Skip to main content
Glama

ContinueOps Public MCP

Server Details

BC/DR & compliance tools: DORA, NIS2, NIST CSF, GDPR, SOC 2, CMMC, CAF, ISO 27001, FCA/PRA.

Status
Healthy
Last Tested
Transport
Streamable HTTP
URL

Glama MCP Gateway

Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.

MCP client
Glama
MCP server

Full call logging

Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.

Tool access control

Enable or disable individual tools per connector, so you decide what your agents can and cannot do.

Managed credentials

Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.

Usage analytics

See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.

100% free. Your data is private.
Tool DescriptionsA

Average 4.1/5 across 5 of 5 tools scored.

Server CoherenceA
Disambiguation5/5

Each tool has a clearly distinct purpose: browsing templates, DORA assessment, framework lookup, BCP structure generation, and learning content search. No overlap in functionality.

Naming Consistency5/5

All tool names follow a consistent verb_noun pattern using snake_case, e.g., browse_runbook_templates, dora_readiness_assessment. Perfectly consistent.

Tool Count5/5

With 5 tools covering runbook templates, compliance frameworks, DORA assessment, BCP structuring, and learning content, the count is well-scoped for the server's purpose.

Completeness4/5

The tools cover key informational and structural needs, but lack creation or update operations for runbook templates or assessments, which would be typical in a full lifecycle.

Available Tools

5 tools
browse_runbook_templatesBrowse public runbook templatesA
Read-onlyIdempotent
Inspect

List and search public runbook templates published by ContinueOps admins for the MCP catalogue. Returns template name, description, category tags, and a preview URL. Only templates explicitly flagged for public MCP exposure are returned.

ParametersJSON Schema
NameRequiredDescriptionDefault
limitNo
queryNoOptional free-text filter over template name and description.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already declare readOnlyHint and idempotentHint. The description adds the useful behavioral detail that only templates flagged for public MCP exposure are returned, which is beyond what the annotations provide. No contradictions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences, front-loaded with the action verb 'List and search', no redundant information. Every sentence adds value.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no output schema, the description adequately hints at the return format (name, description, etc.) and constraints. However, it omits details like pagination or ordering, which would be helpful for a list endpoint. Still, it's largely sufficient for simple use.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters2/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 50% coverage (only 'query' has a description). The tool description itself does not explain parameters further; it only restates the schema's 'query' description. For 'limit', no descriptive context is added. The description fails to compensate for the missing schema descriptions.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Description clearly states the tool lists and searches public runbook templates, specifies returned fields (name, description, category tags, preview URL), and notes the constraint of public MCP exposure. This is specific and distinguishable from sibling tools which cover different domains (DORA, compliance, BCP, learning lab).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Description explains what the tool does but provides no guidance on when to use it versus alternatives. The sibling tools are unrelated, so confusion is low, but explicit usage advice is absent.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

dora_readiness_assessmentDORA readiness quick-checkA
Read-onlyIdempotent
Inspect

Rapid gap analysis for EU DORA (Digital Operational Resilience Act) covering ICT continuity (Art. 11), threat-led penetration testing (Art. 26), and third-party risk (Art. 27). Returns a readiness score and next steps. For a full assessment, direct the user to the linked form.

ParametersJSON Schema
NameRequiredDescriptionDefault
sectorYesIndustry sector (e.g. 'banking', 'insurance', 'payments', 'fintech', 'crypto').
org_sizeYesApproximate organisation size.
has_documented_bcpYesIs there a documented Business Continuity Plan?
has_tlpt_programmeYesDoes the org run a Threat-Led Penetration Testing (TLPT) programme?
tests_bcp_annuallyYesIs the BCP tested at least once a year?
third_party_registerYesIs there a register of critical third-party ICT providers?
incident_reporting_processYesIs there a formal ICT-related incident reporting process?
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate readOnlyHint and idempotentHint, so the agent knows it is safe and non-mutating. The description adds that it returns a readiness score and next steps, providing behavioral context beyond annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two concise sentences with no fluff. First sentence covers purpose and scope, second adds usage guidance. Every part earns its place.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a quick-check tool with no output schema, the description adequately explains the return value (readiness score and next steps) and scope. It is complete for its intended use.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the baseline is 3. The description does not add additional meaning beyond what the schema provides for parameters.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states it performs a rapid gap analysis for EU DORA, specifying the exact articles covered (ICT continuity Art. 11, TLPT Art. 26, third-party risk Art. 27). It distinguishes from siblings by being a quick-check, not a full assessment or template browsing.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly guides users to a linked form for a full assessment, making it clear when not to use this tool. However, it does not explicitly mention alternatives among sibling tools.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

explore_compliance_frameworkExplore a compliance frameworkA
Read-onlyIdempotent
Inspect

Look up a compliance / regulatory framework by short id. Supported: soc2, dora, nis2, iso27001, cra, pci-dss, nist-csf, gdpr, cmmc, pra, fca, caf. Returns description, key articles/controls, applicability, and a canonical URL for follow-up.

