Zephex
Server Details
MCP gateway with 10 tools for code analysis, architecture, package audit & security.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 4.6/5 across 10 of 10 tools scored.
All tools have clearly distinct purposes—code search, reading, architecture, package check, test run, project orientation, reasoning, memory, and knowledge base—with no overlapping functionality that would cause confusion.
Most tools follow the verb_noun pattern (e.g., check_package, find_code, read_code), but project_memory and Zephex_dev_info deviate from this convention, slightly reducing consistency.
With 10 tools, the set is well-scoped for its purpose as a coding assistance server; each tool covers a distinct aspect without being excessive or insufficient.
The tool set covers code understanding, search, architecture, testing, package verification, and knowledge retrieval, but lacks tools for direct code modification or version control, which are common in development workflows.
Available Tools
10 toolsaudit_headersAudit HTTP HeadersARead-onlyIdempotentInspect
Site Audit — full HTTP intelligence for a public URL in one call. Security grade A–F (headers, SSL/TLS, cookies, redirects, CORS, CDN), health verdict ALIVE/DEGRADED/BROKEN + trust score, tech stack (framework/hosting/CDN/third-party), secret scan (scan_depth=quick: light HTML/3 bundles; scan_depth=deep: full supply URL phase with JWT decode, source maps, path probes, live verification), and HTTP request timing. Default probe_engine=fetch (HTTP, 1–3s quick / 8–12s deep secrets). Optional probe_engine=browser runs headless Chrome on Zephex servers (AWS worker when SITE_SQS_QUEUE_URL is set, else in-process Chromium) for real JS console errors and browser network capture — security headers still use raw HTTP fetch. CALL when: user pastes a URL; post-deploy security check; cert expiry or HSTS/CSP questions; cookie flag audit; redirect chain; is the site up; what framework; exposed secrets on a live page; JS console errors (probe_engine=browser). RETURNS: product (site_audit), duration_ms, plain_summary, fix_first, summary (security_grade, site_verdict, trust_score, load_ms, secrets_critical, secrets_verified, supply_paths_probed, supply_headers_grade), health (probe_engine, console_errors when browser), tech, secrets (findings, scan_meta, scan_depth), network, issues[], ssl, security_headers, cookie_flags, redirect_chain, infra, dns (security_depth=full only). LIMITS: Public hostnames on ports 80/443 only. Blocks localhost, private IPs, and URLs with embedded credentials. probe_engine=browser requires server-side Chromium or cloud worker — gracefully falls back to fetch with probe_fallback_warning if unavailable. Rate limit: one scan per hostname per 5 seconds.
| Name | Required | Description | Default |
|---|---|---|---|
| url | Yes | The https:// URL to audit (public endpoints only) | |
| path | No | Optional subpath (e.g. /checkout) — appended to url | |
| focus | No | Trim output layers (default: all) | |
| check_ssl | No | Check SSL certificate validity, expiry, and protocol (default: true) | |
| scan_mode | No | quick=~1-3s (default); thorough=DNS+APIs+secrets ~5-12s | |
| check_apis | No | Probe /api/health and common API paths — adds ~1-2s (default: false) | |
| check_tech | No | Tech stack: framework, hosting, CDN, third-party (default: true) | |
| scan_depth | No | quick=light scan, 3 bundles (default); deep=full supply URL phase with JWT decode, source maps, verification (~8-12s) | |
| timeout_ms | No | Max scan time in ms (default: 8000, max: 15000) | |
| check_health | No | Site health: verdict, trust score, load time, page title (default: true) | |
| probe_engine | No | fetch=HTTP only (default); browser=headless Chrome on Zephex servers for console errors + browser network (falls back to fetch with warning if unavailable) | |
| check_cookies | No | Check cookie Secure/HttpOnly/SameSite flags (default: true) | |
| check_headers | No | Grade all security headers and return fix snippets when include_fix_snippets=true (default: true) | |
| check_network | No | HTTP network timing table — slow requests, API probes (default: true) | |
| check_secrets | No | Secret scan: HTML/JS keys, exposed .env/.git, GraphQL (default: true; depth via scan_depth) | |
| security_depth | No | basic=fast (default); full adds DNS SPF/DMARC/DKIM + HSTS preload lookup | |
| check_redirects | No | Follow and audit the full redirect chain (default: true) | |
| include_fix_snippets | No | Include Nginx/Vercel/Next fix snippets — token-heavy (default: false) |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations declare readOnlyHint, openWorldHint, idempotentHint, destructiveHint=false. The description adds valuable behavioral details: probe_engine fallback behavior ('gracefully falls back to fetch with probe_fallback_warning'), scan timing differences (quick vs deep), rate limit ('one scan per hostname per 5 seconds'), and constraints on ports and IPs. No contradictions with annotations.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is comprehensive but verbose, spanning multiple paragraphs with extensive enumeration of return fields and edge cases. While well-structured (overview, usage, returns, limits), it could be more concise by moving some detail to parameter descriptions.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
