unphurl-mcp

check_url

Analyze a URL's security and data quality. Returns a risk score with detailed signal breakdown across redirects, brand, domain, SSL, parking, structure, and DNS.

Instructions

Check a single URL for security and data quality signals. Returns a risk score (0-100), detailed signal breakdown, and metadata.

Unphurl analyses URLs across seven dimensions: redirect behaviour, brand impersonation, domain intelligence (age, registrar, expiration, status codes, nameservers via RDAP), SSL/TLS validity, parked domain detection, URL structural analysis (length, path depth, subdomain count, entropy), and DNS enrichment (MX records). The score is calculated from these signals using either default weights or a custom scoring profile.

Higher scores mean more suspicious. The score is a signal, not a verdict. You decide the threshold based on the use case.

Billing: Most lookups are free. Known domains (Tranco Top 100K like google.com, github.com) return instantly with score 0 at no cost. Previously analysed domains return cached signals at no cost. Only unknown domains that run through the full analysis pipeline cost 1 pipeline check credit. The response's meta.pipeline_check_charged field tells you whether this check consumed a credit.

Use the "profile" parameter to score results with custom weights. For example, a "cold-email" profile might weight parked domains heavily while ignoring brand impersonation. Use list_profiles to see available profiles, or show_defaults to see all signal weights.

If the account has zero credits and the URL requires a full pipeline check, returns a 402 error with a link to purchase more credits.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`url`	Yes	The URL to check (must be http:// or https://)
`profile`	No	Name of a custom scoring profile to use (optional). If omitted, default weights are used.

Implementation Reference

src/tools/check.ts:40-51 (handler)

The check_url tool handler function. Validates API key, calls api.check(url, profile), and returns the result or an error. This is the core execution logic for the check_url tool.

  async ({ url, profile }) => {
    if (!api.hasApiKey) return authError();

    try {
      const result = await api.check(url, profile);
      return successResult(result);
    } catch (err) {
      if (err instanceof ApiRequestError) return apiErrorToResult(err);
      return errorResult(err instanceof Error ? err.message : "Unknown error");
    }
  }
);

src/tools/check.ts:30-38 (schema)

Input schema for check_url: requires a URL string (max 2048 chars) and an optional profile name string.

inputSchema: {
  url: z.string().url().max(2048).describe("The URL to check (must be http:// or https://)"),
  profile: z
    .string()
    .optional()
    .describe(
      "Name of a custom scoring profile to use (optional). If omitted, default weights are used."
    ),
},

src/tools/check.ts:15-17 (registration)
Registration of the check_url tool via server.registerTool() with the name 'check_url', called from src/index.ts line 35.
```
export function registerCheckTool(server: McpServer, api: UnphurlAPI): void {
  server.registerTool(
    "check_url",
```

src/api.ts:129-133 (helper)

The api.check() method that check_url's handler delegates to. Makes a GET request to /v1/check with the URL and optional profile parameter.

async check(urlToCheck: string, profile?: string): Promise<CheckResponse> {
  let path = `/v1/check?url=${encodeURIComponent(urlToCheck)}`;
  if (profile) path += `&profile=${encodeURIComponent(profile)}`;
  return this.doRequest<CheckResponse>("GET", path);
}

src/tools/helpers.ts:1-76 (helper)

Shared helper utilities used by the check_url handler: successResult, errorResult, authError, and apiErrorToResult for consistent MCP tool result formatting.

// Shared utilities for MCP tool handlers
// Provides consistent success/error formatting across all tools

import type { CallToolResult } from "@modelcontextprotocol/sdk/types.js";
import { ApiRequestError } from "../api.js";

// Wrap any data as a successful MCP tool result
export function successResult(data: unknown): CallToolResult {
  return {
    content: [{ type: "text", text: JSON.stringify(data, null, 2) }],
  };
}

// Return a plain error message as an MCP tool error
export function errorResult(message: string): CallToolResult {
  return {
    content: [{ type: "text", text: JSON.stringify({ error: message }) }],
    isError: true,
  };
}

// Standard error for tools that require an API key but none is configured
export function authError(): CallToolResult {
  return {
    content: [
      {
        type: "text",
        text: JSON.stringify({
          error: "auth_required",
          message:
            "API key is missing. Set UNPHURL_API_KEY in your MCP server configuration, or use the signup tool to create an account first.",
        }),
      },
    ],
    isError: true,
  };
}

// Convert an API error into an MCP tool error
// Special-cases 402 (insufficient credits) to prompt the agent toward the purchase tool
export function apiErrorToResult(err: ApiRequestError): CallToolResult {
  const body = err.apiError;

  if (err.status === 402) {
    return {
      content: [
        {
          type: "text",
          text: JSON.stringify(
            {
              ...body,
              _hint:
                "Use the purchase tool to buy more credits, or get_pricing to see available packages.",
            },
            null,
            2
          ),
        },
      ],
      isError: true,
    };
  }

  return {
    content: [{ type: "text", text: JSON.stringify(body, null, 2) }],
    isError: true,
  };
}

// Promise-based sleep for polling loops
export function sleep(ms: number): Promise<void> {
  return new Promise((resolve) => setTimeout(resolve, ms));
}

Tool Definition Quality

A4.7/5.0

Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description carries full burden and thoroughly discloses behavioral traits: seven analysis dimensions, scoring mechanism, billing logic (free for known/cached, cost for unknown), error conditions (402 when out of credits), and the nature of the score as a signal, not a verdict.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is lengthier than average but well-structured: main purpose first, then detailed breakdown, billing, profile usage. Every sentence adds value. Could be slightly more concise, but the structure is logical and front-loaded.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity and lack of output schema, the description is highly complete. It explains inputs, behavior, billing, and output (risk score, signal breakdown, metadata with pipeline_check_charged field). The agent has enough information to use the tool correctly.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters5/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema covers both parameters (url and profile) with 100% coverage. The description adds significant context: url must be http/https, profile is optional and custom scoring profiles can be listed via list_profiles, with an example usage ('cold-email' profile).

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool checks a single URL for security and data quality signals, returning a risk score and breakdown. It distinguishes itself from sibling tool 'check_urls' by emphasizing 'single URL', and provides specific details about signals, scoring, and billing.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description gives clear context on when to use this tool (for checking a single URL) and when to consider using a profile (referencing list_profiles and show_defaults). It also explains billing conditions and potential error. However, it does not explicitly contrast with the sibling 'check_urls' for batch processing.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/123Ergo/unphurl-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server