Skip to main content
Glama

SimplyScan

Server Details

Security, SEO and AI-visibility scanner for web apps · free scans and focused checks via MCP.

Status
Healthy
Last Tested
Transport
Streamable HTTP
URL

Glama MCP Gateway

Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.

MCP client
Glama
MCP server

Full call logging

Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.

Tool access control

Enable or disable individual tools per connector, so you decide what your agents can and cannot do.

Managed credentials

Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.

Usage analytics

See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.

100% free. Your data is private.
Tool DescriptionsA

Average 4.1/5 across 7 of 7 tools scored.

Server CoherenceA
Disambiguation5/5

Each tool targets a distinct aspect of website analysis: AI visibility, email security, exposed files, security headers, SEO, SSL, and a general scan. No two tools overlap in purpose, making it easy for an agent to select the right one.

Naming Consistency4/5

Six of seven tools follow the 'check_<subject>' pattern, which is clear and consistent. The outlier 'scan_website' breaks the pattern but is still understandable. Overall, naming is predictable with a minor deviation.

Tool Count5/5

Seven tools is an appropriate number for a website scanning/analysis server. It covers key areas (security, SEO, AI visibility) without being overwhelming. Each tool earns its place by addressing a specific need.

Completeness4/5

The tool surface covers major website concerns: security (headers, SSL, exposed files, email), SEO, and AI visibility. The general 'scan_website' tool likely fills gaps like performance and secrets. Missing some niche checks (e.g., accessibility), but the core is well-covered.

Available Tools

7 tools
check_ai_visibilityCheck AI visibility (AEO)A
Read-only
Inspect

AEO check: whether AI answer engines (ChatGPT/GPTBot, Claude, Perplexity, Google-Extended, etc.) can crawl and cite the site, plus llms.txt and structured-data signals.

ParametersJSON Schema
NameRequiredDescriptionDefault
urlYesFull https URL to check
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations declare readOnlyHint and openWorldHint. The description adds specifics (crawlability, citation, llms.txt, structured data) beyond annotations, enhancing transparency without contradiction.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a concise single sentence, front-loaded with the core purpose. Minor abbreviations (AEO, llms.txt) could be clarified but do not detract significantly.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a simple tool with one parameter and no output schema, the description fully explains what the tool does and what to expect. Annotations cover behavioral aspects.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% and describes the URL parameter clearly. The description adds output context but does not improve parameter understanding beyond the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool checks AI answer engine visibility, listing specific engines and signals. It distinguishes from sibling tools focused on other checks.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides context ('AEO check') and implicitly indicates using this for AI visibility, but lacks explicit guidance on when not to use it or alternatives to prefer.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

check_email_securityCheck email security (SPF/DKIM/DMARC)A
Read-only
Inspect

Check a domain's email authentication: SPF, DKIM (common selectors), and DMARC policy. Flags spoofable domains.

ParametersJSON Schema
NameRequiredDescriptionDefault
domainYesDomain, e.g. example.com
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate readOnlyHint=true and openWorldHint=true. The description adds specificity about what is checked (SPF, DKIM, DMARC) and the 'flags spoofable domains' outcome. This provides useful context beyond annotations without contradicting them.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single clear sentence that immediately conveys the tool's purpose. Every word is informative, and it is front-loaded with the verb 'Check'. No wasted text.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the simple schema (1 param, no nested objects, no output schema) and annotations (readOnly, openWorld), the description is largely adequate. It covers what is checked and the outcome ('flags spoofable domains'). However, it does not describe the return format or any additional behavioral traits like typical response structure.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% (single parameter 'domain' described with example). The description does not add new parameter-level detail but reinforces that the domain is the input for email authentication checks. Baseline score of 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool checks a domain's email authentication (SPF, DKIM, DMARC) and flags spoofable domains. It uses a specific verb 'Check' and explicitly lists the authentication mechanisms, distinguishing it from siblings like 'check_security_headers' or 'check_ssl'.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage for assessing email security but does not explicitly state when to use this tool over alternatives. No exclusion criteria or alternative tool mentions are provided, leaving the agent to infer context from sibling tool names.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

check_exposed_filesCheck for exposed filesA
Read-only
Inspect

Probe a site for accidentally exposed high-risk files (.env, .git/config, backups, etc.). Reports HTTP status only, never file contents.

ParametersJSON Schema
NameRequiredDescriptionDefault
urlYesFull https URL to check
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already mark the tool as read-only and open-world. The description adds that it never retrieves file contents, which is a key behavioral constraint beyond the annotations. No contradictions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two concise sentences, front-loaded with purpose and immediately followed by a key restriction. No wasted words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the simplicity of the tool (one parameter, no output schema), the description fully covers purpose, behavior, and limitations. It is complete for an agent to understand and invoke the tool correctly.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100% for the single 'url' parameter, so the parameter's meaning is fully defined. The description adds little beyond the schema's 'Full https URL' specification, meeting the baseline of 3.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: probing for accidentally exposed high-risk files like .env or .git/config. It uses a specific verb and resource, and the scope is distinct from sibling tools like check_security_headers or check_ssl.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies use for checking file exposure and reports only HTTP status, but does not explicitly state when to use this tool versus alternatives like check_security_headers. The 'never file contents' disclaimer clarifies a limitation.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

check_security_headersCheck security headersA
Read-only
Inspect

Grade a URL's HTTP security headers (CSP, HSTS, X-Frame-Options, Referrer-Policy, Permissions-Policy, COOP, COEP) A-F.