With no output schema, the description thoroughly documents return structure (product, duration_ms, summary, health, tech, secrets, network, issues, ssl, etc.), covers all parameter behaviors, and addresses limitations, rate limits, and fallback logic. This compensates fully for the lack of output schema.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema description coverage is 100%, so baseline is 3. The description adds value by clarifying scan_depth modes ('quick=light scan, 3 bundles; deep=full supply URL phase with JWT decode, source maps, verification ~8-12s') and probe_engine fallback. However, some parameter details (like default values) are already in the schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description begins with a clear, specific statement: 'Site Audit — full HTTP intelligence for a public URL in one call.' It enumerates core capabilities (security grade, health, tech stack, secrets, timing) and distinctly separates this tool from siblings like `check_package` or `read_code`, which focus on code analysis.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description explicitly lists concrete call scenarios: 'CALL when: user pastes a URL; post-deploy security check; cert expiry or HSTS/CSP questions; ...' It also states limitations (public hostnames only, blocks localhost/private IPs, rate limiting), providing clear when-to-use and when-not-to-use guidance.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
check_packageCheck PackageARead-onlyIdempotentInspect
Verify any package on live registries before install — and plan upgrades from GitHub release notes. One tool, 5 tasks via task: check (default), upgrade, security, migrate, debug. Each task returns focus, summary, data, hint, related_tasks, next_calls, meta. Use for frameworks (next, react, vite, express), payments (stripe), auth (next-auth, @clerk/nextjs, passport), databases (prisma, drizzle-orm, pg), and any dep on npm/PyPI/cargo/gem/go/maven/nuget/packagist/pub/hex/cocoapods/spm. Version resolution: pass version/from_version, or source:github:owner/repo to read the pinned version from package.json via GitHub API (primary path for hosted MCP upgrades). Workflow: get_project_context({ topic: "integrations" }) → check_package({ task: "check" }) → task=security if vulnerable → task=upgrade with from_version when bumping. task=upgrade|migrate parses GitHub releases for breaking_changes, migration_steps, code_example, advisories. DO NOT use for repo orientation (get_project_context), lockfile transitive audit (npm audit), API docs (Context7), or install verification (project_memory). Read-only.
| Name | Required | Description | Default |
|---|---|---|---|
| task | No | Slice selector (each returns different data): check=exists/slopsquat/CVE gate; upgrade|migrate=GitHub release breaking_changes+migration_steps; security=CVEs only; debug=advisories+code_example. | check |
| source | No | Where to read your pinned version: github:owner/repo (hosted MCP — fetches package.json from GitHub API) or local (stdio only, reads disk). Example: github:vercel/next.js | |
| channel | No | INTERNAL: Zephex terminal CLI only. Agents must omit — returns richer fields than agent-safe JSON. | |
| package | Yes | Registry package name: stripe, next, prisma, django, tokio, @supabase/supabase-js, androidx.compose.ui:ui (Maven group:artifact). | |
| version | No | Installed/pinned version for task=check — scopes your_version_affected. Omit when using source:github:owner/repo. | |
| cli_depth | No | INTERNAL: CLI terminal depth. Agents must omit. | |
| ecosystem | No | Registry to query (default: npm, auto-detected from package name when possible) | |
| from_version | No | Version upgrading FROM for task=upgrade|migrate — required unless source:github:owner/repo resolves it from package.json. |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations include readOnlyHint=true, idempotentHint=true, destructiveHint=false, and the description explicitly ends with 'Read-only', consistent with the annotation. The description adds behavioral context: 'Each task returns focus, summary, data, hint, related_tasks, next_calls, meta' and explains version resolution via GitHub API. No contradiction.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is dense but well-structured: it opens with the main purpose, then lists tasks, use cases, workflow, and exclusions. At ~150 words, it is somewhat verbose but efficiently packs essential details. Front loading is good.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given 8 parameters and no output schema, the description thoroughly explains return fields per task, version resolution, workflow steps, and ecosystem support. It covers all necessary context for an AI agent to correctly invoke the tool.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% with descriptions for all 8 parameters. The description adds context beyond the schema, such as explaining the 'source' parameter's behaviors (github:owner/repo vs local) and the workflow for 'from_version' and 'version'. While the schema already does a good job, the description enriches understanding.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool's purpose: 'Verify any package on live registries before install — and plan upgrades from GitHub release notes.' It lists five specific tasks (check, upgrade, security, migrate, debug) and explicitly distinguishes from sibling tools like get_project_context and project_memory via a 'DO NOT use' list.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides explicit when-to-use scenarios (frameworks, payments, auth, databases, any dep) and when-not-to-use (repo orientation, lockfile audit, API docs, install verification). It also provides a concrete workflow example: get_project_context → check_package → task=security → task=upgrade.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