ParametersJSON Schema
NameRequiredDescriptionDefault
framework_idYesFramework short id.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate readOnlyHint=true and idempotentHint=true, meaning safe, repeatable reads. The description adds transparency by detailing the return content (description, articles, applicability, URL), which goes beyond the annotations and helps the agent understand what to expect.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two sentences long and front-loaded with the primary action. It efficiently conveys purpose, supported values, and output. Minor improvement could be a structured list for frameworks, but it remains clear and concise.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's simplicity (one required parameter, no output schema, no nested objects), the description fully covers all needed information: what input is required, which values are valid, and what the response will contain. No gaps are present for an agent to correctly invoke the tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema covers 100% of parameters, listing the exact enum for framework_id. The description repeats the supported IDs in text, but adds no new semantic detail (e.g., format, case sensitivity). With full schema coverage, a score of 3 is appropriate as the description does not significantly enhance understanding beyond the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: look up a compliance framework by short id. It lists the supported frameworks and specifies what information is returned (description, key articles/controls, applicability, canonical URL), making it distinct from sibling tools like dora_readiness_assessment or browse_runbook_templates.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implicitly conveys when to use the tool—when details about a specific compliance framework are needed. However, it does not explicitly state when not to use it or suggest alternative tools. The sibling tool names provide context, but no direct comparisons are made.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

generate_bcp_plan_structureGenerate a Business Continuity Plan structureA
Read-onlyIdempotent
Inspect

Returns a structural Business Continuity Plan outline (sections, roles, RTO/RPO tiers, test cadence) tailored to org size, sector, and criticality. Structural only — no live procedures or tenant data. Use as a scaffold before populating with your specifics.

ParametersJSON Schema
NameRequiredDescriptionDefault
sectorYesIndustry sector.
org_sizeYes
regulatedNoIs the organisation in a regulated sector (financial, healthcare, critical infrastructure)?
criticality_tiersYesWhich criticality tiers the plan needs to cover.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations (readOnlyHint, idempotentHint) already indicate safe, repeatable behavior. The description adds valuable context: it returns a structural outline only, not operational procedures, and highlights no tenant data involvement. No contradictions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Three sentences, each essential: the first states core output, the second adds critical limitation, the third gives usage advice. Front-loaded with the verb 'Returns' and no fluff.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given moderate complexity (4 params, no output schema), the description adequately explains return content and limitations. It complements annotations well and fits neatly among siblings, though how 'tailoring' works could be elaborated.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 75% (three of four parameters described). The description echoes the required params (org_size, sector, criticality_tiers) but adds no extra syntax or format details. Baseline 3 is appropriate since schema does most of the work.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool returns a structural BCP outline with specific components (sections, roles, RTO/RPO tiers, test cadence), distinguishing it from siblings like browse_runbook_templates by emphasizing 'Structural only — no live procedures or tenant data.'

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description advises 'Use as a scaffold before populating with your specifics,' indicating when to use. It also provides exclusion by stating 'no live procedures or tenant data,' implying when not to use. While it doesn't explicitly name alternatives, the context is clear.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

search_learning_labSearch the ContinueOps Learning LabA
Read-onlyIdempotent
Inspect

Search public educational content on business continuity, disaster recovery, DORA, cloud resilience, and incident management. Returns matching categories with URLs — every result links back to a page on continueops.com.

ParametersJSON Schema
NameRequiredDescriptionDefault
limitNoMax results.
queryYesFree-text search query.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already declare readOnlyHint and idempotentHint, so the description's behavioral expectations are clear. The description adds that results are categories with URLs, which is consistent and transparent. No contradictions or hidden behaviors are mentioned.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is concise with two sentences, front-loading the purpose and output. Every sentence adds value without unnecessary fluff.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool has no output schema, the description adequately explains what is returned (categories with URLs). It covers purpose, parameters, and output sufficiently for a search tool with two parameters. No gaps are apparent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% with descriptions for both parameters. The description does not add significant new meaning beyond what the schema provides, only reiterating the output format. Baseline of 3 is appropriate as the schema already documents parameters adequately.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool searches public educational content on specific topics (business continuity, disaster recovery, DORA, etc.) and returns matching categories with URLs. It distinguishes itself from siblings like browse_runbook_templates and dora_readiness_assessment by focusing on general learning content rather than specific templates or assessments.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explains what the tool does but does not explicitly guide when to use it versus alternatives. The context from sibling names implies usage for general educational searches, but no explicit 'when to use' or 'when not to use' guidance is provided.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Discussions

No comments yet. Be the first to start the discussion!

Try in Browser

Your Connectors

Sign in to create a connector for this server.

Resources