vouch
Server Details
Check if a counterparty is safe to pay: trust/risk score for AI agents. Scam/phishing screen.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
- Repository
- notifuturo/vouch
- GitHub Stars
- 0
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 3.7/5 across 2 of 2 tools scored. Lowest: 3.1/5.
Each tool has a clearly distinct purpose: one for reporting host reputation (add data to the graph), the other for checking trust before payment. No overlap or ambiguity.
Both tools follow a consistent 'vouch_<noun>' pattern (vouch_report, vouch_score), making them easily distinguishable and predictable.
With only two tools, the server is tightly scoped to its core functions—reporting and checking trust. This is appropriate for a focused, no-frills service.
The two tools cover the essential operations (check trust, report host). A minor gap is the lack of a free tool for detailed explainable reasons (which is a paid endpoint), but the core workflow is complete.
Available Tools
2 toolsvouch_reportBInspect
Report a host as a scam/bad actor ('flag') or as trustworthy ('vouch'), improving Vouch's community reputation graph for everyone's future payment-trust checks. Free.
| Name | Required | Description | Default |
|---|---|---|---|
| kind | Yes | ||
| reason | No | ||
| target | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description must carry the full burden. It mentions 'Free' and that reports improve the reputation graph, but it does not disclose important behavioral traits such as whether reports are immediately effective, can be reversed, require authentication, or have rate limits. The description is insufficient for an agent to understand the tool's side effects.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is one concise sentence plus the word 'Free.' It is front-loaded with the main action and is efficiently written with no wasted words. However, it could include more detail without becoming verbose.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
For a simple 3-parameter tool with no output schema, the description provides the basic purpose and effect (improving reputation graph). However, it lacks explanation of the 'reason' parameter and does not describe the return value or confirmation. Given the tool's simplicity, this is minimally adequate but not complete.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The input schema has 0% description coverage, so the description must compensate. It explains 'target' as 'host' and 'kind' as 'flag' or 'vouch', but it completely omits the optional 'reason' parameter. The description adds some meaning over the raw schema but fails to document all parameters.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the action ('Report a host as a scam/bad actor or as trustworthy') and the resource ('host'), using specific verbs and examples. It implicitly distinguishes from the sibling tool 'vouch_score' by focusing on submitting reports rather than querying scores.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description does not provide explicit guidance on when to use this tool versus the sibling 'vouch_score'. It implies the purpose (improving reputation graph) but lacks conditions, exclusions, or comparative context needed for an agent to decide between the two related tools.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
vouch_scoreAInspect
Check whether a counterparty is SAFE TO PAY before sending money. Given a URL or host, returns a 0-100 trust score and risk band (low/medium/high/critical), detecting scams, phishing, and known-malicious endpoints via threat feeds, domain risk heuristics, and a community reputation graph. Call this before paying any merchant, API, agent, or x402 resource. Free — for the full explainable reasons AND a signed, verifiable attestation (proof of the check for audit/disputes), call the paid POST /v1/check endpoint via x402.
| Name | Required | Description | Default |
|---|---|---|---|
| target | Yes | Counterparty URL or hostname. |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description carries the full burden. It discloses the return format (0-100 score and risk band), detection methods (threat feeds, domain risk heuristics, community graph), and distinguishes between the free and paid versions. It does not mention any destructive behavior, rate limits, or authentication needs, but for a read-only scoring tool this is acceptable. The description is transparent about the tool's capabilities and limitations.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is two sentences, each sentence serves a distinct purpose: the first states the core function with output details, and the second provides usage context and an alternative. It is highly concise with no redundant information, and the key purpose is front-loaded.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the simplicity of the tool (one parameter, no output schema), the description covers all necessary information: what it does, what it returns, when to use it, and mentions the paid alternative for extended capabilities. It is complete for an agent to select and invoke the tool correctly.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The input schema has full description coverage (100%) for the single parameter 'target', describing it as 'Counterparty URL or hostname.' The description adds no extra semantics beyond this, simply repeating 'Given a URL or host.' Since the schema already fulfills the parameter documentation, the description adds marginal value.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool's purpose: checking if a counterparty is safe to pay before sending money. It specifies the verb (check), resource (counterparty safety), and output (0-100 trust score and risk band). It differentiates from the paid POST endpoint (likely the sibling tool vouch_report) by noting it's free and only provides a score, while the paid version gives full reasons and attestations.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description explicitly states when to use: 'Call this before paying any merchant, API, agent, or x402 resource.' It also mentions an alternative for more detailed information (the paid POST endpoint). While it does not explicitly state when not to use, the guidance is strong and provides context.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!