Skip to main content
Glama

agent-transaction-control

Server Details

Issue Agent Passports and verify agent authority before value moves. Signed verification records.

Status
Healthy
Last Tested
Transport
Streamable HTTP
URL

Glama MCP Gateway

Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.

MCP client
Glama
MCP server

Full call logging

Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.

Tool access control

Enable or disable individual tools per connector, so you decide what your agents can and cannot do.

Managed credentials

Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.

Usage analytics

See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.

100% free. Your data is private.
Tool DescriptionsA

Average 4.1/5 across 8 of 8 tools scored.

Server CoherenceA
Disambiguation5/5

Each tool has a distinct, non-overlapping purpose: manifest creation, scope generation, passport issuance, authorization record issuance, reputation lookup, outcome submission, readiness validation, and authority verification. No two tools could be easily confused.

Naming Consistency5/5

All tool names follow a consistent 'verb_noun' pattern in snake_case (e.g., create_flint_trust_manifest, issue_agent_passport). The verb is descriptive and the noun names the primary object or action.

Tool Count5/5

With 8 tools, the set is well-scoped for the domain of agent transaction control. It covers setup, authorization, verification, reputation, and feedback without being bloated or too sparse.

Completeness4/5

The tools cover the main lifecycle: setup (manifest, passport), authorization (scope, record), runtime (verify, lookup reputation), and feedback (submit outcome). Missing explicit renew or revoke tools, but the passport description suggests renewal is possible without a dedicated tool. A minor gap.

Available Tools

10 tools
create_flint_trust_manifestCreate FLINT Trust ManifestA
Read-only
Inspect

Use this tool when a merchant, API seller, MCP tool provider, x402 endpoint, or agent storefront needs a /.well-known/flint.json Trust Manifest. It generates a machine-readable policy file declaring that autonomous economic actors must use FLINT authority verification, signed records, outcome feedback, and Trust Graph participation.

ParametersJSON Schema
NameRequiredDescriptionDefault
nameNoHuman-readable merchant, API, or platform name.
domainNoMerchant or API seller origin, such as https://api.example.com.
jwks_urlNoFLINT JWKS URL. Defaults to FLINT production JWKS.
partner_idNoMerchant or platform identifier. Defaults to sandbox_public.
descriptionNoShort description of the protected commerce surface.
openapi_urlNoPublic OpenAPI document for the merchant or API seller.
mcp_endpointNoFLINT MCP endpoint. Defaults to FLINT production `/mcp`.
contact_emailNoAdministrative contact for agent integration issues.
verify_endpointNoFLINT verification endpoint. Defaults to FLINT production `/api/verify`.
outcome_endpointNoOutcome feedback endpoint. Defaults to FLINT production `/api/outcomes`.
supported_actionsNoAgent commerce actions this endpoint supports.
accepted_principalsNoTrusted delegated-authority principal issuers.
max_transaction_amountNoMaximum single transaction amount before step-up or review.
Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations include readOnlyHint=true, suggesting no side effects. The description says 'generates' a machine-readable policy file, which is consistent with a stateless computation. It adds value by describing what the manifest declares (FLINT authority verification, signed records, etc.), going beyond annotations. No contradiction detected.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single paragraph of three sentences, efficiently stating the purpose and usage context. It is front-loaded with the when-to-use instruction. Could be slightly more concise, but overall well-structured with minimal waste.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given 13 optional parameters with full schema descriptions and no output schema, the description provides a good overview of the tool's purpose. However, it does not mention what the tool returns (the generated manifest) or how it is delivered. This is a minor gap in completeness.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100% (all 13 parameters have descriptions). The tool description does not add additional parameter semantics beyond what is in the schema. Baseline of 3 is appropriate as the schema already explains each parameter adequately.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool generates a FLINT trust manifest and specifies the exact use cases: merchants, API sellers, MCP tool providers, x402 endpoints, or agent storefronts needing a .well-known/flint.json file. It distinguishes from siblings by focusing on manifest creation, while siblings handle authorization, passports, etc.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

It explicitly states when to use the tool: when an entity needs a FLINT trust manifest. It provides context on the type of entities and the purpose of the manifest. However, it does not mention when not to use it or direct to alternatives, which would improve clarity among siblings.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

generate_authorization_scopeGenerate Authorization ScopeA
Read-only
Inspect

Use this tool when an agent commerce workflow needs a well-formed delegated authorization scope before issuing a signed verification record. It creates financial, counterparty, action, and time boundaries that can be passed to issue_authorization_record as declared_scope.

