Best Practices for MCP Standard Tools SuiteApp

Refer to Associated Risks, Controls, and Mitigation Strategies for information about the following:

• Risks associated with using external AI clients and large language models (LLMs).

• Security controls available in NetSuite.

• Mitigation strategies for these risks.

For tips on structuring prompts to achieve clear, effective communication with the AI, see Prompting Guidelines.

The following best practices may not fully prevent inaccuracies or hallucinations from large language models (LLMs), but they can help minimize errors and support better results.

• Data Accuracy and Validation

  • Review the tools used and the outputs generated by the LLM. Check both the steps taken (shown as tool selections, requests, and responses) and the final answer for accuracy, because LLMs may sometimes make up information.

  • Tell the model to use real data from your NetSuite account, so you don't get sample data in the results.

  • When you create records (ns_createRecord), always set the External ID (externalId). This helps prevent duplicate records and makes tracking easier.

• Tool Selection and Execution

  • When possible, have the model use ns_runReport or ns_runSavedSearch before trying ns_runCustomSuiteQL.

  • Clearly explain what you expect the model to do and show an example, including which tools it should use and the type of answer you want.

  • Use clear error-handling steps so it's easier to troubleshoot when problems happen.

• NetSuite Data Processing and Reporting

  • Don't use SuiteQL or build new reports for financial reports. NetSuite standard reports use important business rules that SuiteQL can't apply.

  • Use SuiteQL for complex queries, such as when you need to combine data from multiple tables.

• User Experience and Guidance

  Ask the model to include direct links in its results—for example, links to reports, transactions or records—so users can quickly access related information in NetSuite.

General Notices