compliance-evidence
Server Details
Dated, signed compliance-evidence packs: gov-fact-grounded claims + exclusion screens + trap-facts.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 3.9/5 across 4 of 4 tools scored.
Each tool has a clearly distinct purpose: building a pack, grounding a claim, screening an entity, and verifying a pack. There is no overlap or ambiguity between them.
All tool names follow a consistent verb_noun pattern (build_evidence_pack, ground_claim, screen_entity, verify_pack), with clear and descriptive names.
With 4 tools, the set is well-scoped for a focused compliance-evidence server. Each tool serves a necessary function without being too many or too few.
The tools cover the core workflow of building, checking, and verifying evidence. Minor gaps like listing or updating packs exist but are not essential for the primary purpose.
Available Tools
4 toolsbuild_evidence_packAInspect
Build a dated, source-linked, SIGNED compliance-evidence pack for a regulated-AI deployer to file with their auditor. Grounds each ticker's claims against CURRENT public gov facts (contradiction-engine: SEC 10-K vs USAspending), screens each named entity against federal exclusion/sanctions (exclude-feed: OFAC/LEIE/SAM), and runs N trap-fact refusals (planted false facts refuted by live public data). Output is an EVIDENCE ARTIFACT with a hash-chain receipt — NOT a 'you are compliant' claim.
| Name | Required | Description | Default |
|---|---|---|---|
| traps | No | Optional custom trap-fact battery; omit to use the default battery. | |
| tickers | No | Public-company tickers whose disclosure claims to ground (max 10). | |
| entities | No | Named entities to screen: [{name, npi?, uei?, state?}] (max 20). |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations provided, so description carries full burden. It discloses that the tool does not make compliance claims, uses trap-fact refusals, and outputs a hash-chain receipt. Transparent about limitations and methodology.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is a single dense paragraph; it is informative but could be better structured with bullet points for clarity. No wasted sentences.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given three parameters and no output schema, the description sufficiently explains what the tool produces (EVIDENCE ARTIFACT with hash-chain receipt) and how parameters relate. Minor gap: no details on ticket processing other than grounding.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% with descriptions. Description adds value beyond schema by explaining trap-fact battery default, max limits on tickers and entities, and entity format expectations.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Description clearly states the tool builds a compliance-evidence pack for a regulated-AI deployer, specifying it is dated, source-linked, and signed. It distinguishes from siblings by detailing unique features like contradiction engine and exclusion screening.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies use in regulatory compliance contexts but does not explicitly compare to siblings like ground_claim or screen_entity. No when-not-to-use guidance is provided.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
ground_claimAInspect
Ground one public-company claim against CURRENT gov facts via the live contradiction-engine. Returns the dual-cited record if a verifiable 10-K-vs-USAspending contradiction exists, else an HONEST null ('checked, no contradiction at medium/high confidence as of T') — itself audit evidence.
| Name | Required | Description | Default |
|---|---|---|---|
| ticker | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description carries full burden. It clearly states the tool returns a dual-cited record if a contradiction exists, otherwise an explicit null message describing the check result. It also mentions 'live contradiction-engine' and 'audit evidence', providing strong behavioral context.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is a single sentence but packed with relevant details. It is not overly verbose, though splitting into multiple sentences could improve readability.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the lack of annotations and output schema, the description explains the core behavior and return values. However, it omits details about what constitutes a 'claim', error scenarios, and how the ticker parameter is used. The tool is simple, so the gaps are noticeable.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The schema has 0% description coverage for the single required parameter 'ticker'. The description mentions 'one public-company claim' but does not define how the claim is identified or that 'ticker' is the stock symbol. This leaves ambiguity about the parameter's role.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description specifies the action 'Ground' a public-company claim against government facts using a contradiction engine, and clearly states the output conditions. However, the verb 'Ground' is jargon and not immediately clear, and the description does not explicitly distinguish from sibling tools.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies the tool is used when you have a public-company claim to verify, but it does not provide explicit when-to-use or when-not-to-use guidance, nor does it mention alternatives among siblings.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
screen_entityAInspect
Screen a named entity across federal exclusion/sanctions lists (OFAC SDN, OFAC Consolidated, OIG LEIE; SAM where enabled) via the live exclude-feed. FCRA-safe KYB/sanctions screen, not a consumer report.
| Name | Required | Description | Default |
|---|---|---|---|
| npi | No | ||
| uei | No | ||
| name | Yes | ||
| state | No |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations provided, so description carries full burden. It discloses checking specific lists (OFAC SDN, OFAC Consolidated, OIG LEIE; SAM where enabled), being live via exclude-feed, and being FCRA-safe. This adds useful behavioral context beyond just 'screen entity'.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Two sentences, front-loaded with the core action and specific lists, followed by legal context. Every sentence adds value without redundancy.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
The description explains purpose and usage well but omits parameter semantics and output behavior. With 4 parameters and no output schema, the description could do more to guide the agent on how to use optional fields (npi, uei, state) and what the result looks like.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 0% (no parameter descriptions in schema). Description does not explain any of the four parameters (npi, uei, name, state) beyond implying 'name' is the entity to screen. It fails to add meaning to the parameters, which is a significant gap given the schema has no descriptions itself.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Description clearly states it screens a named entity across federal exclusion/sanctions lists, specifying exact lists (OFAC SDN, etc.). It distinguishes from sibling tools (build_evidence_pack, ground_claim, verify_pack) which are not about screening.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Description gives clear usage context: FCRA-safe KYB/sanctions screening, explicitly stating it is not a consumer report. While it doesn't give explicit when-not-to-use or alternatives, the context is sufficient for an agent to understand when to invoke.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
verify_packAInspect
Verify a previously-issued pack's hash-chain receipt (proves the artifact is unaltered since generatedAt). Pass the pack id.
| Name | Required | Description | Default |
|---|---|---|---|
| id | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description carries the burden. It mentions 'hash-chain receipt' and 'unaltered' but does not disclose behavioral traits like error handling, side effects, or whether it is a read-only operation. Adequate but could be more explicit.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Two sentences with no wasted words. The description is front-loaded with the core action and purpose. Every sentence earns its place.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given no output schema and no annotations, the description lacks details about return values, verification failure indicators, or what a 'hash-chain receipt' entails. It is incomplete for a verification tool.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema description coverage is 0%, yet the description only says 'Pass the pack id.' This adds minimal value beyond the schema, which already indicates 'id' is a required string. It does not explain format or constraints.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the verb 'Verify' and specifies the resource ('pack's hash-chain receipt'). It explains the purpose ('proves the artifact is unaltered since generatedAt') and distinguishes from sibling tools like 'build_evidence_pack' and 'ground_claim'.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description instructs to 'pass the pack id', providing clear usage context. However, it lacks explicit guidance on when not to use the tool or mention of alternatives, though the context is unambiguous.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!