Philidor MCP Server

get_protocol_info

Retrieve comprehensive DeFi protocol data including TVL, vault counts, versions, auditors, and security incidents for risk assessment and due diligence.

Instructions

Get detailed information about a DeFi protocol including TVL, vault count, versions, auditors, and security incidents.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`protocolId`	Yes	Protocol ID (e.g. morpho, aave-v3, yearn-v3, beefy)

Implementation Reference

src/tools/get-protocol-info.ts:6-19 (handler)

Main registration and handler for get_protocol_info tool. Defines the tool with Zod schema (protocolId parameter), executes API call to fetch protocol data, formats the response using formatProtocolInfo helper, and returns formatted text content.

export function registerGetProtocolInfo(server: McpServer) {
  server.tool(
    'get_protocol_info',
    'Get detailed information about a DeFi protocol including TVL, vault count, versions, auditors, and security incidents.',
    {
      protocolId: z.string().describe('Protocol ID (e.g. morpho, aave-v3, yearn-v3, beefy)'),
    },
    async (params) => {
      const result = await apiGet<{ data: any }>(`/v1/protocols/${params.protocolId}`);
      const text = formatProtocolInfo(result.data);
      return { content: [{ type: 'text' as const, text }] };
    }
  );
}

src/server.ts:36-36 (registration)
Tool registration call in createServer function that registers get_protocol_info with the MCP server instance.
```
registerGetProtocolInfo(server);
```
src/tools/get-protocol-info.ts:10-12 (schema)
Input validation schema using Zod that defines the protocolId parameter as a required string with description for protocol IDs like 'morpho', 'aave-v3', etc.
```
{
  protocolId: z.string().describe('Protocol ID (e.g. morpho, aave-v3, yearn-v3, beefy)'),
},
```

src/lib/formatters.ts:111-143 (helper)

formatProtocolInfo helper function that takes API response data (protocol, vaults, versions, incidents) and formats it into a readable markdown string with sections for protocol details, versions, and security incidents.

export function formatProtocolInfo(data: any): string {
  const { protocol, vaults, versions, incidents } = data;
  const sections = [
    `## ${protocol.name}`,
    protocol.description ? `\n${protocol.description}` : '',
    `\n**TVL:** $${formatNumber(protocol.tvl_total)} | **Vaults:** ${protocol.vault_count}`,
    protocol.mainnet_launch_date ? `**Launch Date:** ${protocol.mainnet_launch_date}` : '',
    protocol.primary_auditors?.length
      ? `**Auditors:** ${protocol.primary_auditors.join(', ')}`
      : '',
    protocol.bug_bounty_url ? `**Bug Bounty:** ${protocol.bug_bounty_url}` : '',
  ].filter(Boolean);

  if (versions?.length) {
    sections.push('\n### Versions');
    for (const v of versions) {
      sections.push(
        `- **${v.display_name || v.version}**: ${v.vault_count} vaults, $${formatNumber(v.tvl)} TVL`
      );
    }
  }

  if (incidents?.length) {
    sections.push('\n### Security Incidents');
    for (const i of incidents) {
      sections.push(
        `- **${i.title}** (${i.incident_severity || 'N/A'}) — ${new Date(i.occurred_at).toLocaleDateString()}`
      );
    }
  }

  return sections.join('\n');
}

src/api-client.ts:3-19 (helper)

apiGet utility function used by the handler to make authenticated API requests to the Philidor API endpoint for fetching protocol information.

export async function apiGet<T = any>(path: string): Promise<T> {
  const res = await fetch(`${API_BASE}${path}`, {
    headers: { Accept: 'application/json' },
  });
  if (!res.ok) {
    let message: string;
    try {
      const json = (await res.json()) as Record<string, any>;
      message = json?.error?.message || json?.message || JSON.stringify(json);
    } catch {
      message = res.statusText || `HTTP ${res.status}`;
    }
    throw new Error(`API ${res.status}: ${message}`);
  }
  const json = await res.json();
  return json as T;
}

Tool Definition Quality

B3.3/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden of behavioral disclosure. While it indicates this is a read operation ('Get'), it does not specify whether it requires authentication, has rate limits, returns structured or raw data, or handles errors. For a tool with no annotation coverage, this leaves significant gaps in understanding its behavior.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that front-loads the purpose and lists key details without unnecessary words. Every element (action, resource, examples of information) earns its place, making it highly concise and well-structured.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's low complexity (1 parameter, no output schema, no annotations), the description is adequate but incomplete. It covers the purpose and output details but lacks behavioral context (e.g., authentication, error handling) and usage guidelines. For a simple read tool, this is minimally viable but has clear gaps.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 100% description coverage, with the single parameter 'protocolId' documented in the schema. The description does not add any additional meaning or examples beyond what the schema provides (e.g., it does not clarify the format of protocol IDs or list all possible values). Baseline score of 3 is appropriate as the schema handles the parameter documentation.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Get detailed information') and the resource ('a DeFi protocol'), with specific examples of the information returned (TVL, vault count, versions, auditors, security incidents). It distinguishes itself from sibling tools like 'get_vault' or 'get_market_overview' by focusing on protocol-level details rather than vaults or markets.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives like 'get_vault' or 'get_market_overview'. It does not mention prerequisites, such as needing a protocol ID, or exclusions, such as not being suitable for comparing multiple protocols. Usage is implied but not explicitly stated.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Philidor-Labs/philidor-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server