Kloudle Cloud Security Scanner
Server Details
AWS cloud security scanners for AI agents — S3, IAM, EC2, EKS, RDS, CloudTrail, CloudWatch Logs
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 3.7/5 across 2 of 2 tools scored.
The two tools have clearly distinct purposes: 'get' retrieves detailed metadata and commands for a specific scanner binary, while 'search' finds scanners by capability with summary information. There is no overlap or ambiguity between these functions.
Both tools use simple, consistent verb-based names ('get' and 'search') that follow a predictable pattern. The naming is clean and uniform without any stylistic deviations.
With only two tools, the server feels under-scoped for a cloud security scanner domain. This minimal set may limit agent workflows, as typical security operations would benefit from more actions like scanning, reporting, or configuration management.
The tool surface is severely incomplete for cloud security scanning. While 'get' and 'search' provide access to scanner binaries, there are significant gaps: no tools to actually run scans, analyze results, manage configurations, or handle alerts, which are core to the domain.
Available Tools
2 toolsgetAInspect
Get full metadata, SHA256 hash, download URL, and ready-to-run shell command for a Kloudle scanner binary. Pass args to get a complete command; omit for a template with placeholders.
| Name | Required | Description | Default |
|---|---|---|---|
| args | No | CLI args as key-value pairs (e.g., {'region': 'us-east-1'}) | |
| name | Yes | Binary name (e.g., 'k5e-aws-s3') |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations provided, the description carries the full burden of behavioral disclosure. It describes what information is returned (metadata, hash, URL, shell command) and the conditional behavior based on args parameter, but doesn't mention authentication requirements, rate limits, error conditions, or response format details. It provides basic behavioral context but leaves significant gaps.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is perfectly concise with two sentences that each earn their place: the first establishes the core purpose and outputs, the second provides crucial usage guidance for the args parameter. No wasted words, front-loaded with essential information.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool has no annotations and no output schema, the description provides adequate coverage of what the tool does and basic parameter guidance, but leaves gaps in behavioral transparency (no auth/error/rate limit info) and doesn't describe the structure or format of the returned metadata. For a tool with 2 parameters and no structured output documentation, it's minimally viable but incomplete.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
With 100% schema description coverage, the schema already documents both parameters thoroughly. The description adds some semantic context by explaining the effect of including/omitting the 'args' parameter on the output, but doesn't provide additional meaning beyond what the schema descriptions already state for the parameters themselves.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the specific action ('Get full metadata, SHA256 hash, download URL, and ready-to-run shell command') and resource ('Kloudle scanner binary'), distinguishing it from the sibling 'search' tool by focusing on retrieving complete binary information rather than searching. It provides concrete details about what information is returned.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides clear context on when to use specific parameter configurations ('Pass args to get a complete command; omit for a template with placeholders'), but doesn't explicitly mention when to use this tool versus the sibling 'search' tool or any other alternatives. The guidance is helpful for parameter usage but lacks sibling differentiation.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
searchAInspect
Find Kloudle cloud security scanners by capability. Returns matching binaries with name, description, check count, and severity breakdown.
| Name | Required | Description | Default |
|---|---|---|---|
| query | Yes | Search query (e.g., 's3 encryption', 'iam', 'public access') |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description carries the full burden. It mentions the return format but does not disclose behavioral traits such as whether this is a read-only operation, potential rate limits, authentication requirements, error conditions, or how results are sorted/limited. The description is minimal beyond stating the basic function.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is a single, well-structured sentence that efficiently conveys the tool's purpose, search criteria, and return format without unnecessary words. It is appropriately sized and front-loaded with the core functionality.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool has no annotations, no output schema, and a simple input schema, the description is adequate for a basic search tool but lacks completeness. It covers what the tool does and what it returns, but misses behavioral context like safety, performance, or error handling that would be helpful for an agent.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema description coverage is 100%, so the schema already documents the single 'query' parameter with an example. The description does not add any additional meaning or semantics beyond what the schema provides, such as query syntax or matching behavior. Baseline 3 is appropriate when schema coverage is high.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the verb ('Find') and resource ('Kloudle cloud security scanners by capability'), specifies what is returned ('matching binaries with name, description, check count, and severity breakdown'), and distinguishes from the sibling 'get' tool by focusing on search functionality rather than direct retrieval. It provides specific details about the search scope and output format.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies usage for searching scanners by capability, but does not explicitly state when to use this tool versus the 'get' sibling tool or provide any exclusions or alternatives. It offers some context through the example query in the schema, but lacks explicit guidance on tool selection.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!