check_testTest PulseARead-onlyInspect
Run project tests and return structured health — per-file pass/fail counts, coverage %, failures with Expected/Received, broken_areas (grouped by module), fix_first bullets, failure_clusters (same-root-cause grouping), coverage_by_area (per-module lcov rollup), blind_spots (flaky/patch/missing-test warnings), triage bundle, area_graph, graph_mermaid, health. task:why for follow-ups. Cheaper than parsing 600-line test logs — run once, query slices from session cache. Call when: after code changes; user asks if tests pass; before push; need per-file test status or failure details without re-running. Use after edits: pass diff_base: main to see if your changes broke tests. Scope to module with area: proxy, auth, handlers. DO NOT call when: package CVE check (check_package); prove deploy claim (project_memory); repo orientation (get_project_context); find symbol (find_code). Workflow: task=run once → task=list|failures|status|why on same session_id (<100ms). task=detect for framework/command only. task=history|compare for cloud scan rows (hosted). Hosted MCP: 1 credit per task:run; session queries, why, and compare are free. path: absolute directory (stdio MCP) or github:owner/repo / GitHub URL (hosted MCP).
| Name | Required | Description | Default |
|---|---|---|---|
| area | No | Scope to module/area name derived from test paths (e.g. proxy, auth, handlers) | |
| path | No | Project root: absolute directory (stdio) or github:owner/repo / GitHub URL (hosted). Required for run/detect. | |
| task | No | run=execute suite (1 credit hosted); detect=dry-run; status|summary|list|failures|coverage|fix_prompt|why|compare=session cache (free); history=cloud scans (free, hosted) | run |
| limit | No | Max rows for task:history (1–20) | |
| command | No | Override auto-detected test command | |
| question | No | Natural-language follow-up for task:why (e.g. "what failed in proxy?") | |
| diff_base | No | Git branch for patch coverage and failures_in_diff (e.g. main) — use after edits | |
| session_id | No | Pass back from prior response (ts_*) for session tasks without re-running | |
| timeout_ms | No | Max run time ms (default 1800000 stdio, capped 600000 hosted) | |
| failed_only | No | Re-run only tests that failed in the prior session | |
| file_filter | No | Substring or glob fragment to filter test_files (e.g. auth, handlers) | |
| coverage_top | No | Max files in coverage slice | |
| detail_level | No | Token budget: brief <500 tokens on PASS; agent default; full=all slices | agent |
| include_flaky | No | Include flaky test hints from local history | |
| with_coverage | No | Collect lcov coverage (default true) | |
| include_missing | No | Detect source files without test files (defaults true when diff_base set) |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Description adds extensive behavioral context beyond annotations: caching behavior, credit costs, path requirements, diff_base usage, and scope to modules. No contradiction with annotations.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Well-structured with bullet points and clear sections. Slightly verbose but front-loaded with main action. Every sentence adds value.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Fully covers all aspects: 16 params described, workflows, cost, exclusion list, output details (even though no output schema). Complete for a complex tool.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100%. Description adds extra meaning on parameters like diff_base for patch coverage, task enum meanings, and path format. Adds value beyond schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Clearly states it runs tests and returns structured health. Explicitly differentiates from siblings by listing when NOT to call, like check_package, project_memory, etc. Specific verb+resource.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Provides detailed when-to-use (after code changes, before push, user asks if tests pass) and when-not-to-use (with explicit sibling names). Includes workflow instructions (task=run once then session tasks) and credit costs.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
explain_architectureExplain ArchitectureARead-onlyIdempotentInspect
Structural wiring map — how files connect, not file bodies. Returns concern_cluster (roles + import edges for ANY subsystem label), layer_map, entry_points, integration_map, auth_flow, request_flows in deep mode, Mermaid. CALL WHEN: how does this feature/subsystem work across files before a cross-cutting edit; pass concern (any name: widget-factory, billing, q7x) or seed_files from find_code — seeds via concept search + import graph, not hardcoded vocab. DO NOT: stack/scripts (get_project_context), search (find_code), read bodies (read_code). focus: api|auth|integrations|database|security|full. mode: overview|deep|audit. subpath for monorepos. Path: absolute dir or github:owner/repo.
