mcpcheckup
Server Details
Scans remote MCP servers for protocol, security, and TLS issues; exposes scan tools via MCP.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 3.6/5 across 2 of 2 tools scored.
The two tools have distinct purposes: scan_mcp_server returns raw scan data, while create_scorecard returns a formatted scorecard with a URL and image. They are related but not ambiguous, though an agent might mistakenly think create_scorecard performs the scan internally.
Both tools follow a consistent verb_noun pattern: 'create_scorecard' and 'scan_mcp_server'. The naming is clear and predictable.
With only 2 tools, the server feels sparse but may be acceptable for a focused service. A broader set like listing or deleting scorecards could be expected, but the count is not extreme.
The server lacks tools for retrieving, updating, or deleting scorecards or scans. After creating a scorecard, there is no way to access it later without re-running, which is a significant gap.
Available Tools
2 toolscreate_scorecardCreate MCP scorecardBInspect
Scan a remote MCP server and return a shareable scorecard: security score (0-100), letter grade, a public scorecard page URL, and an Open Graph image URL for embedding or social sharing.
| Name | Required | Description | Default |
|---|---|---|---|
| url | Yes | The MCP server endpoint to score, e.g. https://example.com/mcp |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations provided; description only states it scans and returns a scorecard, but doesn't disclose safety implications, auth requirements, or whether it modifies anything. Without annotations, this is insufficient for a tool that makes external network requests.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Single sentence with no filler, efficiently communicates purpose and output.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
For a tool with one required param and no output schema, the description adequately explains what is returned. However, it might benefit from mentioning the response format (JSON) or potential errors.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema covers 100% with description and example; description adds value by providing a concrete example URL format, clarifying the expected input.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Clear verb 'scan' and resource 'remote MCP server', explicitly lists return values (score, grade, URLs). Distinguishes from sibling 'scan_mcp_server' which likely returns raw data without formatted scorecard.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
No mention of when to use this tool vs 'scan_mcp_server' or alternatives. No usage context or prerequisites stated.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
scan_mcp_serverScan MCP serverAInspect
Run a full MCPCheckup scan against a remote MCP server: handshake, protocol version, tool/resource/prompt inventory, security heuristics, network/TLS posture, and license info.
| Name | Required | Description | Default |
|---|---|---|---|
| url | Yes | The MCP server endpoint to scan, e.g. https://example.com/mcp |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations provided; description lists scan components but omits potential side effects (e.g., network requests, timeouts), authentication requirements, or data handling.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Single sentence with front-loaded action and resource, no wasted words.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
For a simple tool with one parameter and no output schema, the description covers what the scan includes. Could mention asynchronous behavior or result format.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Single parameter 'url' with schema description; description adds minimal context beyond schema (e.g., 'e.g. https://example.com/mcp'). Baseline 3 due to 100% schema coverage.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Clear verb 'Run a full MCPCheckup scan' and resource 'remote MCP server', lists specific components (handshake, protocol version, inventory, etc.), distinguishes from sibling 'create_scorecard'.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Implied usage context (scanning a remote server), but no explicit when-to-use or when-not-to-use guidance, and no mention of alternatives.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!