Scan conversation files to find leaked secrets such as AWS keys, API tokens, passwords, private keys, connection strings, and JWTs.
Scan conversation files for leaked secrets (AWS keys, API tokens, passwords, private keys, connection strings, JWTs).
| Name | Required | Description | Default |
|---|---|---|---|
| file | No | Scan a specific file. Default: all conversation files |
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations provided, so description carries full burden. It does not disclose if the tool is read-only, requires permissions, or produces any side effects. Limited to stating scanning purpose.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Single sentence, concise and front-loaded. No unnecessary words, but lacks structure like bullet points for clarity.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given one optional param, no output schema, and no annotations, the description covers main functionality but misses output format, performance impact, or potential false positives. Adequate but not thorough.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage 100% with one parameter 'file', description confirms default behavior. The tool description adds value by listing secret types, but parameter semantics are adequately covered by schema. Baseline 3.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Clearly states verb 'Scan', resource 'conversation files', and specific secret types (AWS keys, API tokens, etc.), distinguishing it from siblings like scan_pii.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
No explicit guidance on when to use this tool vs alternatives like scan_pii, and no prerequisites or exclusions mentioned. Usage is implied but not clarified.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/AsifKibria/claude-code-toolkit'
If you have feedback or need assistance with the MCP directory API, please join our Discord server