| Name | Required | Description | Default |
|---|---|---|---|
| mode | No | overview=fast wiring map (no AST flow trace), deep=request_flows + sequenceDiagram, audit=anti_patterns + health_score. Default: overview | |
| path | No | Where the project lives. Local absolute directory (e.g. /Users/alice/myapp on macOS, /home/alice/myapp on Linux, C:/Users/alice/myapp on Windows, /mnt/c/Users/alice/myapp on WSL) OR a GitHub / GitLab / Bitbucket URL (https://github.com/owner/repo or short-form github:owner/repo). Private repos require GITHUB_PAT on the server. | |
| focus | No | Wiring slice. Default: api. auth=validation chain, integrations=external SDK touchpoints, database=ORM, security=auth+errors, full=all analyzers. | |
| force | No | Bypass architecture result cache. Default false. | |
| concern | No | Any subsystem label (folder name, feature codename, module). Uses find_code concept search + import graph — not a fixed keyword list. Returns roles, edges, symbols (no file bodies). | |
| exclude | No | Optional glob patterns to exclude from ripgrep (vendor, build, etc.). | |
| subpath | No | Monorepo scope — analyze only this subdirectory (e.g. apps/api). Faster than whole repo. | |
| verbosity | No | Output size. minimal=core only, standard=default, full=adds constraints + state_management. Alias: detail_level | |
| seed_files | No | 1–20 paths from find_code — graph expands to related modules. Use with or without concern. | |
| detail_level | No | Legacy alias for verbosity | |
| inline_files | No | Fallback for remote transports. Shape: { "": "" }. Include 10-50 SOURCE files (entry points, routes, middleware, auth, DB setup) plus package.json. For local stdio, prefer 'path'. | |
| project_path | No | Alias for 'path' (some clients pass this name). Accepts the same values. |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already declare readOnlyHint=true, idempotentHint=true, and destructiveHint=false. The description adds behavioral details like modes (overview, deep, audit) and cache bypass behavior via the force parameter, which goes beyond annotations. However, no mention of rate limits or other potential constraints.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is front-loaded with the core purpose and uses structured phrases, but it is lengthy with some redundancy (e.g., explaining path and subpath separately). It could be more concise while retaining essential information.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool's complexity (12 parameters, no output schema), the description covers usage context, parameter behavior, return types (concern_cluster, layer_map, etc.), and mode differences. It compensates well for the missing output schema and provides complete guidance for an AI agent.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100%, but the description adds significant value by explaining key parameters (concern, seed_files, mode, focus) and their interactions—e.g., 'seeds via concept search + import graph, not hardcoded vocab' and the relationship between concern and seed_files. This enriches understanding beyond the schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool's purpose: 'Structural wiring map — how files connect, not file bodies.' It specifies the outputs (concern_cluster, layer_map, entry_points, etc.) and distinguishes itself from siblings like read_code and find_code by emphasizing it does not return file bodies.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides explicit usage guidance: 'CALL WHEN: how does this feature/subsystem work across files before a cross-cutting edit' and 'DO NOT: stack/scripts (get_project_context), search (find_code), read bodies (read_code).' It also explains how to pass concern or seed_files from find_code, offering clear alternatives.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
find_codeFind CodeARead-onlyIdempotentInspect
Find text inside project files (ripgrep). Rename old project name (Crystal→Max, 200 files) → intent everywhere + whole_word + also_try [crystal]; returns every file:line in files_summary. Pasted line → snippet. Known name → symbol. Topic → concept + also_try. Messy repo → include (docs/config/data). Response: summary, data.matches or data.all_occurrences, files_hit, next_calls. Then read_code on top hit. Not for known-file reads or repo overview. Read-only.
