yultrace-audit
Server Details
EVM contract Slither audit + verified source fetch via Blockscout (no API key).
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 3.9/5 across 3 of 3 tools scored.
Each tool has a clearly distinct purpose with no overlap: audit_contract runs security analysis, fetch_contract_source retrieves source code, and supported_chains provides configuration information. The descriptions explicitly clarify that fetch_contract_source is a complement to audit_contract for different use cases, eliminating any potential confusion.
All three tools follow a consistent verb_noun pattern (audit_contract, fetch_contract_source, supported_chains) with clear, descriptive names that match their functions. There are no deviations in naming conventions or style mixing.
With only 3 tools, the set feels thin for an audit server that might benefit from additional operations like detailed report generation, vulnerability filtering, or historical audit tracking. While the core functions are covered, the limited count may restrict agent workflows in more complex scenarios.
The tools cover the essential audit workflow: retrieving source code, running analysis, and checking supported chains. However, there are minor gaps such as the inability to customize audit parameters, save or compare audit results, or handle non-verified contracts, which agents might need to work around.
Available Tools
3 toolsaudit_contractBInspect
Run Slither on a verified EVM contract and return a finding summary.
| Name | Required | Description | Default |
|---|---|---|---|
| chain | No | One of ethereum, base, optimism, arbitrum, polygon, gnosis, scroll, linea, blast, zksync (or short aliases mainnet / optim / arbi / poly). Default: ethereum. | ethereum |
| address | Yes | 0x-prefixed 40-hex-character contract address. |
Output Schema
| Name | Required | Description |
|---|---|---|
No output parameters | ||
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations provided, the description carries the full burden of behavioral disclosure. It mentions running Slither (a security analysis tool) but doesn't describe execution characteristics like time requirements, rate limits, authentication needs, or what happens with unverified contracts. This leaves significant behavioral gaps.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is a single, efficient sentence with zero wasted words. It's appropriately sized and front-loaded with the core functionality, making it easy to understand quickly.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool has an output schema (which handles return values) and 100% schema coverage, the description is reasonably complete for its purpose. However, as a security analysis tool with no annotations, it could benefit from more behavioral context about execution characteristics and limitations.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema description coverage is 100%, so the schema fully documents both parameters. The description adds no additional parameter semantics beyond what's already in the schema (chain selection and address format). This meets the baseline expectation when schema coverage is complete.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the specific action ('Run Slither'), target resource ('verified EVM contract'), and outcome ('return a finding summary'). It distinguishes this tool from its sibling 'supported_chains' by focusing on contract analysis rather than chain listing.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides no guidance on when to use this tool versus alternatives, prerequisites (e.g., contract verification), or exclusions. It simply states what the tool does without contextual usage information.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
fetch_contract_sourceAInspect
Return the verified Solidity source of a contract (no Slither).
Complement to audit_contract: for clients that want to run their own
analyser, diff against a local fork, or just read the deployed source.
| Name | Required | Description | Default |
|---|---|---|---|
| chain | No | One of the supported aliases (see ``supported_chains``). Default: ethereum. | ethereum |
| address | Yes | 0x-prefixed 40-hex-character contract address. | |
| include_contents | No | If ``False``, omit file bodies and return only the file list + sizes. Default: ``True``. |
Output Schema
| Name | Required | Description |
|---|---|---|
No output parameters | ||
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations provided, the description carries full burden for behavioral disclosure. It mentions the tool returns 'verified Solidity source' and clarifies it's 'no Slither,' which adds useful context about what's excluded. However, it doesn't address potential limitations like rate limits, authentication requirements, or error conditions that would be important for a tool fetching external contract data.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is extremely efficient with just two sentences that each serve distinct purposes: the first states the core functionality, the second provides usage context and sibling differentiation. There's zero wasted text, and the information is front-loaded appropriately.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the existence of an output schema (which handles return values), 100% parameter schema coverage, and the description's clear purpose and usage guidance, this is quite complete. The main gap is the lack of behavioral context about limitations or requirements, which is somewhat mitigated by the tool's read-only nature implied by 'fetch' and 'return' terminology.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
With 100% schema description coverage, the schema already documents all three parameters thoroughly. The description doesn't add any parameter-specific information beyond what's in the schema, so it meets the baseline expectation but doesn't provide additional value regarding parameter usage or semantics.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the specific action ('Return the verified Solidity source') and resource ('of a contract'), and explicitly distinguishes it from sibling tool 'audit_contract' by stating it's a 'complement' that doesn't include Slither analysis. This provides excellent differentiation.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides explicit guidance on when to use this tool versus alternatives: it's for 'clients that want to run their own analyser, diff against a local fork, or just read the deployed source,' and specifically mentions it's a complement to 'audit_contract' (which presumably includes Slither analysis). This gives clear context for tool selection.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
supported_chainsAInspect
Return the list of chain aliases the audit tool accepts.
| Name | Required | Description | Default |
|---|---|---|---|
No parameters | |||
Output Schema
| Name | Required | Description |
|---|---|---|
| result | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations provided, the description carries full burden. It clearly indicates this is a read-only operation that returns a list, but doesn't disclose behavioral traits like response format, error conditions, or performance characteristics. The description adds basic context but lacks depth.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Single sentence with zero wasted words. Front-loads the core action ('Return') immediately, followed by the exact resource. Every element serves a clear purpose in communicating the tool's function.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool's simplicity (no parameters, has output schema), the description provides sufficient context about what the tool does and why. The output schema will handle return value documentation, so the description appropriately focuses on purpose rather than output details.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The tool has zero parameters with 100% schema description coverage. The description appropriately doesn't discuss parameters since none exist, maintaining focus on the tool's purpose. This exceeds the baseline expectation for parameterless tools.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the specific action ('Return') and resource ('list of chain aliases'), with explicit mention of the audit tool context. It distinguishes from the sibling 'audit_contract' tool by focusing on metadata retrieval rather than contract auditing.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies usage context ('the audit tool accepts'), suggesting this tool should be used to discover valid inputs for the sibling audit tool. However, it lacks explicit guidance on when NOT to use it or direct comparison with alternatives.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!