Skip to main content
Glama

Server Details

Post-quantum, tamper-evident receipts for agent actions. Ed25519 + ML-DSA-65, offline verify.

Status
Healthy
Last Tested
Transport
Streamable HTTP
URL

Glama MCP Gateway

Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.

MCP client
Glama
MCP server

Full call logging

Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.

Tool access control

Enable or disable individual tools per connector, so you decide what your agents can and cannot do.

Managed credentials

Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.

Usage analytics

See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.

100% free. Your data is private.
Tool DescriptionsB

Average 3.6/5 across 4 of 4 tools scored. Lowest: 2.8/5.

Server CoherenceA
Disambiguation5/5

Each tool targets a distinct purpose: auditing tool risk, minting generic receipts, minting CRM-specific receipts, and verifying receipts. Descriptions clearly differentiate inputs and outputs, minimizing confusion.

Naming Consistency5/5

All tools follow a verb_noun pattern with underscores (audit_*, mint_*, mint_*, verify_*), maintaining a consistent style. The nouns are descriptive of the specific functionality, ensuring clarity.

Tool Count5/5

Four tools is a well-scoped set for a specialized receipt management and auditing server. Each tool serves a distinct role without unnecessary bloat.

Completeness5/5

The tool set covers creation of receipts (generic and specific), verification, and an inventory auditing feature. This appears complete for the server's stated purpose with no obvious gaps.

Available Tools

4 tools
audit_my_agent_inventoryAInspect

Rank a CALLER-PROVIDED list of MCP tools by worst-regret if they act, with a signed receipt. Cannot auto-discover the inventory -- MCP does not allow that; the caller must pass it in.

ParametersJSON Schema
NameRequiredDescriptionDefault
notesNo
inventoryYes

Output Schema

ParametersJSON Schema
NameRequiredDescription
resultYes
Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

The description discloses the important constraint that MCP does not allow auto-discovery, which is a behavioral trait. However, it does not explain what 'worst-regret' means or describe the signed receipt's content or side effects. Since no annotations are provided, the description could have added more behavioral context.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is extremely concise at two sentences, with no superfluous content. It front-loads the primary purpose and immediately follows with a critical constraint.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

The description is incomplete given the tool's complexity and lack of annotations. It fails to explain the meaning of 'worst-regret', the format of the receipt output (despite an output schema existing), or how the ranking is performed. The constraint mention is helpful, but overall gaps remain.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters2/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The schema coverage is 0%, so the description must compensate. It explains that 'inventory' is a caller-provided list of MCP tools, but does not describe the expected structure of items in the array or the purpose of the optional 'notes' parameter. This leaves significant ambiguity.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states that the tool ranks a caller-provided list of MCP tools by worst-regret and returns a signed receipt. It explicitly distinguishes itself from siblings by mentioning the ranking function and the constraint that it cannot auto-discover the inventory.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explains when to use the tool (when a caller-provided list is available) and explicitly states a key constraint (cannot auto-discover). It does not explicitly say when not to use or mention alternatives, but the sibling tools are clearly different (minting/verifying receipts).

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

mint_action_receiptCInspect

Mint a post-quantum receipt for an arbitrary consequential agent action.

ParametersJSON Schema
NameRequiredDescriptionDefault
inputsNo
policyNoagent action evidence
targetYes
agent_idYes
decisionNoACTION_GOVERNED
operationYes

Output Schema

ParametersJSON Schema
NameRequiredDescription
resultYes
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, and the description does not disclose any behavioral traits such as side effects, authentication requirements, or concurrency implications. For a mutation tool, this is insufficient.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness2/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single short sentence, which is concise but too terse given the tool's complexity (6 parameters, no schema descriptions). It sacrifices necessary detail for brevity.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

With 6 parameters, no annotations, and an output schema not explained, the description is incomplete. It does not clarify when to use this tool over the sibling 'mint_receipt_for_record_change', nor does it describe return values.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters1/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 0% description coverage, meaning no parameter descriptions exist in the schema. The tool description does not explain any of the 6 parameters (3 required), leaving the agent to guess their semantics from names alone.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the verb (mint), the resource (post-quantum receipt), and the context (arbitrary consequential agent action). It distinguishes itself from sibling tools like 'mint_receipt_for_record_change' which is more specific.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies it's for minting receipts for consequential actions, but it lacks explicit when-to-use or when-not-to-use guidance, and does not mention alternatives or prerequisites.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

mint_receipt_for_record_changeBInspect

Mint a post-quantum receipt for one CRM record change. Old/new values are carried as SHA-256 hashes. Works with any CRM (Relaticle, hosted CRMs, custom).

ParametersJSON Schema
NameRequiredDescriptionDefault
fieldYes
policyNoper-decision CRM change evidence
tenantNo
new_valueYes
old_valueYes
record_idYes
object_typeYes
changed_by_agentYes

Output Schema

ParametersJSON Schema
NameRequiredDescription
resultYes
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description must carry behavioral transparency. It mentions post-quantum receipt and SHA-256 hashes but omits idempotency, error handling, authorization needs, or side effects. Significant gaps remain.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two sentences, front-loading the primary purpose. Every word is informative, with no redundancy or filler.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

With 8 parameters and an output schema, the description is too sparse. It fails to explain what a post-quantum receipt is, how to compute SHA-256 hashes, or the role of policy and tenant. The output schema reduces some need but not enough for a tool of this complexity.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters2/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description should explain parameters. It only hints that old_value and new_value are SHA-256 hashes, leaving the other six parameters (record_id, object_type, field, changed_by_agent, policy, tenant) unexplained. The description adds minimal value beyond the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool mints a post-quantum receipt for a CRM record change, using specific verbs and resource. It distinguishes from siblings like mint_action_receipt and verify_receipt by focusing on record changes.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage for CRM record changes but lacks explicit when-to-use or when-not-to-use guidance. No alternatives are mentioned, leaving the agent to infer context from the name and sibling list.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

verify_receiptAInspect

Verify a Trust Gate receipt from the certificate alone (offline). require_pq=True (default via OAO_REQUIRE_PQ) FAILS if the ML-DSA-65 or SLH-DSA legs are missing -- defends against signature-stripping downgrade attacks.

ParametersJSON Schema
NameRequiredDescriptionDefault
receiptYes
require_pqNo

Output Schema

ParametersJSON Schema
NameRequiredDescription
resultYes
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Discloses key behavioral trait: require_pq=True fails if certain signature legs missing, preventing downgrade attacks. Mentions offline verification but does not describe return values or error conditions. With no annotations, description carries full burden and does a good job but leaves some gaps.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences, no wasted words. First sentence states main purpose, second sentence adds critical parameter detail. Front-loaded and efficient.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given output schema exists and siblings are distinct, description covers purpose and key parameter behavior. Missing explanation of return values, but output schema likely covers that. A well-rounded description.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Adds meaning beyond schema: explains require_pq parameter behavior and default; clarifies receipt is a certificate verified offline. With 0% schema coverage, this adds significant value, though receipt structure is not detailed.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Clearly states verb (Verify), resource (Trust Gate receipt), and mode (offline from certificate alone). Differentiates from sibling tools which involve minting or auditing.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Implies usage for offline verification; mentions parameter behavior that defends against downgrade attacks, providing context for when to set require_pq. Could explicitly state when not to use or alternatives.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Discussions

No comments yet. Be the first to start the discussion!

Try in Browser

Your Connectors

Sign in to create a connector for this server.

Resources