| Name | Required | Description | Default |
|---|---|---|---|
| path | No | Project folder to search. Local MCP: absolute path (/Users/jane/myapp). Hosted MCP: public GitHub URL or inline_files. | |
| query | Yes | Required. Text to find: pasted editor line, symbol name (validateToken), or topic keyword (encrypt). | |
| intent | No | Search mode. snippet=paste exact line. symbol=find definition. concept=topic hunt. everywhere=all hits before rename. | |
| include | No | Limit file types. code=src. docs=md/readme. config=json/yaml. data=sql/prisma. all=default. | |
| also_try | No | Extra keywords merged in parallel. concept=topic synonyms. everywhere=rename variants (crystal, CRYSTAL, crystal-app). | |
| whole_word | No | With intent everywhere. true = whole word only (Crystal not Crystalline). Use before renames. | |
| file_pattern | No | Custom glob; overrides include. Examples: src/**/*.ts, **/*.md. | |
| inline_files | No | Hosted MCP only: {"path/to/file.ts": "file contents"}. Use when path disk is unavailable. | |
| case_sensitive | No | true = match exact casing (Crystal vs crystal). Default false. | |
| response_format | No | concise=line preview per hit. detailed=full function/class block when AST available. |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already declare readOnlyHint=true and destructiveHint=false, so the description's 'Read-only' confirmation is redundant but consistent. However, the description adds valuable behavioral context about response structure, next steps, and edge cases (e.g., whole_word behavior for renames), which goes beyond annotations.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is somewhat lengthy but every sentence serves a purpose. It is front-loaded with the core purpose and then systematically covers use cases, parameters, and response. It could be slightly more concise by reducing redundancy (e.g., 'Read-only' is already in annotations), but overall it is well-organized.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Despite having no output schema, the description compensates by explaining the response format (summary, data.matches or data.all_occurrences, files_hit, next_calls) and linking to the next step (read_code). It covers all major use cases and edge cases, making the tool fully understandable for an AI agent.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
With 100% schema coverage, the schema already documents all 10 parameters. The description adds significant meaning by providing concrete examples for each parameter, explaining enum options, and clarifying usage context (e.g., 'also_try: extra keywords merged in parallel'). This greatly aids correct invocation.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description starts with 'Find text inside project files (ripgrep)' which is a clear verb+resource. It further distinguishes from sibling tools like read_code and get_project_context by specifying that it is for searching text, not for reading known files or overview.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description explicitly covers when to use the tool (rename, pasted line, symbol, topic, messy repo) and when not to use it ('Not for known-file reads or repo overview'). It also provides specific patterns for each use case (e.g., 'Pasted line → snippet').
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
get_project_contextGet Project ContextARead-onlyIdempotentInspect
Orient on any codebase before editing. One focused slice per call — 11 topics: identity, framework, backend, frontend, database, auth, deploy, run, structure, integrations, security. Each topic returns different fields (focus, summary, data, hint, related_topics, next_calls, meta). Sources: (1) local absolute path — stdio MCP reads disk directly, e.g. /Users/alice/myapp; (2) GitHub/GitLab URL — hosted server clones once and caches, e.g. https://github.com/owner/repo; (3) inline_files when transport has no filesystem. Workflow: get_project_context({ topic: "identity" }) first, then 1-2 related_topics. DO NOT use for function bodies (read_code), search (find_code), or flows (explain_architecture). Read-only.
| Name | Required | Description | Default |
|---|---|---|---|
| path | No | Where the project lives. Accepts BOTH: • Local absolute path: /Users/alice/myapp, C:/Users/alice/myapp, /mnt/c/Users/alice/myapp. Local stdio install reads files directly. • GitHub/GitLab/Bitbucket URL: https://github.com/owner/repo (or short-form github:owner/repo). Hosted server fetches and analyses the repo (private GitHub repos work when the server has GITHUB_PAT or the user has linked GitHub). Use a remote URL whenever the user pastes a GitHub link or refers to their repo by name. | |
| force | No | Set true to re-detect even if cached (use when project changed) | |
| topic | No | Named slice (each returns different data): identity | framework | backend | frontend | database | auth | deploy | run | structure | integrations | security. Local path or github:owner/repo — same topics. Call identity first; backend vs frontend vs auth return different summaries and key_paths. | |
| focus_on | No | Subdirectory to focus the file tree scan on (e.g. 'src/tools') | |
| detail_level | No | Output tier: "brief" (default, ≤500 tokens), "standard" (full fields), "full" (all fields + file tree) | |
| inline_files | No | Primary way to supply code. Shape: { "": "", ... }. The VALUE is the actual file body — never a filename, path, or placeholder. Example: { "package.json": "{\"name\":\"my-app\",\"dependencies\":{...}}" }. Always include the project-definition file (package.json / pyproject.toml / Cargo.toml / go.mod / pom.xml / Gemfile / composer.json / pubspec.yaml) plus tsconfig.json / framework config if present, plus 2-4 representative source files. Works on Mac, Windows, Linux, private repos, unsaved folders. | |
| structure_depth | No | Max folder depth for file tree scan (default: 3, max: 6) | |
