Skip to main content
Glama
MikeCase
by MikeCase

get_image_vulnerabilities

Get a detailed vulnerability report for a Docker image, identifying known security issues and their severity.

Instructions

Get vulnerability report for an image.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
env_idNo0
image_idYes
agent_tokenNo
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description carries full behavioral disclosure burden. It only states 'Get vulnerability report', implying read-only behavior, but gives no detail about side effects, authentication needs, rate limits, or what the report contains. This is insufficient for safe and accurate agent decision-making.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness3/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single sentence of six words, which is concise but lacks substance. While there is no wasted text, the extreme brevity sacrifices necessary detail, making it borderline under-specified rather than efficiently informative.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness1/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool has 3 parameters, no output schema, no annotations, and many sibling tools, the description is severely incomplete. It fails to explain return values, parameter roles, or usage context, leaving the agent with insufficient information to use the tool correctly.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters1/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 0% description coverage, and the tool description adds no information about any of the three parameters ('image_id', 'env_id', 'agent_token'). The agent is left with only schema types and defaults, which is inadequate for constructing correct calls.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Get') and resource ('vulnerability report for an image'), making the basic purpose understandable. However, it does not distinguish from sibling tools like 'get_vulnerability_summary' or 'list_all_vulnerabilities', which could cause confusion for an agent selecting among them.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No usage guidance is provided. The description does not specify when to use this tool over alternatives (e.g., for a single image vs. all images), nor does it mention prerequisites, exclusions, or typical scenarios. This forces the agent to rely solely on the tool name and parameters.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/MikeCase/arcane-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server