },
  "is_error": false
}
Tools are routed by namespace.name. The gateway rejects calls that fall outside the active grant’s tool allowlist.