Trust Gate
Server Details
Post-quantum, tamper-evident receipts for agent actions. Ed25519 + ML-DSA-65, offline verify.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 3.6/5 across 4 of 4 tools scored. Lowest: 2.8/5.
Each tool targets a distinct purpose: auditing tool risk, minting generic receipts, minting CRM-specific receipts, and verifying receipts. Descriptions clearly differentiate inputs and outputs, minimizing confusion.
All tools follow a verb_noun pattern with underscores (audit_*, mint_*, mint_*, verify_*), maintaining a consistent style. The nouns are descriptive of the specific functionality, ensuring clarity.
Four tools is a well-scoped set for a specialized receipt management and auditing server. Each tool serves a distinct role without unnecessary bloat.
The tool set covers creation of receipts (generic and specific), verification, and an inventory auditing feature. This appears complete for the server's stated purpose with no obvious gaps.
Available Tools
4 toolsaudit_my_agent_inventoryAInspect
Rank a CALLER-PROVIDED list of MCP tools by worst-regret if they act, with a signed receipt. Cannot auto-discover the inventory -- MCP does not allow that; the caller must pass it in.
| Name | Required | Description | Default |
|---|---|---|---|
| notes | No | ||
| inventory | Yes |
Output Schema
| Name | Required | Description |
|---|---|---|
| result | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
The description discloses the important constraint that MCP does not allow auto-discovery, which is a behavioral trait. However, it does not explain what 'worst-regret' means or describe the signed receipt's content or side effects. Since no annotations are provided, the description could have added more behavioral context.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is extremely concise at two sentences, with no superfluous content. It front-loads the primary purpose and immediately follows with a critical constraint.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
The description is incomplete given the tool's complexity and lack of annotations. It fails to explain the meaning of 'worst-regret', the format of the receipt output (despite an output schema existing), or how the ranking is performed. The constraint mention is helpful, but overall gaps remain.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The schema coverage is 0%, so the description must compensate. It explains that 'inventory' is a caller-provided list of MCP tools, but does not describe the expected structure of items in the array or the purpose of the optional 'notes' parameter. This leaves significant ambiguity.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states that the tool ranks a caller-provided list of MCP tools by worst-regret and returns a signed receipt. It explicitly distinguishes itself from siblings by mentioning the ranking function and the constraint that it cannot auto-discover the inventory.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description explains when to use the tool (when a caller-provided list is available) and explicitly states a key constraint (cannot auto-discover). It does not explicitly say when not to use or mention alternatives, but the sibling tools are clearly different (minting/verifying receipts).
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
mint_action_receiptCInspect
Mint a post-quantum receipt for an arbitrary consequential agent action.
| Name | Required | Description | Default |
|---|---|---|---|
| inputs | No | ||
| policy | No | agent action evidence | |
| target | Yes | ||
| agent_id | Yes | ||
| decision | No | ACTION_GOVERNED | |
| operation | Yes |
Output Schema
| Name | Required | Description |
|---|---|---|
| result | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, and the description does not disclose any behavioral traits such as side effects, authentication requirements, or concurrency implications. For a mutation tool, this is insufficient.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is a single short sentence, which is concise but too terse given the tool's complexity (6 parameters, no schema descriptions). It sacrifices necessary detail for brevity.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
With 6 parameters, no annotations, and an output schema not explained, the description is incomplete. It does not clarify when to use this tool over the sibling 'mint_receipt_for_record_change', nor does it describe return values.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The input schema has 0% description coverage, meaning no parameter descriptions exist in the schema. The tool description does not explain any of the 6 parameters (3 required), leaving the agent to guess their semantics from names alone.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the verb (mint), the resource (post-quantum receipt), and the context (arbitrary consequential agent action). It distinguishes itself from sibling tools like 'mint_receipt_for_record_change' which is more specific.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies it's for minting receipts for consequential actions, but it lacks explicit when-to-use or when-not-to-use guidance, and does not mention alternatives or prerequisites.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
mint_receipt_for_record_changeBInspect
Mint a post-quantum receipt for one CRM record change. Old/new values are carried as SHA-256 hashes. Works with any CRM (Relaticle, hosted CRMs, custom).
| Name | Required | Description | Default |
|---|---|---|---|
| field | Yes | ||
| policy | No | per-decision CRM change evidence | |
| tenant | No | ||
| new_value | Yes | ||
| old_value | Yes | ||
| record_id | Yes | ||
| object_type | Yes | ||
| changed_by_agent | Yes |
Output Schema
| Name | Required | Description |
|---|---|---|
| result | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description must carry behavioral transparency. It mentions post-quantum receipt and SHA-256 hashes but omits idempotency, error handling, authorization needs, or side effects. Significant gaps remain.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is two sentences, front-loading the primary purpose. Every word is informative, with no redundancy or filler.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
With 8 parameters and an output schema, the description is too sparse. It fails to explain what a post-quantum receipt is, how to compute SHA-256 hashes, or the role of policy and tenant. The output schema reduces some need but not enough for a tool of this complexity.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema description coverage is 0%, so the description should explain parameters. It only hints that old_value and new_value are SHA-256 hashes, leaving the other six parameters (record_id, object_type, field, changed_by_agent, policy, tenant) unexplained. The description adds minimal value beyond the schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool mints a post-quantum receipt for a CRM record change, using specific verbs and resource. It distinguishes from siblings like mint_action_receipt and verify_receipt by focusing on record changes.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies usage for CRM record changes but lacks explicit when-to-use or when-not-to-use guidance. No alternatives are mentioned, leaving the agent to infer context from the name and sibling list.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
verify_receiptAInspect
Verify a Trust Gate receipt from the certificate alone (offline). require_pq=True (default via OAO_REQUIRE_PQ) FAILS if the ML-DSA-65 or SLH-DSA legs are missing -- defends against signature-stripping downgrade attacks.
| Name | Required | Description | Default |
|---|---|---|---|
| receipt | Yes | ||
| require_pq | No |
Output Schema
| Name | Required | Description |
|---|---|---|
| result | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Discloses key behavioral trait: require_pq=True fails if certain signature legs missing, preventing downgrade attacks. Mentions offline verification but does not describe return values or error conditions. With no annotations, description carries full burden and does a good job but leaves some gaps.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Two sentences, no wasted words. First sentence states main purpose, second sentence adds critical parameter detail. Front-loaded and efficient.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given output schema exists and siblings are distinct, description covers purpose and key parameter behavior. Missing explanation of return values, but output schema likely covers that. A well-rounded description.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Adds meaning beyond schema: explains require_pq parameter behavior and default; clarifies receipt is a certificate verified offline. With 0% schema coverage, this adds significant value, though receipt structure is not detailed.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Clearly states verb (Verify), resource (Trust Gate receipt), and mode (offline from certificate alone). Differentiates from sibling tools which involve minting or auditing.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Implies usage for offline verification; mentions parameter behavior that defends against downgrade attacks, providing context for when to set require_pq. Could explicitly state when not to use or alternatives.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!