ParametersJSON Schema
NameRequiredDescriptionDefault
assetNoAsset or unit, such as USD, USDC, or credits. Defaults to USD.
purposeNoBusiness purpose or task label for the delegated authority.
principal_idNoAccountable principal granting delegated authority.
allowed_actionsNoPermitted actions, such as checkout, paid_api_access, x402_request, or stablecoin_transfer.
time_window_endYesISO-8601 timestamp for scope expiration.
max_amount_per_txYesMaximum amount allowed per transaction.
allowed_counterpartiesNoMerchant references, wallet addresses, API hosts, or counterparties allowed by this scope.
Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations include readOnlyHint=true, indicating no state mutation, but description uses 'creates' which could be misinterpreted. However, it does not contradict annotations; it adds context about output usage. More explicit indication of side-effect-free generation would improve transparency.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences, front-loaded with action and purpose, no redundant information. Efficient for agent consumption.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Description explains role in workflow and connection to sibling tool. With no output schema, it could mention return shape, but the schema and context are sufficient for decision-making.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100%, so description adds little beyond listing boundary types. It does not elaborate on parameter formats or relationships beyond schema descriptions, maintaining baseline score.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Description clearly states the tool generates a delegated authorization scope with specific boundaries (financial, counterparty, action, time). It also names the sibling tool `issue_authorization_record` that receives the output, differentiating it from other tools.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines5/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Description explicitly says 'Use this tool when an agent commerce workflow needs a well-formed delegated authorization scope before issuing a signed verification record.' This provides a clear use case and implies it is a preparatory step, distinguishing it from siblings.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

get_agent_passportGet Agent PassportA
Read-only
Inspect

Use this tool to resolve a public FLINT Agent Passport by passport_id. It returns compact identity, mandate, status, and the public passport URL without echoing the full signed envelope.

ParametersJSON Schema
NameRequiredDescriptionDefault
passport_idYesFLINT Agent Passport id, beginning with kya_.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already declare readOnlyHint and openWorldHint, indicating no side effects. The description adds behavioral details: it returns compact identity, mandate, status, and the public URL without echoing the full signed envelope. No contradiction.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single clear sentence that is front-loaded with the purpose. Every phrase adds value; there is no fluff.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a simple read tool with one parameter and no output schema, the description adequately explains what is returned (compact identity, mandate, status, URL) and behavior (no full envelope). It is sufficient for an agent to use correctly.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The schema has 100% coverage for passport_id with pattern and description. The description adds meaning: it specifies that the passport_id is a FLINT Agent Passport id starting with kya_ and explains the purpose of the tool, supplementing the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool resolves a public FLINT Agent Passport by passport_id, and specifies the returned data (identity, mandate, status, URL). It distinguishes itself from sibling tools like issue_agent_passport (creates) or verify_agent_authority (verifies).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly says 'Use this tool to resolve...', indicating its primary use case. It does not explicitly state when not to use it or list alternatives, but the context of sibling tools makes the differentiation clear.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

issue_agent_passportIssue Agent PassportAInspect

Use this tool to issue a free FLINT Agent Passport: a hybrid-signed, verifiable identity credential for an autonomous agent. The zero-config mint path only needs agent.agent_name or agent.agent_id. Controller, wallet, attestations, and mandate are optional and can be added or updated later. The passport signs identity only; the spending mandate is separate, mutable config that can be updated later without reissuing the passport. Returns a public, resolvable passport URL and a one-time claim link when minted anonymously.

