sigma-gate
Server Details
Deterministic trust gate for AI output: leaked-secret, prompt-injection & PII in one call.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 4.2/5 across 2 of 2 tools scored.
The two tools have distinct purposes: 'guard' performs security checks on content, while 'guard_selftest' is a self-test to verify the guard works. There is no overlap or ambiguity.
Both tool names use a consistent 'guard_' prefix with clear, descriptive suffixes. The naming pattern is uniform and predictable.
With only 2 tools, the set is minimal but appropriate for a single-purpose security gate server. The self-test tool is a helpful addition without overcomplicating the surface.
The main tool covers the core capability—detecting secrets, injections, and PII—with a clear output. The self-test ensures functionality. Minor gaps like custom configuration or per-threat-class calls are absent but not essential.
Available Tools
2 toolsguardAInspect
ONE deterministic pre-ship trust gate for AI/agent output. Leaked-secret (20+ providers), prompt-injection/jailbreak, and PII detection in one call -> safe_to_ship + block_reasons. No model, no API key, same verdict every time.
| Name | Required | Description | Default |
|---|---|---|---|
| text | Yes | text to gate | |
| context | No | ||
| block_at | No |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations provided, the description effectively conveys determinism, no reliance on external models or API keys, and consistent verdicts. This adds valuable behavioral context beyond the schema.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is concise with three sentences, each adding meaningful information. It is front-loaded with the tool's purpose and avoids unnecessary details.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool's simplicity (3 parameters, no output schema), the description provides sufficient context for an agent to understand its behavior, though missing details on the context parameter and block_at levels slightly reduce completeness.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is low (33%) and the description does not explain the 'context' parameter or the 'block_at' enum values beyond what the schema provides. The description fails to compensate for the missing parameter documentation.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states it is a deterministic pre-ship trust gate for AI/agent output, detecting leaked secrets, prompt injections, and PII, returning safe_to_ship and block_reasons. It distinguishes itself from the sibling guard_selftest.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies usage before shipping ('pre-ship trust gate') and highlights its simplicity ('no model, no API key'). However, it does not explicitly state when not to use or compare with alternatives beyond the sibling.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
guard_selftestAInspect
Prove every threat class fires + a clean input passes. No arguments.
| Name | Required | Description | Default |
|---|---|---|---|
No parameters | |||
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations, the description carries the full burden. It clearly states the tool tests both positive (clean input passes) and negative (threat classes fire) cases. However, it doesn't disclose failure behavior or side effects, which are minimal for a test tool.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
A single, front-loaded sentence with no wasted words. It conveys the purpose and argument requirement efficiently.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given no parameters and no output schema, the description is fairly complete. It explains what the tool does. Could mention result format but not essential for this self-test tool.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
There are zero parameters, so the baseline is 4. The description adds 'No arguments' which confirms the schema, but no additional parameter semantics needed.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Description clearly states the tool proves threat classes fire and clean input passes, with the verb 'Prove' and resource 'guard selftest'. It distinguishes from sibling 'guard' by implying this is a diagnostic test.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description 'No arguments' implies it's a simple verification tool, but it doesn't explicitly state when to use it versus alternatives like 'guard'. The context of siblings gives some implicit guidance, but lacks clear directives.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!