Skip to main content
Glama

check_agent_discovery

Read-onlyIdempotent

Assesses security of DNS agent-discovery records by detecting SVCB agent records, verifying DNSSEC anchoring, DANE/TLSA trust, and capability-document integrity.

Instructions

Assess the security posture of IETF BANDAID agent-discovery records (draft-mozleywilliams-dnsop-dnsaid). Detects SVCB agent records under _agents/index.{protocol}._agents, reports whether the discovery zone is DNSSEC-anchored (unsigned = spoofable agent endpoints), evaluates DANE/TLSA binding trust (RFC 6698 §10.1), and checks capability-document integrity (cap / cap-sha256). Read-only; uses Private-Use SVCB param code points pending IANA assignment.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
nameNoResolve a single named agent ({name}.{domain}) instead of enumerating the zone.
domainYesDomain to check for published agent-discovery records (e.g., example.com).
formatNoOutput verbosity. Auto-detected if omitted.
protocolNoScope discovery to a single agent protocol index (_index._{protocol}._agents). Omit to sweep the zone.
verify_capNoFetch each declared capability document (cap=) over HTTPS via safeFetch and verify it against the cap-sha256 integrity pin. Default false (declaration/existence check only).
force_refreshNoBypass cache and run a fresh check. Useful after DNS changes.

Output Schema

TableJSON Schema
NameRequiredDescriptionDefault
scoreYes
passedYes
categoryYes
findingsYes
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already declare readOnlyHint=true, openWorldHint=true, idempotentHint=true, destructiveHint=false. The description adds behavioral context: it uses Private-Use SVCB param code points pending IANA assignment, and details the checks (SVCB, DNSSEC, DANE, capability integrity). No contradictions; adds useful context beyond annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single concise paragraph that front-loads the purpose. Every sentence adds value: specifies the standard, list of checks, and read-only nature. No wasted words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity of the tool, with 6 parameters and an output schema, the description is sufficiently complete. It sets expectations for what the tool reports (detects, reports, evaluates). Could be slightly more detailed on output, but the output schema presumably covers that. Overall adequate.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100%, so baseline is 3. The description does not add detailed parameter semantics beyond the schema; it mentions 'resolve a single named agent' for the 'name' parameter and 'sweep the zone' for the 'protocol' parameter, but does not elaborate on format, verify_cap, or force_refresh. Adequate but not exceptional.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: assessing the security posture of IETF BANDAID agent-discovery records. It specifies what it detects (SVCB records, DNSSEC anchoring, DANE/TLSA binding, capability documentation integrity). Differentiates from sibling tools like check_dane and check_dnssec by focusing on the agent-discovery protocol.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly states the tool is read-only, implying safe usage. It provides context for when to use it (to check agent discovery security) but does not give explicit when-not-to-use guidance or compare with alternatives among siblings. The context is clear but lacks exclusions.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/MadaBurns/bv-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server