MITRE ATT&CK MCP Server

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden of behavioral disclosure. It describes a read operation ('Get'), implying it's non-destructive, but doesn't cover critical aspects like authentication needs, rate limits, error handling, or output format. The description adds minimal behavioral context beyond the basic function, leaving significant gaps for an agent to understand how to invoke it safely and effectively.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded, starting with the purpose followed by parameter details in a clear 'Args:' section. Every sentence earns its place by explaining parameters, but it could be more concise by integrating the purpose more smoothly. No unnecessary information is included, making it efficient for understanding.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity (3 parameters, no annotations, no output schema), the description is incomplete. It covers parameter semantics well but lacks output information (e.g., what mitigations look like, data structure), behavioral traits (e.g., permissions, limits), and usage context. For a tool with no structured support, this leaves the agent under-informed about how to use it effectively.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The description adds substantial meaning beyond the input schema, which has 0% description coverage. It explains each parameter: 'technique_stix_id' as 'Technique STIX ID to what mitigations are mitigating this technique', 'domain' with allowed values ('enterprise', 'mobile', or 'ics'), and 'include_description' with its default and purpose. This compensates well for the schema's lack of descriptions, though it could be more detailed on STIX ID format or domain implications.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description states the tool 'Get mitigations mitigating technique' which is a tautology of the tool name, providing minimal additional clarity. It specifies the verb 'Get' and resource 'mitigations', but lacks specificity about what 'mitigations' are (e.g., security controls, countermeasures) and doesn't distinguish it from sibling tools like 'get_all_mitigations' or 'get_techniques_mitigated_by_mitigation'. The purpose is vague but not entirely missing.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

No explicit guidance on when to use this tool versus alternatives is provided. The description includes parameter details but doesn't mention when this tool is appropriate compared to siblings like 'get_all_mitigations' or 'get_techniques_mitigated_by_mitigation'. There's implied usage through the parameters (e.g., for a specific technique), but no context on exclusions or prerequisites.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.