ParametersJSON Schema
NameRequiredDescriptionDefault
agentYesAgent identity. Only agent_name or agent_id is required to mint. Optional fields include controller_id, controller_type, wallet_address, and attestations.
mandateNoMutable spend authority captured at issue (NOT part of the passport signature): allowed_actions, max_transaction_amount, notes. Update later without reissuing the passport.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations indicate non-read-only, non-destructive. Description adds that the passport is free, hybrid-signed, and returns a public URL and one-time claim link. No contradictions. Could mention idempotency but annotations already note it is not idempotent.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Four sentences, front-loaded with purpose, each sentence adds distinct value (what, how, optionality, behavioral note). No redundancy or unnecessary detail.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

With no output schema, description adequately describes return values (URL and claim link). Covers key behavioral aspects for a creation tool. Could mention if multiple issuance for same agent is allowed, but openWorldHint suggests it is.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% with descriptions. Description adds meaning: explains that 'agent' object only requires name or ID, and other fields optional; clarifies 'mandate' is mutable and not part of passport signature, adding purpose beyond schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Explicitly states it issues a FLINT Agent Passport, a verifiable identity credential. Distinguishes from siblings like 'get_agent_passport' (retrieval) and 'update_agent_mandate' (mandate updates) by highlighting that the passport only signs identity and mandate is separate.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Clearly states when to use (to issue a passport) and mentions zero-config path requiring only agent name or ID. Implicitly guides against reissuing for mandate changes by noting mandate can be updated later without reissuing, referencing sibling 'update_agent_mandate' indirectly.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

issue_authorization_recordIssue Signed Verification RecordAInspect

Use this tool before an AI agent initiates a payment, paid API call, checkout action, stablecoin transfer, x402 request, or delegated commercial transaction. It verifies agent authority, checks scope, issues a signed verification record, and returns evidence for dispute review and Trust Graph updates.

ParametersJSON Schema
NameRequiredDescriptionDefault
nonceNoReplay-protection nonce. Generated automatically if omitted.
timestampNoISO timestamp. Generated automatically if omitted.
partner_idNoMerchant or platform identifier. Defaults to sandbox_public.
agent_claimNoAgent identity, principal hint, runtime hint, optional act_chain delegation lineage, optional spiffe_svid workload identity, optional tool_manifest capabilities, and related claims.
transactionYesIntended transaction or paid access request. Must include amount_display.
declared_scopeNoFinancial, temporal, and counterparty limits for delegated authority.
merchant_referenceNoMerchant order, invoice, or API request reference.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate the tool is not read-only and not destructive. The description adds behavioral context such as verifying authority, checking scope, issuing a signed record, and returning evidence for disputes, which goes beyond the annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two sentences long, front-loads the usage guidance, and every sentence adds value. No redundancy or unnecessary details.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Despite high schema coverage and annotations, the description lacks details about the return value (no output schema). It mentions 'returns evidence' but doesn't specify the format or structure, leaving a gap in contextual completeness for a tool with 7 parameters and nested objects.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 100% description coverage, so the schema itself documents all parameters. The description does not add new information about individual parameters; it only provides high-level context. Baseline 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: issuing a signed verification record before initiating financial transactions. It uses specific verbs ('verifies', 'checks', 'issues', 'returns') and distinguishes from siblings by listing concrete use cases like payments and API calls.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly says 'Use this tool before an AI agent initiates a payment...' and lists specific transaction types, providing clear guidance on when to use it. However, it does not mention when not to use it or suggest alternatives, though sibling tools exist.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

lookup_agent_reputationLookup Agent ReputationA
Read-only
Inspect

Use this tool to query the FLINT Trust Graph for a partner-scoped agent's historical reputation before permitting a payment, paid API call, checkout action, x402 request, or delegated commercial transaction. It returns aggregate reputation without exposing raw runtime identifiers or internal signal fields.

