Skip to main content
Glama

Server Details

One-step legal compliance for vibe-coded apps: privacy, terms, cookie banner and EU AI Act check.

Status
Healthy
Last Tested
Transport
Streamable HTTP
URL

Glama MCP Gateway

Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.

MCP client
Glama
MCP server

Full call logging

Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.

Tool access control

Enable or disable individual tools per connector, so you decide what your agents can and cannot do.

Managed credentials

Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.

Usage analytics

See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.

100% free. Your data is private.
Tool DescriptionsA

Average 4.5/5 across 7 of 7 tools scored.

Server CoherenceA
Disambiguation5/5

Each tool has a clearly distinct purpose: check_ai_act classifies AI risk, check_store and check_website audit different platform listings, claim_app creates an app, generate_policies drafts legal docs, get_claim_status tracks claim confirmation, and get_install_snippet provides installation code. No two tools overlap in function.

Naming Consistency5/5

All tool names follow a consistent verb_noun pattern with snake_case (e.g., check_ai_act, claim_app, generate_policies). The naming is predictable and easy to understand.

Tool Count5/5

Seven tools is a well-scoped set for the server's purpose: three for compliance checks, one for app creation, one for policy generation, one for status tracking, and one for installation snippets. Each tool earns its place without being excessive.

Completeness4/5

The tool surface covers the primary workflows: checking compliance, creating an app, generating policies, and installation. A minor gap is the lack of update/delete tools for apps, but the core lifecycle is covered. Agents can successfully complete the intended tasks.

Available Tools

7 tools
check_ai_actClassify EU AI Act riskA
Read-only
Inspect

Classify a product's risk level under the EU AI Act (minimal / limited / high / prohibited) and return the applicable obligations with their deadlines (limited-risk transparency duties apply from Aug 2, 2026). Answer the boolean questions about what the system does; read-only and instant.

ParametersJSON Schema
NameRequiredDescriptionDefault
usesAINoDoes the product use AI at all?
annexIIINoAnnex III high-risk domains that apply (e.g. employment, education, credit, health).
socialScoringNoDoes it score or rank people based on behavior or characteristics?
generatesContentNoDoes it generate text, images, audio or video shown to users?
automatedDecisionsNoDoes it make automated decisions with legal or significant effects?
interactsWithPeopleNoDo people interact directly with the AI (chatbot, assistant…)?
realtimeBiometricPublicNoDoes it do real-time biometric identification in public spaces?
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate readOnlyHint=true and destructiveHint=false, so the description's mention of 'read-only and instant' adds value by specifying speed and interactivity ('Answer the boolean questions'). It also discloses that the tool returns obligations with a specific deadline, providing behavioral context beyond annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is three sentences long, front-loaded with the main purpose, and includes key details (risk categories, deadline, read-only, instant). Every sentence contributes valuable information without redundancy.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a tool with 7 well-documented parameters and no output schema, the description provides sufficient context: it returns risk level and obligations with deadlines, including a specific date for limited-risk transparency duties. It could be slightly more explicit about the full return structure, but overall it is complete enough for effective use.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, meaning the input schema already documents all 7 parameters. The description summarizes that these are boolean questions about what the system does, but does not add significant meaning beyond the schema. Baseline score of 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: classify a product's risk level under the EU AI Act into specific categories (minimal, limited, high, prohibited) and return applicable obligations with deadlines. It also distinguishes itself from sibling tools by focusing specifically on EU AI Act classification.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides clear context for when to use the tool (for EU AI Act risk classification) and mentions it is 'read-only and instant', indicating safe, quick usage. While it does not explicitly state when not to use or list alternatives, the specificity of the purpose implies appropriate usage scenarios.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

check_storeCheck app-store listing complianceA
Read-only
Inspect

Free legal-compliance check of a mobile app from its PUBLIC App Store (apps.apple.com) or Google Play (play.google.com) listing URL — no repo or developer-account access needed. Follows the privacy-policy link the developer declared on the listing, analyzes that page, and returns detected data processing, compliance recommendations, whether the EU AI Act applies, and suggestedAnswers for generate_policies. Read-only.

