Shrike Security MCP Server

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It effectively describes the tool's behavior by detailing the types of threats checked (e.g., SQL injection, destructive operations) and the return structure (blocked, threat_type, severity, confidence, guidance, request_id). It also explains the allowDestructive parameter's impact on permitting operations, adding useful context beyond the input schema. However, it lacks details on rate limits, authentication needs, or error handling.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is well-structured and front-loaded with the core purpose, followed by bullet points for checks and returns, making it easy to scan. Every sentence adds value, such as listing threat types and explaining the allowDestructive parameter, with no redundant or wasted information.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (security scanning with multiple threat types) and no annotations or output schema, the description does a good job of covering behavior and outputs. It explains what the tool checks and the structure of returns, which compensates for the lack of output schema. However, it could be more complete by addressing potential edge cases or error scenarios.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The schema description coverage is 100%, so the input schema already documents all parameters (query, database, allowDestructive). The description adds some value by explaining the purpose of allowDestructive ('to permit DROP/TRUNCATE for migrations'), but it does not provide additional semantic context for the query or database parameters beyond what the schema states. This meets the baseline score of 3 for high schema coverage.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with specific verbs ('scans', 'checks for') and resources ('SQL query'), distinguishing it from siblings like scan_file_write or scan_prompt by focusing on SQL queries. It explicitly lists the security threats it detects, making the purpose highly specific and actionable.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides clear context for when to use this tool ('before execution for security threats') and includes an explicit guideline for the allowDestructive parameter ('Set allowDestructive=true to permit DROP/TRUNCATE for migrations'). However, it does not explicitly state when not to use it or compare it to alternatives among sibling tools, such as get_threat_intel or report_bypass.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.