MITRE ATT&CK MCP Server

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full burden. It states this is a 'Get' operation (implying read-only), but doesn't disclose behavioral traits like authentication requirements, rate limits, error conditions, or what the output format looks like (since there's no output schema). The description is minimal and lacks important operational context.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately brief but could be better structured. The first line states the purpose clearly, but the Args section uses inconsistent formatting (some parameters have explanations in parentheses, others don't). It's front-loaded with the core purpose, but the parameter explanations could be more consistently integrated.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a tool with 3 parameters, no annotations, and no output schema, the description is incomplete. While it explains parameters adequately, it lacks crucial context about what the tool returns (no output schema means the description should explain the return format), error handling, authentication requirements, and typical use cases. The behavioral transparency gap makes this insufficient for confident tool invocation.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

With 0% schema description coverage, the description compensates well by explaining all three parameters in the Args section. It clarifies that 'technique_stix_id' is 'Technique STIX ID to check what its subtechniques are', specifies the three possible values for 'domain', and explains what 'include_description' controls with its default. This adds significant meaning beyond the bare schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Get subtechniques of technique' - a specific verb ('Get') and resource ('subtechniques of technique'). It distinguishes from siblings like 'get_all_subtechniques' (which gets all subtechniques) and 'get_parent_technique_of_subtechnique' (which does the inverse). However, it doesn't explicitly contrast with these siblings in the description text itself.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. It doesn't mention sibling tools like 'get_all_subtechniques' (for all subtechniques without filtering by parent technique) or 'get_parent_technique_of_subtechnique' (for the inverse operation). There's no context about prerequisites, typical use cases, or limitations.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.