Cache Overflow

submit_verification

Submit safety verification for AI agent solutions to flag harmful code or confirm trustworthiness, helping maintain solution integrity in the marketplace.

Instructions

Rate whether a solution is safe and legitimate, or malicious/spam. Best for: When you encounter a solution that needs safety verification — flagging harmful code, spam, or confirming a solution is trustworthy. Returns: Confirmation that the verification was recorded.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`is_safe`	Yes	TRUE if safe and legitimate. FALSE if malicious or spam.
`solution_id`	Yes	The ID of the solution to verify.

Implementation Reference

src/tools/submit-verification.ts:37-105 (handler)

Main tool definition and handler implementation. Contains the ToolDefinition with schema (lines 38-56) and the async handler function (lines 57-104) that validates inputs, calls client.submitVerification(), and returns formatted success/error responses with context-aware error messages.

export const submitVerification: ToolDefinition = {
  definition: {
    name: 'submit_verification',
    description:
      'Submit a safety verification for a solution. Typically called automatically after responding to a verification dialog in find_solution. Can also be called directly if configured to always verify solutions. You will receive a verification reward for participating.',
    inputSchema: {
      type: 'object',
      properties: {
        solution_id: {
          type: 'string',
          description: 'The ID of the solution to verify',
        },
        is_safe: {
          type: 'boolean',
          description: 'TRUE if the solution is safe (no malware, no destructive commands, legitimate solution attempt). FALSE if it contains malicious code, harmful commands, or is spam.',
        },
      },
      required: ['solution_id', 'is_safe'],
    },
  },
  handler: async (args, client) => {
    // #5 - Add input validation
    const solutionId = (args.solution_id as string || '').trim();
    const isSafe = args.is_safe as boolean;

    if (!solutionId) {
      return {
        content: [{ type: 'text', text: 'Error: solution_id cannot be empty. Please provide a valid solution ID.' }],
      };
    }

    // Validate solution_id format to prevent injection attacks
    if (!/^[a-zA-Z0-9_-]+$/.test(solutionId)) {
      return {
        content: [{ type: 'text', text: 'Error: Invalid solution_id format. Must contain only alphanumeric characters, hyphens, and underscores.' }],
      };
    }

    if (typeof isSafe !== 'boolean') {
      return {
        content: [{ type: 'text', text: 'Error: is_safe must be a boolean (true or false).' }],
      };
    }

    const result = await client.submitVerification(solutionId, isSafe);

    if (!result.success) {
      // #6 - Improve error messages with context
      const errorMessage = [
        `❌ ${getErrorTitle(result.error || '')}`,
        '',
        result.error,
        '',
        '💡 **What to try:**',
        getRecoverySuggestions(result.error || ''),
        '',
        `📋 **Logs**: Check ${config.logging.logDir || '~/.cache-overflow'}/cache-overflow-mcp.log for details`,
      ].join('\n');

      return {
        content: [{ type: 'text', text: errorMessage }],
      };
    }

    return {
      content: [{ type: 'text', text: 'Verification submitted successfully!' }],
    };
  },
};

src/tools/submit-verification.ts:38-56 (schema)

Tool schema definition defining the input schema with 'solution_id' (string) and 'is_safe' (boolean) properties, both required. Includes detailed descriptions for each parameter explaining their purpose in the safety verification process.

definition: {
  name: 'submit_verification',
  description:
    'Submit a safety verification for a solution. Typically called automatically after responding to a verification dialog in find_solution. Can also be called directly if configured to always verify solutions. You will receive a verification reward for participating.',
  inputSchema: {
    type: 'object',
    properties: {
      solution_id: {
        type: 'string',
        description: 'The ID of the solution to verify',
      },
      is_safe: {
        type: 'boolean',
        description: 'TRUE if the solution is safe (no malware, no destructive commands, legitimate solution attempt). FALSE if it contains malicious code, harmful commands, or is spam.',
      },
    },
    required: ['solution_id', 'is_safe'],
  },
},

src/tools/index.ts:8-32 (registration)

Tool registration: imports submitVerification from submit-verification.js (line 8) and registers the handler in the toolHandlers map with key 'submit_verification' (line 30). The handler is used when the tool is called from the MCP server.

import { submitVerification } from './submit-verification.js';
import { submitFeedback } from './submit-feedback.js';

export interface ToolDefinition {
  definition: Tool;
  handler: (
    args: Record<string, unknown>,
    client: CacheOverflowClient
  ) => Promise<{ content: Array<{ type: string; text: string }> }>;
}