| include_structure | No | When true, includes file tree in response (also triggered by detail_level: full) |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already indicate read-only and idempotent. Description adds context about caching, re-detection, and filesystem access (local vs remote). No contradictions. Fully discloses behavior beyond annotations.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Description is well-structured: brief summary first, then topics, sources, workflow, exclusions. Every sentence adds value. No fluff. Appropriately detailed without being verbose.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given 8 parameters, no output schema, and high complexity, the description is complete. It covers all parameters, provides workflow, sources, and exclusion criteria. Leaves no gaps for a read-only exploration tool.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100%, but description adds significant value: examples for path, enumerates all 11 topics, explains inline_files shape, and provides usage recommendations (e.g., start with identity). Goes well beyond schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description explicitly states the tool's purpose: orient on a codebase before editing. It distinguishes itself from siblings by listing specific alternatives (read_code, find_code, explain_architecture). Includes specific verb+resource and scope.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Provides explicit when-to-use (before editing), a workflow (call identity first then related_topics), and when-not-to-use (function bodies, search, flows). Also explains different source types and their behaviors.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
keep_thinkingStructured ReasoningARead-onlyInspect
Multi-call reasoning scaffold for AI coding agents — NOT Anthropic's single-call think tool, NOT extended thinking. Tracks hypotheses, observations, conclusions, and assumptions across iterative tool-call chains. Detects circular debugging, repeated failed approaches, and dangerous operations. Returns: shouldContinue, riskLevel (high/critical blocks continuation), repetitionWarning, reflectionPrompt (recovery questions on loop), boredLoopDetected (same tool called twice), approachingLimit (2 thoughts before cap). Call when: (1) high-blast-radius edit — schema, auth, billing, multi-file refactor, production deploy. (2) Debugging after 2+ failed attempts. (3) Task spans 3+ files. (4) Ambiguous requirements — surface assumptions first. DO NOT call when: (1) you already know the answer — act. (2) Single-step task — rename, typo, file read. (3) You're calling again without new evidence — that's a loop, stop. (4) Session is closed (nextThoughtNeeded:false was set). Pass lastActions (last 2-5 tool calls) to enable boredom detection. Set actionReady:true to exit early when planning is done. Set nextThoughtNeeded:false to close the session and write a Supabase checkpoint. Pass sessionId to resume — previously rejected approaches are injected so you don't repeat them. Hard cap: 10 thoughts per session.
| Name | Required | Description | Default |
|---|---|---|---|
| revises | No | Which thought number this revises (use with thoughtType:'revision'). | |
| thought | Yes | The actual reasoning content (20–2000 chars). Be specific — include file names, function names, error messages. | |
| sessionId | No | Cross-session memory. Provide at thought 1 to restore last checkpoint. | |
| confidence | Yes | 0–1. Below 0.5 forces revision. Above 0.85 safe to proceed. | |
| goalAnchor | No | One sentence restating the original task. Required after thought 2 (two-strike rule). | |
| actionReady | No | Set true when planning is done and you are about to execute. Produces minimal response. | |
| assumptions | No | Max 5 assumptions. Mark invalidated:true when contradicted. | |
| lastActions | No | Last 2-5 tool calls as 'name(arg=val)' strings. If the last two are identical, boredLoopDetected fires. Required to detect repeated reads. | |
| thoughtType | Yes | Controls compression. hypothesis/conclusion kept verbatim. observation/debug masked when old. plan/revision truncated when old. | |
| thoughtNumber | Yes | Which thought this is, 1-based | |
| totalThoughts | Yes | Estimated total thoughts needed (revise upward if genuinely needed) | |
| nextThoughtNeeded | Yes | Set to false when reasoning is complete. Triggers checkpoint write. | |
| toolOutputRelevance | No | Classify last tool result. 3+ noise/error in last 5 triggers loop detection. |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Adds significant behavioral details beyond annotations: return values (shouldContinue, riskLevel, repetitionWarning, etc.), loop detection mechanics, hard cap of 10 thoughts, checkpoint writing on session close. No annotation contradiction.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Well-structured with clear sections (returns, call when, do not call, parameter usage). Comprehensive but slightly verbose; could trim redundant phrases. Front-loaded with key purpose and distinction.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given 13 parameters, 6 required, no output schema, the description covers return values, behavioral constraints (loop detection, cap), and usage patterns comprehensively. Everything an agent needs to invoke the tool correctly.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
All 13 parameters have schema descriptions (100% coverage). The description adds contextual usage tips (e.g., 'Pass lastActions to enable boredom detection', 'Set actionReady:true to exit early'), enhancing practical understanding.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool is a multi-call reasoning scaffold for tracking hypotheses, observations, conclusions, and assumptions. It explicitly distinguishes itself from Anthropic's think tool and extended thinking, establishing a unique purpose.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Provides explicit 'Call when' and 'DO NOT call when' sections with concrete scenarios (e.g., high-blast-radius edits, debugging after 2+ failed attempts, single-step tasks). Clearly delineates when to use vs. when to act directly.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
project_memoryProject MemoryARead-onlyInspect
Store and recall project-specific learned facts (decisions, gotchas, goals, conventions) across agent sessions. NOT for codebase structure — use get_project_context. Returns: remember {id,status}; recall {matches,match_count,tokens_estimate}; list {memories,total,cap}; forget {status}. Call when: user says remember/recall; before editing an unfamiliar subsystem; after a non-obvious decision. DO NOT call when: repo orientation (get_project_context); symbol search (find_code); raw file bodies (read_code). After recall: apply returned facts; do not re-scan the repo. remember max 200/project; recall FTS5 max 5 hits; list titles only; forget by id. Local stdio only (npx zephex) — hosted MCP returns local_stdio_required.
