Store Scraper MCP

privacy

Retrieve app privacy labels and data usage details from App Store listings to understand how applications handle user information.

Instructions

Get app privacy labels and data usage information

Input Schema

TableJSON Schema

Name	Required	Description	Default
`id`	Yes	iTunes trackId of the app

Implementation Reference

src/server.js:390-435 (handler)

Handler function that implements the core logic of the 'privacy' tool: fetches privacy data from App Store API using buildPrivacyUrl, parses it with parsePrivacy, and returns formatted JSON response or error.

/**
 * Privacy tool - Get app privacy labels
 */
async function handlePrivacy(args) {
  try {
    const { id } = args;

    if (!id) {
      throw new Error('id is required');
    }

    const url = buildPrivacyUrl({ id });
    const data = await fetchJSON(url);
    const privacy = parsePrivacy(data);

    if (!privacy) {
      return {
        content: [
          {
            type: 'text',
            text: JSON.stringify({ error: 'Privacy data not available' }, null, 2),
          },
        ],
      };
    }

    return {
      content: [
        {
          type: 'text',
          text: JSON.stringify(privacy, null, 2),
        },
      ],
    };
  } catch (error) {
    return {
      content: [
        {
          type: 'text',
          text: JSON.stringify({ error: error.message }, null, 2),
        },
      ],
      isError: true,
    };
  }
}

src/server.js:1128-1141 (schema)

Input schema definition for the 'privacy' tool in the ListTools response, requiring 'id' as a number (iTunes trackId).

{
  name: 'privacy',
  description: 'Get app privacy labels and data usage information',
  inputSchema: {
    type: 'object',
    properties: {
      id: {
        type: 'number',
        description: 'iTunes trackId of the app',
      },
    },
    required: ['id'],
  },
},

src/server.js:1459-1460 (registration)
Maps the 'privacy' tool name to the handlePrivacy function in the CallToolRequestSchema handler switch statement.
```
case 'privacy':
  return await handlePrivacy(args);
```

src/parsers/appStore/privacy.js:10-29 (helper)

Helper function that parses and normalizes the raw JSON response from the App Store privacy API into a structured object.

export function parsePrivacy(data) {
  if (!data || typeof data !== 'object') {
    return null;
  }

  return {
    managePrivacyChoicesUrl: data.managePrivacyChoicesUrl || null,
    privacyTypes: (data.privacyTypes || []).map(privacyType => ({
      privacyType: privacyType.privacyType || null,
      identifier: privacyType.identifier || null,
      description: privacyType.description || null,
      dataCategories: (privacyType.dataCategories || []).map(category => ({
        dataCategory: category.dataCategory || null,
        identifier: category.identifier || null,
        dataTypes: category.dataTypes || [],
      })),
      purposes: privacyType.purposes || [],
    })),
  };
}

src/endpoints/appStore.js:124-132 (helper)

Helper function that builds the URL for fetching app privacy details from the iTunes API.

export function buildPrivacyUrl(params) {
  const { id } = params;
  
  if (!id) {
    throw new Error('id must be provided for privacy data');
  }
  
  return `${ITUNES_BASE}/us/app-privacy-details/${id}.json`;
}

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden of behavioral disclosure. It states this is a 'Get' operation, implying it's likely read-only, but doesn't confirm this or describe other behavioral traits like authentication needs, rate limits, or what happens if the app ID is invalid. For a tool with zero annotation coverage, this leaves significant gaps.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is extremely concise—a single sentence that directly states the tool's purpose without any fluff or redundant information. It's front-loaded and efficiently communicates the core functionality, making it easy to parse quickly.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the lack of annotations and output schema, the description is incomplete for a tool that likely returns structured privacy data. It doesn't hint at the format or content of the returned information (e.g., labels, data categories, usage details), leaving the agent with insufficient context to understand what to expect from using this tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The description doesn't add any parameter-specific information beyond what's in the input schema, which has 100% coverage for its single parameter 'id'. The schema already describes it as an 'iTunes trackId of the app', so the description doesn't compensate or provide additional context, resulting in the baseline score of 3.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with a specific verb ('Get') and resource ('app privacy labels and data usage information'), making it immediately understandable. However, it doesn't explicitly differentiate this tool from sibling tools like 'gp_datasafety' or 'gp_permissions', which might have overlapping functionality related to app data and privacy.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. With sibling tools like 'gp_datasafety' and 'gp_permissions' that might cover similar privacy/data themes, there's no indication of when this tool is preferred or what distinguishes it from those options.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/MiguelAlvRed/mobile-store-scraper-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server