mess_create_auth_key

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations indicate this is a non-readOnly, non-destructive, non-idempotent, openWorld operation. The description adds valuable context beyond annotations: it specifies that the key value is returned only once ('save this, it won't be shown again'), mentions a 409 conflict error for duplicate names, and notes the uniqueness requirement. This enhances transparency about side effects and error conditions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is well-structured with clear sections (purpose, args, returns) and uses bullet-like formatting. It avoids redundancy, but could be slightly more concise by integrating the uniqueness note into the args section rather than as a separate preamble sentence.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (creation with side effects), lack of schema descriptions, and presence of an output schema (implied by 'Returns'), the description is reasonably complete. It covers purpose, parameters, return behavior, and error cases, though it could improve by mentioning authentication needs or rate limits to fully prepare the agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 0% description coverage, but the description compensates by listing parameters (auth_key/session, name, expiry) and adding semantic details: name must be unique, expiry format is YYYY-MM-DD, and auth_key/session are alternatives. This provides meaningful context beyond the bare schema, though it doesn't fully explain all parameter nuances like defaults or env var usage.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the specific action ('Create a new API auth key') and resource ('auth key'), with explicit differentiation from sibling tools like mess_get_auth_keys (read) and mess_delete_auth_key (delete). The mention of unique naming further distinguishes its purpose.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage when a new auth key is needed, with a constraint that 'Key names must be unique' and a 409 error if duplicated. However, it lacks explicit guidance on when to use this versus alternatives like mess_get_auth_keys or mess_delete_auth_key, or prerequisites such as authentication requirements.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.