Shadow AI List
Server Details
Risk-ranked registry of AI tools: look up an AI tool's risk or check if a domain is shadow AI.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 4.3/5 across 4 of 4 tools scored.
Each tool has a distinct purpose: domain check, top risky list, filtered list, and specific lookup. No overlap in functionality, making it easy for an agent to select the correct tool.
All tools use snake_case with a verb-noun pattern (check, get, list, lookup). The only minor inconsistency is 'check_domain_against_registry' being a longer phrase compared to the simpler others, but the pattern is still clear and predictable.
Four tools is well-scoped for the domain of querying a shadow AI registry. Each tool serves a clear need without redundancy or excessive granularity.
The tool surface covers all primary query operations: domain verification, listing by category, retrieving top risks, and direct lookup. No obvious gaps for the stated purpose of checking and exploring shadow AI tools.
Available Tools
4 toolscheck_domain_against_registryCheck if a domain is shadow AIARead-onlyInspect
Check whether a domain or subdomain belongs to a known AI tool - i.e. whether traffic to it is shadow AI. Returns the tool and its risk if matched. Covers the free top 100.
| Name | Required | Description | Default |
|---|---|---|---|
| domain | Yes | A domain or URL, e.g. 'chat.openai.com' or 'https://cursor.sh'. |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations indicate readOnlyHint=true and openWorldHint=false. The description adds critical behavioral context: the tool is limited to the top 100 AI tools and returns risk info. No contradictions with annotations.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is two sentences with no wasted words. It front-loads the action and key information, making it easy for an AI agent to process quickly.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given one parameter, no output schema, and good annotations, the description covers purpose, usage context, and limitations. It lacks explicit output format details but remains adequate for proper tool selection.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The input schema has 100% coverage with a clear description for the 'domain' parameter. The tool description does not add significant new meaning beyond the schema, meeting the baseline but not exceeding it.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool's function: checking if a domain belongs to a known AI tool (shadow AI). It specifies the return value (tool and risk) and coverage (free top 100), distinguishing it from siblings like list_shadow_ai or lookup_ai_tool_risk.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implicitly guides usage: when you have a specific domain to check, use this tool. It does not explicitly state when not to use or list alternatives, but the context of sibling tools makes the intended use case clear.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
get_top_risky_aiGet the highest-risk AI toolsARead-onlyInspect
Get the highest-risk AI tools by AI Exposure Index risk score. Returns name, domain, category, and risk score + band. Covers the free top 100.
| Name | Required | Description | Default |
|---|---|---|---|
| limit | No | How many (default 10, max 25). |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already provide readOnlyHint=true, so no contradiction. The description adds context about the return fields and coverage (free top 100), but doesn't detail sorting or potential rate limits.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Two sentences, no redundancy. First sentence states purpose and returns, second clarifies scope. Efficiently conveys all necessary information.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given one parameter, no output schema, and readOnly annotation, the description is largely sufficient. It could note the descending sort order, but that is implied by 'highest-risk'.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% for the single parameter 'limit'. Description adds minor context that the limit controls retrieval from the top 100, but no additional semantics beyond the schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states it returns the highest-risk AI tools by AI Exposure Index risk score, listing fields like name, domain, category, risk score, and band, and covers the top 100. It distinguishes from sibling tools like check_domain_against_registry.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies use when needing a ranked list of risky AI tools. While it doesn't explicitly exclude other tools, the sibling context makes it clear. No explicit alternatives mentioned, but the purpose is well-defined.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
list_shadow_aiList AI toolsARead-onlyInspect
List AI tools from the registry, optionally filtered by category. Returns name, domain, category, and risk band. Covers the free top 100.
| Name | Required | Description | Default |
|---|---|---|---|
| limit | No | Max results (default 25, max 100). | |
| category | No | Optional category filter (e.g. 'coding', 'chatbot', 'meeting_transcription'). |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations indicate readOnlyHint=true, covering safety. Description adds that it 'covers the free top 100', which is useful scope information beyond annotations.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Two sentences, front-loaded with action and optionality, no unnecessary words. Highly efficient.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
For a simple list tool with full schema coverage and no output schema, description adequately covers return fields and scope. Complete for the task.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100%, so baseline is 3. Description adds 'optionally filtered by category' and 'free top 100' but adds no extra meaning beyond schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Clearly states verb 'List', resource 'AI tools from the registry', optional filter 'by category', and describes return fields. Distinguishes from siblings which are more specific lookups.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Implies usage for general listing but does not explicitly state when to use versus siblings like 'check_domain_against_registry' or 'get_top_risky_ai'. No when-not or alternative guidance provided.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
lookup_ai_tool_riskLook up an AI tool's riskARead-onlyInspect
Look up an AI tool by name, vendor, or domain and return its AI Exposure Index risk score, risk band, category, and whether it trains on user data. Covers the free top 100.
| Name | Required | Description | Default |
|---|---|---|---|
| query | Yes | Tool name, vendor, or domain (e.g. 'Cursor', 'OpenAI', 'cursor.sh'). |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already mark it as read-only, and the description adds context by listing the returned fields and the scope limitation ('free top 100'), which informs the agent about potential 'not found' cases. No contradictions.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is two sentences, front-loaded with the action and outputs, and every word contributes meaning. No fluff.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
For a simple lookup tool with one parameter and no output schema, the description is complete. It explains what the tool does, what inputs are expected, and what outputs are returned, including the scope limitation. No gaps.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
With 100% schema description coverage, the baseline is 3. The description adds value by providing examples ('e.g. 'Cursor', 'OpenAI', 'cursor.sh'') and explaining the parameter accepts name, vendor, or domain, going beyond the schema's minimal description.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the verb 'Look up', the resource 'AI tool's risk', and specifies what is returned: risk score, band, category, and training on user data. It also mentions scope ('Covers the free top 100'), which helps distinguish it from sibling tools like 'get_top_risky_ai' and 'list_shadow_ai'.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implicitly indicates when to use this tool (to look up a specific AI tool's risk) and notes a limitation ('Covers the free top 100'), but does not explicitly state when not to use it or provide direct comparisons with sibling tools like 'check_domain_against_registry'.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!