Skip to main content
Glama

data-breach-detector

Server Details

Read-only breach intelligence from public feeds: reports THAT a domain leaked, never the data.

Status
Healthy
Last Tested
Transport
Streamable HTTP
URL

Glama MCP Gateway

Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.

MCP client
Glama
MCP server

Full call logging

Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.

Tool access control

Enable or disable individual tools per connector, so you decide what your agents can and cannot do.

Managed credentials

Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.

Usage analytics

See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.

100% free. Your data is private.
Tool DescriptionsA

Average 4.1/5 across 4 of 4 tools scored.

Server CoherenceA
Disambiguation5/5

Each tool targets a clearly distinct function: text analysis, news retrieval, entity lookup, and source listing. There is no overlap in purpose, making selection unambiguous.

Naming Consistency4/5

All names use snake_case and are readable, but they mix verb_noun patterns (assess_threat, check_exposure) with noun_noun patterns (breach_news, feed_sources). This minor inconsistency prevents a perfect score.

Tool Count5/5

With 4 tools, the server is well-scoped for a data breach detector covering analysis, news, lookup, and sources. Each tool earns its place without redundancy or missing essentials.

Completeness4/5

The tools cover core breach-related tasks (analysis, news, entity check, source info). A minor gap is the lack of batch or monitoring capabilities, but the primary use cases are addressed.

Available Tools

4 tools
assess_threatAInspect

Triage a piece of security text (advisory, forum post, alert): classify threat level, categories and recommended action. Pure analysis of text you supply — collects nothing, reaches no network.

ParametersJSON Schema
NameRequiredDescriptionDefault
textYes
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden. It discloses that the tool collects no data and makes no network calls, which is critical for safety. However, it does not mention any other behaviors such as rate limits, performance characteristics, or potential errors.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two sentences, front-loads the purpose, and contains no fluff. Every clause adds value, from the action (triage) to the safety guarantees.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the single parameter and no output schema, the description covers the core functionality well. However, it could describe the expected output structure (e.g., categories and recommended action format) to be fully complete.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The only parameter, 'text', has no schema description. The description adds value by specifying acceptable types of text ('advisory, forum post, alert') and hints at the content (security-related). This provides more guidance than the schema alone, but still lacks format or length constraints.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's function: triage security text and classify threat level, categories, and recommended action. It specifies the resource (security text) and the action (triage/classify). It distinguishes from sibling tools like breach_news and check_exposure by focusing on text analysis.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly states that this tool performs 'pure analysis of text you supply — collects nothing, reaches no network,' which guides when to use it (for safe, offline analysis). It lacks explicit comparisons to siblings but the context is clear enough for an AI agent.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

breach_newsAInspect

Recent breach and ransomware DISCLOSURES from public threat-intel feeds (HaveIBeenPwned, ransomwatch). Metadata only — entity, date, scale, exposed data TYPES, threat level — never the leaked data. Optional sector/keyword filter (e.g. "bank", "health", "crypto").

ParametersJSON Schema
NameRequiredDescriptionDefault
limitNo
sectorNo
since_daysNo
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description effectively discloses the tool's behavior: it returns metadata only, not leaked data. It also specifies the sources (HaveIBeenPwned, ransomwatch). This is sufficient for understanding the safety and purpose, though it could mention authentication or rate limits.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is concise, only two sentences. The first sentence front-loads the core purpose, and the second adds essential details about data type and filters. No unnecessary words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a simple list tool with no output schema, the description covers the input parameters' intent reasonably well. It explains the output type (metadata) and mentions the optional filter. However, it lacks details on ordering, pagination, or default behavior, leaving minor gaps.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters2/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 3 parameters with 0% description coverage. The tool description only explains the sector parameter with examples ('bank', 'health', 'crypto') but does not clarify limit or since_days. Since the schema provides no descriptions, the description should compensate more.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly identifies the tool as providing recent breach and ransomware disclosures from public threat-intel feeds, specifying the type of metadata included. It distinguishes itself from siblings like assess_threat and check_exposure by focusing on listing disclosures rather than assessing or checking specific exposures.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description states what data is provided (metadata) and what is not provided (never leaked data), setting clear expectations. It mentions optional filters but does not explicitly state when to use this tool over alternatives or when not to use it, though the context is clear enough.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

check_exposureAInspect

Does a domain, company or brand appear in public breach or ransomware DISCLOSURES? The HaveIBeenPwned model: yes/no plus metadata (when, scale, which data types were exposed, severity, source) — never the exposed records. Triage only; confirm through authorized channels.

ParametersJSON Schema
NameRequiredDescriptionDefault
queryYes
since_daysNo
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations provided, so description carries full burden. It transparently discloses that exposed records are never returned, and lists metadata fields (when, scale, data types, severity, source). Does not mention any authorization or rate limits, but the triage note implies non-authoritative status.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences plus a short usage note, no redundant words. Information is front-loaded and every sentence serves a purpose: statement of function, output description, limitation, and guidance.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no output schema, the description adequately explains return format (yes/no plus metadata). The triage limitation is stated. However, the missing parameter documentation for since_days detracts from completeness for a 2-parameter tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters2/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so description must compensate. The query parameter is implied by context ('domain, company or brand'), but since_days (integer with default) is completely unexplained – its purpose, meaning, and allowed range are missing. The description adds no value beyond the schema for this parameter.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool checks if a domain, company, or brand appears in public breach or ransomware disclosures. It specifies the output (yes/no plus metadata) and what is not returned (exposed records). This distinguishes it from sibling tools like assess_threat and breach_news.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Includes explicit guidance: 'Triage only; confirm through authorized channels.' This clearly indicates when to use (initial triage) and that results require verification. Does not explicitly compare to siblings but provides strong usage context.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

feed_sourcesAInspect

List the public feeds this detector aggregates and how fresh the cache is.

ParametersJSON Schema
NameRequiredDescriptionDefault

No parameters

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description must fully convey behavior. It states the output (feeds and cache freshness) but does not mention permission requirements, read-only nature, or potential latency.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

One sentence, 12 words, no redundant information. The verb 'List' is front-loaded, making the purpose immediate.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

No output schema exists, so the description should explain return format. It mentions feeds and cache freshness but not whether it's a list of names, objects, or timestamps. Adequate for a simple tool but incomplete.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

No parameters exist, so schema coverage is 100%. The description adds context: 'public feeds this detector aggregates' and 'cache freshness', which goes beyond the empty schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('List') and the resource ('public feeds this detector aggregates' and 'how fresh the cache is'). It distinguishes from siblings like 'assess_threat' by focusing on feeds enumeration.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No explicit when-to-use or alternatives are provided. Usage is implied as a simple listing tool, but the description does not guide when to use this over sibling tools.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Discussions

No comments yet. Be the first to start the discussion!

Try in Browser

Your Connectors

Sign in to create a connector for this server.

Resources