nab

Overview Schema Related Servers Score Discussions

submit

Submit web forms by automatically extracting hidden fields and CSRF tokens, then merging user-provided data for secure POST submissions. Use for login forms, search interfaces, and API interactions behind HTML pages.

Instructions

Submit a web form with smart field extraction.

Fetches a page, parses all forms, extracts hidden fields and CSRF tokens, merges user-provided fields, and submits via POST.

Use for: login forms, search forms, API interactions behind HTML pages.

Returns: Response body (markdown-converted) after form submission.

Input Schema

TableJSON Schema

Name	Required	Description
`cookies`	No
`csrf_selector`	No
`fields`	Yes
`session`	No	Named session for cookie persistence. When set, the form page fetch and the POST submission both use the session's cookie jar, preserving authentication state. See `fetch` `session` for full documentation.
`url`	Yes

Output Schema

TableJSON Schema

Name	Required	Description
`url`	Yes	The submitted URL
`status`	Yes	HTTP status code
`content`	Yes	Markdown-converted response body

Implementation Reference

python/src/nab_loader/core.py:132-138 (handler)
The `_safe_fetch` method is a handler for fetching a URL without raising exceptions, used internally by `fetch_batch`. Note: No tool named 'submit' exists in the codebase; the term 'submit' appears as a method call on a ThreadPoolExecutor in `core.py`.
```
def _safe_fetch(self, url: str) -> NabResult:
    """Fetch a URL, returning an error result instead of raising."""
    try:
        return self.fetch(url)
    except (NabFetchError, NabNotFoundError):
        return NabResult(url=url, markdown="", status=0, size=0, time_ms=0.0)
```

Tool Definition Quality

A3.5/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations declare readOnlyHint=false and openWorldHint=true. Description adds valuable behavioral context: specifies POST method (confirming mutation), explains CSRF token extraction logic, discloses hidden field merging behavior, and notes the markdown-converted output format. Could improve by mentioning side effects (server state changes) or idempotence concerns.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Excellent structure: front-loaded purpose ('Submit a web form'), followed by technical process, use case list, and return value. Each sentence delivers distinct information without redundancy. Appropriate length for the complexity level.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given low schema coverage (20%) and moderate operational complexity (form parsing, session handling, CSRF extraction), the description should explain error scenarios (e.g., multiple forms on page) or parameter interactions. It adequately covers the return value, but gaps remain for undocumented parameters and edge case behavior.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters2/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

With only 20% schema coverage (1 of 5 params described), the description fails to sufficiently compensate. While it implies 'url' via 'Fetches a page' and mentions 'fields' via 'user-provided fields', the 'cookies' parameter is completely unmentioned, and 'csrf_selector' lacks explanation (description only mentions CSRF extraction, not the selector parameter's purpose or format).

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

Clear verb ('Submit') and resource ('web form') with specific mechanism ('smart field extraction'). Explains the multi-step process (fetch, parse, extract, merge, POST). Slight deduction because it lists 'login forms' as a use case without distinguishing from the `login` sibling tool, which could confuse agent selection.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Provides explicit use cases ('Use for: login forms, search forms, API interactions behind HTML pages'), giving the agent context on when form submission is appropriate. However, lacks explicit comparisons to siblings—doesn't clarify when to use this versus `fetch` (for simple GET requests) or versus `login` (for authentication), and omits exclusion criteria or prerequisites.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/MikkoParkkola/nab'

If you have feedback or need assistance with the MCP directory API, please join our Discord server