| Name | Required | Description | Default |
|---|---|---|---|
| id | No | Required for forget. Memory uuid. | |
| area | No | Subsystem label for scoped recall. Max 64 chars. | |
| path | No | Absolute project root. Stdio: optional (uses cwd). | |
| tags | No | Optional lowercase tags. Max 10. | |
| type | No | Required for remember. | |
| limit | No | recall/list cap. Default 5, max 10. | |
| query | No | Required for recall. FTS5 keywords. | |
| scope | No | project=current DB, personal=~/.zephex personal, all=cross-project with warnings. | project |
| title | No | Required for remember. Max 80 chars. | |
| action | Yes | remember=save, recall=FTS5 search, list=titles, forget=delete by id | |
| content | No | Required for remember. Max 500 chars. Paraphrase, not file dumps. | |
| written_by | No | Who authored this memory. | agent |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Description lists return shapes and constraints (max 200, FTS5 max 5 hits), but annotations indicate readOnlyHint=true while tool includes write actions (remember, forget), contradicting the annotation. Without annotations, description would score higher, but contradiction reduces score.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Description is well-structured with sections: purpose, exclusions, returns, call guidelines, constraints. Slightly lengthy but every sentence adds value. Front-loaded with core purpose.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given 12 parameters, no output schema, and 100% schema coverage, the description explains actions and return structures. Includes integration notes (local stdio). Missing some edge-case details but overall comprehensive.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% with detailed parameter descriptions. The description adds usage context and highlights key parameters (action, query, title) but does not provide significant additional meaning beyond the schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Description clearly states verb+resource: 'Store and recall project-specific learned facts'. Explicitly distinguishes from sibling tool 'get_project_context' by stating what it is NOT for.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Provides explicit when-to-call and when-not-to-call scenarios, including alternatives: use get_project_context for repo orientation, find_code for symbol search, read_code for file bodies. Also gives post-recall instructions and constraints like max 200 per project.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
read_codeRead CodeARead-onlyIdempotentInspect
Surgical code read — symbols, batch files, keyword scan, bug smells. NOT whole-repo search (find_code). CALL WHEN: path known from find_code — batch-read files[] (mode:file); extract function by name (mode:symbol); scan 3–8 files for TODO/error/keyword (mode:scan); quick bug smells in focus_files (mode:smell); TOC before 300+ line file (mode:outline). DO NOT: unknown location (find_code first); file <50 lines (editor Read); repo-wide grep (find_code). Returns envelope: focus, summary, data, hint, next_calls. Read-only.