ParametersJSON Schema
NameRequiredDescriptionDefault
urlYesFull https URL to check
Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already declare readOnlyHint=true and openWorldHint=true. The description adds 'Grade' which implies read-only behavior, but does not disclose additional traits like rate limits or failure handling. It does not contradict annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single concise sentence that is front-loaded with the verb and resource. Every word serves a purpose with no unnecessary text.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

The tool has only one parameter and annotations cover safety (readOnly, openWorld). However, there is no output schema, and the description does not explain the return format (e.g., a single grade or per-header grades). This lack of output details limits completeness for an agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% and the parameter description in the schema ('Full https URL to check') matches the description in the tool description. No additional semantic information is provided beyond the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description explicitly states the verb 'Grade' and the resource 'URL's HTTP security headers', listing specific headers (CSP, HSTS, etc.) and the grading scale (A-F). This clearly distinguishes it from sibling tools like check_ssl or check_seo.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The tool's purpose is clear, but there is no explicit guidance on when to use it versus alternatives like check_ssl or check_email_security. Usage is implied through the description but not formally stated.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

check_seoCheck on-page SEOA
Read-only
Inspect

On-page SEO audit of a URL: title, meta description, H1, canonical, indexability, Open Graph, structured data, image alt coverage, sitemap. Returns an A-F grade.

ParametersJSON Schema
NameRequiredDescriptionDefault
urlYesFull https URL to check
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already declare readOnlyHint=true and openWorldHint=true, indicating a safe, read-only operation. The description adds value by specifying exactly what elements are checked (title, meta description, etc.) and that it returns a grade, providing behavioral context beyond the annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two sentences long, front-loaded with the purpose, and contains no unnecessary words. Every sentence adds value.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's simplicity (one parameter, no output schema), the description is fully adequate. It explains what the tool does, what it checks, and the output format (A-F grade). No further details are needed.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

There is only one parameter (url) with schema coverage at 100%. The description does not add extra meaning beyond the schema's 'Full https URL to check'. Baseline score of 3 is appropriate as the schema already handles the parameter documentation.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states it performs an 'on-page SEO audit' of a URL and lists specific checks (title, meta description, H1, etc.). It also mentions the output format (A-F grade). This distinguishes it from sibling tools like check_ssl or check_security_headers.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description does not explicitly state when to use this tool versus alternatives. While the context of sibling tools implies it's for on-page SEO, there is no guidance on when not to use it or which tool is better for other SEO aspects.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

check_sslCheck SSL/TLS certificateA
Read-only
Inspect

Inspect a domain's SSL/TLS certificate: issuer, expiry, protocol, and flags for expiring/self-signed/mismatched certs.

ParametersJSON Schema
NameRequiredDescriptionDefault
domainYesDomain, e.g. example.com
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate readOnlyHint and openWorldHint. The description adds behavioral context by stating the tool inspects certificate details and flags specific issues (expiring, self-signed, mismatched), enhancing transparency.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single sentence that is clear and front-loaded with the action and resource, efficiently conveying all necessary information without excess.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

With one parameter, no output schema, and clear annotations, the description covers the tool's purpose and key outputs (flags) adequately. Minor gap: no mention of return format, but overall complete enough.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% with parameter description 'Domain, e.g. example.com'. The description does not add new semantic info beyond what the schema provides, so baseline score of 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description specifies the action 'inspect' and resource 'domain's SSL/TLS certificate', listing key details like issuer, expiry, protocol, and flags. This clearly distinguishes it from sibling tools like check_security_headers or check_email_security.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage for inspecting SSL certificates but lacks explicit guidance on when to use this tool versus alternatives, such as when to prefer check_security_headers for header issues.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

scan_websiteScan websiteA
Read-only
Inspect

Run a free SimplyScan security & speed scan of a deployed web app URL. Returns a 0-100 score and findings (exposed secrets, missing Supabase RLS, frontend leaks, speed issues). Best for apps built with Lovable, Bolt, v0, Cursor, Replit, etc.

ParametersJSON Schema
NameRequiredDescriptionDefault
urlYesFull https URL to check
Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already declare readOnlyHint=true and openWorldHint=true. Description adds that it's a 'free' scan and lists what it finds (exposed secrets, RLS, leaks, speed issues), complementing annotations without contradiction.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two concise sentences. First sentence states the action and output, second sentence provides typical use case. No unnecessary words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given one parameter and no output schema, the description mentions the return format (0-100 score and findings) and lists example findings, which is sufficient for an agent to understand what to expect.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema has 100% coverage for the single parameter 'url' with description 'Full https URL to check'. Description adds context that it must be a deployed web app URL, going slightly beyond the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Clearly states it runs a security and speed scan on a deployed web app URL, returning a 0-100 score and specific findings. Distinguishes from sibling tools that perform individual checks (SSL, SEO, etc.).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly says it's 'Best for apps built with Lovable, Bolt, v0, Cursor, Replit, etc.', providing context for when to use it. Could mention when not to use, but the guidance is clear.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Discussions

No comments yet. Be the first to start the discussion!

Try in Browser

Your Connectors

Sign in to create a connector for this server.

Resources