PromptScan
Server Details
Prompt injection detection API for AI agents. Scan untrusted text before passing it to an LLM.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 4.2/5 across 1 of 1 tools scored.
With only one tool, there is no possibility of ambiguity or overlap between tools. The single tool 'scan_text' has a clearly defined and distinct purpose: detecting prompt injection attacks in text.
The naming is trivially consistent since there is only one tool. The tool name 'scan_text' follows a clear verb_noun pattern that would be appropriate if more tools were added.
A single tool is too few for a server called 'PromptScan' that appears to be focused on prompt injection detection. While the tool is well-described, a complete security scanning service would typically offer additional capabilities like batch scanning, history/audit logs, configuration management, or different scanning modes.
The tool surface is severely incomplete for a prompt injection scanning service. There's only a single scanning endpoint with no ability to manage scan configurations, view historical results, perform batch operations, or access related security features that would be expected in a comprehensive scanning API.
Available Tools
1 toolscan_textAInspect
Scan text for prompt injection attacks.
Returns a JSON object with:
- injection_detected (bool): true if an injection was found
- score (float): risk score 0.0–1.0
- label (str): "injection" or "safe"
- attack_type (str | null): detected attack category, if any
- layer_triggered (str | null): detection layer that flagged the text
- latency_ms (int): detection latency in milliseconds
Args:
text: The text to scan (user input, retrieved doc, tool output, etc.)
sensitivity: "low" | "medium" | "high" (default "medium")
api_key: Your PromptScan API key (pif_...). Optional — falls back to
the X-API-Key header passed by the MCP client.| Name | Required | Description | Default |
|---|---|---|---|
| text | Yes | ||
| api_key | No | ||
| sensitivity | No | medium |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations provided, the description carries the full burden of behavioral disclosure. It effectively describes the return format (JSON with specific fields), latency information, and authentication fallback behavior. However, it doesn't mention rate limits, error handling, or performance characteristics beyond latency.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is well-structured and appropriately sized, with purpose first, then return format, then parameters. Every sentence adds value, though the parameter explanations could be slightly more concise. It's front-loaded with the core functionality.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool's moderate complexity (3 parameters, no output schema, no annotations), the description is quite complete. It covers purpose, return format, and parameter semantics adequately. However, it lacks information about error cases, rate limits, or example usage, which would make it fully comprehensive.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The description adds significant value beyond the input schema, which has 0% description coverage. It explains the purpose of each parameter: 'text' is for the content to scan, 'sensitivity' has three specific levels with a default, and 'api_key' includes format details and fallback behavior. This fully compensates for the schema's lack of descriptions.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool's purpose with a specific verb ('scan') and resource ('text'), specifying it's for 'prompt injection attacks'. It distinguishes itself by focusing on security scanning rather than general text analysis, though there are no sibling tools to differentiate from.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies usage context by mentioning 'user input, retrieved doc, tool output, etc.' but doesn't provide explicit guidance on when to use this tool versus alternatives. With no sibling tools, it doesn't need to differentiate, but it lacks guidance on prerequisites or scenarios where scanning might be unnecessary.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!