| Name | Required | Description | Default |
|---|---|---|---|
| kind | No | With mode:symbol. Filter to one symbol kind — disambiguate class vs method with same name. | |
| mode | No | symbol=AST extract by name (default). file=batch read files[] (all paths return). outline=file TOC. scan=keyword/pattern hits across files[] (use target or targets). smell=bug-pattern pass on files[] (empty catch, TODO, secrets). callers|blast_radius|dead_code=call graph (local path only). | |
| path | No | Project root. Local MCP: absolute path. Hosted MCP: public GitHub/GitLab URL. Pair with files[] from find_code. | |
| files | No | With mode:file|outline. Relative paths — from find_code hits. File mode: every path returns in one call (truncated per file if large, never dropped). | |
| target | No | mode:symbol|callers|blast_radius — symbol name (fuzzy). mode:scan — keyword or regex to find across files[]. | |
| compact | No | With mode:file|symbol. true = omit line numbers to save tokens. | |
| targets | No | mode:symbol — batch symbol names (max 8, set max_results:10). mode:scan — multiple keywords in one pass across files[]. | |
| symbol_id | No | With mode:symbol. Direct lookup ID from a prior hit (e.g. src/auth.ts::validateUser#function). Skips fuzzy search. | |
| max_tokens | No | Response size cap (default 2000, max 8000). File batch auto-shares across paths. Lower only if context is tight. | |
| session_id | No | Dedup across turns — symbols already returned get a stub with symbol_id instead of full body. | |
| limit_lines | No | With mode:file. Max lines per file. Default: budget-based; set for pagination slices. | |
| max_results | No | mode:symbol — max symbols (default 3, max 10). mode:scan|smell — max hits returned (default 30, max 100). | |
| offset_line | No | With mode:file. Start line (1-indexed). Use after batch read when data.hint says truncated. | |
| context_path | No | With mode:symbol. File path hint for ranking (e.g. src/auth.ts when repo has many auth symbols). | |
| detail_level | No | With mode:symbol. signature=~100 tokens. body=full implementation (default). context=body+imports. | |
| inline_files | No | When path disk is unavailable: {"src/auth.ts": ""}. Hosted/private transport fallback. | |
| confidence_threshold | No | With mode:symbol. Min match confidence 0–1 (default 0.5). Raise 0.8 for exact; lower 0.3 to explore. |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already declare readOnlyHint=true, idempotentHint=true, and destructiveHint=false. The description adds value by disclosing the 'Read-only' nature, the surgical/truncated behavior, and the return envelope structure. No contradictions found. Score 4 as it goes beyond annotations but could note error handling or rate limits.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is extremely concise and front-loaded. It uses brief, scannable sections ('CALL WHEN', 'DO NOT') and every sentence adds value. No fluff.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
The description gives a comprehensive overview of the tool's functionality and usage, covering all modes and when to invoke them. However, given the complexity (17 parameters, no output schema), it does not detail all parameters (schema covers them) or fully describe the output format beyond mentioning the envelope fields. Still, it is sufficiently complete for an agent.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100%, so baseline is 3. The description does not repeat parameter details but adds contextual usage guidance (e.g., which mode for which scenario). This complements the schema without adding new parameter-level meaning.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool's purpose as a 'Surgical code read' for reading code in various modes (file, symbol, scan, smell, outline). It explicitly contrasts with the sibling tool find_code for whole-repo search, and uses specific verbs and resources.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides explicit 'CALL WHEN' and 'DO NOT' sections, detailing when to use this tool (path known from find_code, batch read files, extract symbols, etc.) and when to use alternatives (find_code for unknown location, editor Read for files < 50 lines).
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Zephex_dev_infoZephex Developer Knowledge BaseARead-onlyIdempotentInspect
Expert developer knowledge base by Zephex. Use when the user asks how to build, structure, secure, or deploy anything. Covers: database schemas (Stripe, Supabase, Convex, Postgres), security (CSP, CORS, OWASP, JWT hardening), frontend (Next.js, React 19, Tailwind CSS), authentication (Supabase Auth, OAuth, refresh tokens), backend (AWS ECS, Docker, Bun), and mobile (Android, iOS, Expo, Play Store signing). Two operations: use 'search' with a query to find the right entry, then 'get' with the returned slug to fetch full expert knowledge. Always search first, then get.
| Name | Required | Description | Default |
|---|---|---|---|
| slug | No | Required for 'get'. Exact slug from a previous search result. | |
| query | No | Required for 'search'. Natural language question. | |
| category | No | Optional filter for 'search'. Narrows results to one domain. | |
| operation | No | Use 'search' to find the right entry by query. Use 'get' to fetch full expert knowledge by slug. Always search first, then get. | search |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already declare readOnlyHint=true, idempotentHint=true, destructiveHint=false. The description reinforces this by describing a knowledge retrieval workflow and adds the context that it covers many domains. No contradictions.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is a single paragraph that front-loads the purpose. It packs relevant information efficiently, though it could be slightly more concise by removing redundant phrases like 'Expert developer knowledge base' after the title.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool's complexity (4 parameters, no output schema, rich annotations), the description fully explains what the tool does, how to use it, and what it covers. The workflow instructions make it complete for agent invocation.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% with clear descriptions. The description adds operational semantics by explaining the search-then-get workflow, which adds value beyond the schema's individual parameter descriptions.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states it is a 'developer knowledge base' for building, structuring, securing, and deploying. It explicitly mentions two operations ('search' and 'get') and lists covered domains. This distinguishes it from sibling tools and gives a specific verb-resource pair.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description gives clear usage guidance: 'Always search first, then get.' It also says to use when the user asks about specific topics. It doesn't explicitly state when not to use, but the context implies it's for developer questions only.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!