ParametersJSON Schema
NameRequiredDescriptionDefault
urlYesApp Store or Google Play listing URL, e.g. https://apps.apple.com/app/id123456789 or https://play.google.com/store/apps/details?id=com.example.app.
Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations declare readOnlyHint=true and destructiveHint=false; the description reinforces this with 'read-only' and adds behavioral details: follows the privacy-policy link, analyzes that page, and returns specific outputs like data processing and compliance recommendations. No contradiction with annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is concise at four sentences, front-loading the main purpose and then explaining the mechanism and outputs. Every sentence provides essential information without redundancy.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool has a single parameter and no output schema, the description adequately covers the input requirements, process (following privacy-policy link, analyzing page), and outputs (data processing, recommendations, etc.). It also notes prerequisites like public URL and no developer account needed.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% for the single parameter url, so baseline is 3. The description adds valuable context by specifying the types of URLs (App Store or Google Play) and gives examples, which improves parameter understanding beyond the schema description.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description uses specific verbs and resources: 'Free legal-compliance check of a mobile app from its PUBLIC App Store or Google Play listing URL'. It clearly distinguishes from sibling tools like check_website and check_ai_act by specifying the source (app store listing) and the scope (compliance check).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description states when to use (when you have an app store listing URL) and implies what it covers (no repo or developer account needed). It does not explicitly list when not to use, but the sibling tools provide natural alternatives for other contexts.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

check_websiteCheck website complianceA
Read-only
Inspect

Free legal-compliance check of a public website (no signup). Fetches the URL server-side and detects data processing relevant to compliance — analytics, marketing pixels, payments, generative AI, email collection, third-party sharing — then returns the legal documents and cookie-consent setup the site needs, whether the EU AI Act applies, and suggestedAnswers you can pass straight to generate_policies. Read-only.

ParametersJSON Schema
NameRequiredDescriptionDefault
urlYesWebsite URL or bare domain, e.g. https://myapp.com or myapp.com.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Discloses read-only behavior and server-side fetching, matching annotations. Adds detailed information about what data processing is detected and returns legal documents and cookie-consent setup. No contradictions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences, front-loaded with core purpose. Second sentence packs details efficiently. No redundancy or filler.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given one input and no output schema, the description fully explains what the tool does and returns (legal docs, cookie consent, EU AI Act applicability, suggestedAnswers). Annotations reinforce read-only and open-world nature. Complete for agent decision-making.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Single 'url' parameter with schema coverage 100%. Description adds meaning by explaining the URL is fetched server-side and used for compliance analysis. Example format provided.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Clearly states it performs a free legal-compliance check on public websites. Lists specific detections (analytics, marketing pixels, etc.) and explicitly links to generate_policies. Distinguishes itself from siblings like check_ai_act and check_store by its broad scope.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Provides clear context: free, no signup, public websites, read-only. Implicitly differentiates from siblings by listing detection scope. Could be improved by explicitly stating when to use alternatives, but overall sufficient.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

claim_appClaim a real LexVibe appAInspect

Create a REAL LexVibe app in the user's account (replaces any YOUR_APP_ID placeholder). Returns a claim link: show it to the user so they can sign in and confirm — the link expires in 30 minutes. On confirmation LexVibe creates the app, scans the URL (if given), generates and hosts the legal documents. After the user confirms, call get_claim_status with the returned code to retrieve the real app id and install snippet. Provide at least url or appName.

ParametersJSON Schema
NameRequiredDescriptionDefault
urlNoPublic URL of the app (website or App Store / Google Play listing). LexVibe scans it on confirmation.
answersNoCompliance flags you already know (pass check_website's suggestedAnswers): usesAnalytics, processesPayments, usesGenerativeAI, collectsEmails, sharesWithThirdParties, platformType, companyEntity, contactEmail…
appNameNoApp / business name (required if no url is provided).
marketsNoRegions where the app has users. Defaults to [eu].
platformNoTarget platform when there is no url to infer it from.
Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

The description discloses that the tool creates an app, replaces the placeholder, returns an expiring claim link (30 minutes), and that on confirmation it scans the URL and generates legal documents. This adds significant context beyond the annotations, which already indicate it is not read-only or open-world.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a concise, front-loaded paragraph with no filler. Every sentence adds value—action, flow, constraints, and post-call steps.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity (5 parameters, nested objects, no output schema), the description covers the full workflow: creation, expiration, confirmation, and follow-up call. It lacks only explicit return value details, but the absence of output schema makes this acceptable.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters5/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100%, but the description adds critical guidance: requiring at least url or appName, explaining answers as compliance flags from check_website, and listing example keys. This meaningfully clarifies usage beyond the schema alone.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Title and description clearly state the tool creates a real LexVibe app, replacing a placeholder, and returns a claim link. It explicitly distinguishes from siblings like check_website and get_claim_status by outlining the unique creation and claiming flow.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides clear context on when to use this tool (create a real app after a placeholder) and what to do after (call get_claim_status). It requires at least url or appName, but does not explicitly state when not to use it or compare to alternatives.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

generate_policiesGenerate legal documentsA
Read-only
Inspect

Generate the legal documents (privacy policy, terms of service and, if applicable, an AI disclosure) localized and tailored to the target markets (GDPR, UK GDPR, CCPA…). Returns Markdown drafts. Pass check_website's or check_store's suggestedAnswers as answers so the documents disclose the right processing. Anonymous remote generation is template-based and capped at 3 locales; AI-tailored, hosted and auto-updated documents require a LexVibe account (https://golexvibe.com).