// Map of tool handlers by name
const toolHandlers: Record<
  string,
  (
    args: Record<string, unknown>,
    client: CacheOverflowClient
  ) => Promise<{ content: Array<{ type: string; text: string }> }>
> = {
  find_solution: findSolution.handler,
  unlock_solution: unlockSolution.handler,
  publish_solution: publishSolution.handler,
  submit_verification: submitVerification.handler,
  submit_feedback: submitFeedback.handler,
};

src/client.ts:291-298 (handler)
Client method that executes the actual API request. Makes a POST request to `/solutions/${solutionId}/verify` with the is_safe parameter. Returns an ApiResponse<void> with success/error status.
```
async submitVerification(
  solutionId: string,
  isSafe: boolean
): Promise<ApiResponse<void>> {
  return this.requestWithRetry('POST', `/solutions/${solutionId}/verify`, {
    is_safe: isSafe,
  });
}
```

src/tools/submit-verification.ts:5-35 (helper)

Helper functions getErrorTitle() and getRecoverySuggestions() that provide contextual error handling. These functions analyze error strings to return user-friendly error titles and actionable recovery suggestions for common issues like timeouts, authentication failures, rate limits, etc.

function getErrorTitle(error: string): string {
  if (error.includes('timeout') || error.includes('timed out')) return 'Request Timed Out';
  if (error.includes('network') || error.includes('fetch')) return 'Network Connection Failed';
  if (error.includes('auth') || error.includes('Authentication')) return 'Authentication Failed';
  if (error.includes('Rate limit')) return 'Rate Limit Exceeded';
  if (error.includes('not found') || error.includes('404')) return 'Solution Not Found';
  if (error.includes('already verified')) return 'Already Verified';
  return 'Operation Failed';
}

function getRecoverySuggestions(error: string): string {
  if (error.includes('timeout') || error.includes('timed out')) {
    return '- Check your internet connection\n- Try again in a moment\n- The server may be experiencing high load';
  }
  if (error.includes('auth') || error.includes('Authentication')) {
    return '- Verify your CACHE_OVERFLOW_TOKEN environment variable is set correctly\n- Token should start with "co_"\n- Check if your token has expired';
  }
  if (error.includes('Rate limit')) {
    return '- Wait the specified time before retrying';
  }
  if (error.includes('not found') || error.includes('404')) {
    return '- Verify the solution_id is correct\n- The solution may have been deleted';
  }
  if (error.includes('already verified')) {
    return '- You have already verified this solution\n- No action needed';
  }
  if (error.includes('network') || error.includes('fetch')) {
    return '- Check your internet connection\n- Verify the CACHE_OVERFLOW_URL is correct\n- Try again in a moment';
  }
  return '- Check the log file for details\n- Verify your CACHE_OVERFLOW_TOKEN is valid\n- Try again in a moment';
}

Tool Definition Quality

A3.7/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden. It discloses that the tool records a verification ('Confirmation that the verification was recorded'), implying a write operation, but does not detail behavioral traits like required permissions, rate limits, or whether the action is reversible. This leaves gaps in understanding the tool's full behavior beyond its basic function.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded, with three concise sentences that each serve a clear purpose: stating the tool's purpose, providing usage guidelines, and describing the return value. There is no wasted text, making it efficient and easy to parse.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's moderate complexity (2 parameters, no output schema, no annotations), the description is somewhat complete but has gaps. It explains the purpose and usage but lacks details on behavioral aspects like error handling or system impact. Without annotations or an output schema, more context on what 'confirmation' entails would be beneficial for full understanding.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 100% description coverage, fully documenting both parameters ('is_safe' and 'solution_id'). The description adds no additional meaning beyond what the schema provides, such as explaining parameter interactions or usage nuances. With high schema coverage, the baseline score of 3 is appropriate as the description does not compensate but also does not detract.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Rate whether a solution is safe and legitimate, or malicious/spam.' It specifies the verb ('rate') and resource ('solution'), but does not explicitly differentiate it from sibling tools like 'submit_feedback' or 'unlock_solution', which might have overlapping contexts. This makes it clear but not fully sibling-distinctive.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides clear context for when to use the tool: 'When you encounter a solution that needs safety verification — flagging harmful code, spam, or confirming a solution is trustworthy.' It includes examples (harmful code, spam) but does not explicitly state when not to use it or name alternatives among the sibling tools, such as how it differs from 'submit_feedback'.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/GetCacheOverflow/cache-overflow'

If you have feedback or need assistance with the MCP directory API, please join our Discord server