NotebookLM MCP Server (Security Hardened)

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

The description adds significant behavioral context beyond annotations: it details the three-step process (closing sessions, deleting auth data, opening browser), mentions post-completion verification with 'get_health', and provides troubleshooting steps. While annotations already indicate destructiveHint=true and readOnlyHint=false, the description enriches this with specific destructive actions and operational consequences, though it doesn't fully cover all behavioral aspects like error handling.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is well-structured with clear sections (purpose, usage cases, process steps, troubleshooting) and uses bullet points for readability. However, the troubleshooting section is quite detailed and could be considered slightly verbose, though all content is relevant and earns its place by providing actionable guidance.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (destructive authentication reset with nested parameters) and lack of output schema, the description is highly complete. It covers purpose, usage scenarios, step-by-step behavior, post-action verification, and extensive troubleshooting, compensating for the absence of structured output documentation and providing all necessary context for effective use.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

With 100% schema description coverage, the input schema already fully documents the two parameters and their nested properties. The description adds no additional parameter semantics, focusing instead on usage and behavior. This meets the baseline score of 3, as the schema carries the parameter documentation burden effectively.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with specific verbs ('switch to a different Google account or re-authenticate') and distinguishes it from siblings by focusing exclusively on authentication management. It explicitly names the target resource (Google account) and the action (re-authenticate), making it distinct from tools like 'setup_auth' or 'get_health'.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides explicit, bulleted guidance on when to use this tool (rate limit reached, switching accounts, broken authentication) and includes a troubleshooting section with step-by-step alternatives for persistent issues. It also references sibling tools like 'cleanup_data' and 'get_health' for related actions, offering comprehensive usage context.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.