ParametersJSON Schema
NameRequiredDescriptionDefault
entityNoData controller / legal entity responsible for the app.
answersNoCompliance flags; pass check_website's suggestedAnswers. Recognized keys: usesAnalytics, processesPayments, usesGenerativeAI, collectsEmails, sharesWithThirdParties, platformType.
appNameYesPublic / commercial name of the product.
localesNoDocument languages (max 3 for anonymous callers). Defaults to the languages suggested by the chosen markets.
marketsYesRegions where the app has users; determines the legal frameworks covered.
contactEmailNoContact email for privacy requests and data-subject rights.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations declare readOnlyHint=true, which aligns with generating drafts (no side effects). The description adds context: generation is template-based or AI-tailored, with account requirements and locale caps. No contradiction.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences, concise and front-loaded. First sentence defines purpose and output; second expands on usage and limitations. No wasted words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a tool with 6 parameters and no output schema, the description covers the return format (Markdown drafts), key usage context (answers from sibling tools), and limitations (locale cap, account requirement). Sufficient for agent decision.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% with detailed descriptions. The description adds extra guidance: passing suggestedAnswers from sibling tools, and the locale cap of 3 for anonymous callers, supplementing the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states it generates legal documents (privacy policy, terms of service, AI disclosure) localized to target markets, returning Markdown drafts. This is distinct from sibling tools which check or claim, not generate.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines5/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly guides to pass check_website's or check_store's suggestedAnswers as 'answers' for proper disclosure. Also notes limitations: anonymous generation is template-based, capped at 3 locales, while AI-tailored requires a LexVibe account.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

get_claim_statusGet claim statusA
Read-only
Inspect

Check whether the user has confirmed a claim created with claim_app. While the user hasn't confirmed yet it returns {status: 'pending'} — wait a few seconds and call again (the link expires in 30 minutes). Once claimed it returns the REAL app id, the install snippet and the hosted privacy-policy URL: replace any placeholder (YOUR_APP_ID) snippet with the real one.

ParametersJSON Schema
NameRequiredDescriptionDefault
codeYesThe claim code returned by claim_app.
Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations indicate readOnlyHint=true and destructiveHint=false, which the description does not contradict. Description adds detailed behavior: pending status, retry logic, expiration, and return of real app ID, install snippet, and privacy-policy URL.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences, front-loaded with purpose, second sentence detailing behavior. No redundant words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no output schema, the description fully explains return format for both pending and confirmed states, including what to do with placeholders. Covers retry and expiration.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema covers 100% of parameter details with description 'The claim code returned by claim_app.' Description adds context about retry and output behavior, providing extra value beyond schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Clearly states 'check whether the user has confirmed a claim created with claim_app', specifying the verb, resource, and prerequisite. Differentiates from siblings like claim_app and get_install_snippet.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly guides when to use (after claim_app) and what to do while pending: 'wait a few seconds and call again'. Also mentions expiration (30 minutes). Lacks explicit when-not-to-use or alternative tools.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

get_install_snippetGet install snippetA
Read-only
Inspect

Return what to install for a LexVibe app id. For web: the one-line snippet (cookie banner with real script blocking + hosted policy links) to paste before , plus a JSX variant for React/Next.js layouts. For iOS/Android: the hosted privacy-policy URL and the exact App Store Connect / Google Play Console fields to paste it into. No app id yet? Call claim_app to create one in the user's account.

ParametersJSON Schema
NameRequiredDescriptionDefault
appIdYesLexVibe app id from the dashboard.
accentNoOptional brand color for the banner, as a hex value like #4f46e5.
platformNoTarget platform. Defaults to web.web
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate read-only and non-destructive behavior. The description adds concrete details: for web it returns a script snippet with cookie blocking and policy links, plus a JSX variant; for mobile it returns a URL and specific fields. This goes beyond annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is four sentences, well-organized with a general statement, platform-specific details, and a conditional note. Every sentence adds value, no wasted words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no output schema, the description adequately explains the return values per platform. It covers platform behavior and the key condition for missing app ids. Lacks explicit return format but sufficient for agent understanding.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The schema already has 100% coverage with descriptions for all parameters. The description adds context about platform-specific outputs but does not significantly enhance parameter meaning beyond what the schema provides. Baseline 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states it returns install instructions for a LexVibe app id, distinguishing between web and mobile platforms. It also mentions an alternative tool (claim_app) for missing app ids, making the purpose specific and differentiated from siblings.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly says to use this tool when you have an app id and provides clear guidance for different platforms. It also tells the user to call claim_app if no app id exists, offering a when-not-to-use condition. However, it does not list other exclusions.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Discussions

No comments yet. Be the first to start the discussion!

Try in Browser

Your Connectors

Sign in to create a connector for this server.

Resources