intruder-mcp

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden. It adds useful behavioral context: it describes what information is returned (usage and limits) and includes a key behavioral detail about license usage being tied to targets for 30 days. However, it doesn't cover other important aspects like response format, pagination, error conditions, or authentication requirements, leaving gaps for a tool with no annotation support.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately concise with two sentences that directly address the tool's function and a key behavioral detail. It's front-loaded with the main purpose. There's no wasted text, though it could be slightly more structured (e.g., separating purpose from behavioral notes).

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's simplicity (0 parameters, no annotations, no output schema), the description is reasonably complete for a read-only listing operation. It explains what information is returned and adds a useful behavioral note about license usage. However, without annotations or output schema, it should ideally mention the response format or structure to fully compensate for the lack of structured metadata.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The tool has 0 parameters, and schema description coverage is 100% (though trivial for no parameters). The description appropriately doesn't discuss parameters since none exist. It focuses on what the tool does rather than inputs, which is correct for a parameterless tool.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'List license information for the Intruder account' with specific details about what information is shown ('usage and limits for infrastructure and application licenses'). It distinguishes itself from siblings like list_scans or list_targets by focusing on licenses. However, it doesn't explicitly contrast with other license-related tools (none appear in siblings).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. While it mentions that 'When a license is used, it is tied to the target that used it for 30 days,' this is behavioral context rather than usage guidance. There are no explicit when/when-not instructions or references to sibling tools for related operations.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.