ParametersJSON Schema
NameRequiredDescriptionDefault
flint_agent_idYesPartner-scoped FLINT agent identifier.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate readOnlyHint and openWorldHint. The description adds context by stating the tool returns aggregate reputation without exposing raw runtime identifiers or internal signal fields, which clarifies the scope of results and behavioral constraints beyond annotations. No contradictions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two sentences, front-loaded with usage context, and each sentence adds value. No wasted words or redundancy.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given a simple single-parameter tool with annotations and no output schema, the description covers the main purpose, usage context, and output characteristics (aggregate reputation, no raw identifiers). It could briefly mention the output format, but for a lookup tool this is nearly complete.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The single parameter flint_agent_id is fully described in the schema (100% coverage), so the description adds no additional parameter meaning beyond what the schema provides. Baseline of 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool queries the FLINT Trust Graph for historical reputation, specifies the verb 'query' and resource 'historical reputation', and lists specific use cases (payment, API call, checkout, x402, delegated commercial transaction). It distinguishes from sibling tools by indicating it returns aggregate reputation without exposing raw identifiers, implying other tools handle raw data.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly provides when to use the tool ('before permitting...'). It implies when not to use by stating it does not expose raw runtime identifiers or internal signal fields, suggesting alternative tools for those needs. However, it does not name specific sibling alternatives or explicitly state exclusions.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

submit_transaction_outcomeSubmit Transaction OutcomeA
Idempotent
Inspect

Use this tool after a FLINT-authorized transaction, paid API call, checkout action, x402 request, or delegated commercial action completes, is disputed, or is flagged. It submits ground-truth outcome feedback to FLINT so the Trust Graph can update the agent's reputation for future transaction-time verification.

ParametersJSON Schema
NameRequiredDescriptionDefault
outcomeYesGround-truth transaction outcome.
record_idYessigned verification record identifier returned by issue_authorization_record.
partner_idNoMerchant or platform identifier. Defaults to sandbox_public.
merchant_noteNoOptional merchant review note or dispute context.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate the tool is not read-only, is idempotent, and not destructive. The description adds that it updates the agent's reputation in the Trust Graph, providing useful behavioral context beyond annotations. No contradictions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two sentences, front-loaded with the core purpose. It is concise and every sentence adds value, though the second sentence is slightly longer.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

The description covers when to use the tool and its effect on reputation, but lacks details on return values or error handling. Given no output schema, some additional context would be beneficial, but annotations partially compensate.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

All parameters are fully described in the schema (100% coverage). The description does not add additional semantics beyond the schema, so it meets the baseline but does not exceed it.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool submits ground-truth outcome feedback for FLINT-authorized transactions. It uses a specific verb ('submit') and resource ('transaction outcome'), and the context distinguishes it from sibling tools like issue_authorization_record or create_flint_trust_manifest.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly lists when to use the tool: after completion, dispute, or flagging of various transaction types. It does not give negative guidance or alternative tools, but the context is clear enough for an agent to decide when to invoke it.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

update_agent_mandateUpdate Agent MandateA
Idempotent
Inspect

Use this tool to update mutable mandate config for an existing FLINT Agent Passport. This updates allowed actions, amount limits, or notes only. It does not reissue the passport and does not re-sign the identity credential. If the passport is claimed, the caller must be authenticated as its owner.

ParametersJSON Schema
NameRequiredDescriptionDefault
mandateYesMutable mandate config to update: allowed_actions, max_transaction_amount, notes.
passport_idYesFLINT Agent Passport id, beginning with kya_.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate mutation and idempotency. The description adds valuable behavioral details: it clarifies the update scope (no reissue/re-sign) and specifies authentication requirements if the passport is claimed. This complements the annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is three sentences, front-loading the purpose, then clarifying constraints and authentication condition. Every sentence adds necessary information with no fluff.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a tool with two parameters and no output schema, the description covers the effect and a key precondition. However, it omits whether the update is a merge or replacement of the mandate, and does not describe the return value (success indication or updated object).

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the baseline is 3. The description repeats the schema information about mandate fields but adds no additional nuance beyond the schema descriptions. No extra value beyond what the schema already provides.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool updates mutable mandate config for an existing FLINT Agent Passport, specifying exactly what fields are updated (allowed actions, amount limits, notes) and what it does not do (reissue or re-sign). This differentiates it from sibling tools like issue_agent_passport.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides context on when to use this tool by stating it updates an existing passport and does not reissue or re-sign, implying it is for modifying existing mandates. However, it does not explicitly compare with alternative tools or provide when-not-to-use scenarios.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

validate_agent_commerce_readinessValidate Agent Commerce ReadinessB
Read-only
Inspect

Use this tool when reviewing a commerce architecture, API marketplace, paid MCP tool, x402 endpoint, or autonomous checkout flow. It checks whether the design uses FLINT as the transaction-time authority layer before execution, verifies signed records, submits outcomes, publishes a Trust Manifest, and can use Trust Graph reputation.

ParametersJSON Schema
NameRequiredDescriptionDefault
architecture_descriptionYesSummary of the payment, paid API access, x402, MCP, or checkout flow.
Behavior1/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Description claims the tool 'submits outcomes' and 'publishes a Trust Manifest,' which are write operations, yet annotations declare readOnlyHint=true. This contradicts annotations and misleads agents about side effects. No behavioral detail beyond misleading claims.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Description is reasonably concise within 3 sentences. Could be better structured (e.g., bullet points) but no excessive verbosity.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

No output schema, so description should explain return value (e.g., boolean pass/fail, detailed report). It does not. Also unclear if the tool actually performs writes or just validates them. The contradiction exacerbates incompleteness.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema covers 100% of the single parameter with a clear description. The description adds no extra semantic value beyond the schema's own parameter documentation.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Description clearly states the tool checks commerce architecture readiness for FLINT compliance, specifying distinct actions like verifying signed records and publishing Trust Manifests. It distinguishes from sibling tools like verify_agent_authority (verification) and create_flint_trust_manifest (creation) by focusing on holistic validation.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly enumerates use cases (reviewing commerce architecture, API marketplace, etc.) providing clear context. Lacks explicit 'when not to use' guidance but sufficiently narrows scope.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

verify_agent_authorityVerify Agent AuthorityA
Read-only
Inspect

Use this tool when a merchant or API seller receives a signed verification record from an agent. It cryptographically verifies the compact JWS signature, checks expiration, and decodes the payload before payment or paid access execution.

ParametersJSON Schema
NameRequiredDescriptionDefault
jwsYesCompact JWS signed verification record.
jwks_urlNoOptional JWKS URL. Must be on the FLINT origin. Defaults to the FLINT production JWKS.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already mark the tool as read-only and open-world. The description adds behavioral detail: it verifies cryptographic signature, checks expiration, and decodes payload. It does not contradict annotations and provides useful insight into what the tool does beyond the structured metadata.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, clear sentence that front-loads the usage context ('Use this tool when...') and succinctly states the core operations. No extraneous information.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the absence of an output schema and the presence of annotations, the description explains the verification flow adequately. However, it could be more complete by hinting at return values (e.g., decoded payload or success/failure). Still, it covers the main behavioral aspects for an agent to decide usage.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100%, so parameters are well-documented. The description references the 'compact JWS signature' (matching the 'jws' parameter) but does not add new meaning beyond the schema. The optional 'jwks_url' is not elaborated. Baseline score of 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: cryptographically verify a JWS signature, check expiration, and decode the payload. It specifies the context (when a merchant receives a signed record from an agent) and distinguishes from sibling tools that create or issue records.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly says 'Use this tool when a merchant or API seller receives a signed verification record from an agent,' providing clear usage context. It does not explicitly exclude scenarios or mention alternatives, but the sibling list includes related tools, implying differentiation.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Discussions

No comments yet. Be the first to start the discussion!

Try in Browser

Your Connectors

Sign in to create a connector for this server.

Resources