Codehooks.io MCP Server

file_list

List files from a specified directory path. Provide a path to retrieve file names and subdirectories.

Instructions

List files from server

Input Schema

TableJSON Schema

Name	Required	Description	Default
`path`	No	Path to list files from

Implementation Reference

src/index.ts:94-96 (schema)
Zod schema for the file_list tool input validation, defining an optional 'path' parameter.
```
const fileListSchema = z.object({
    path: z.string().optional().describe("Path to list files from"),
});
```

src/index.ts:291-301 (registration)

Registration of the 'file_list' tool in the tools array with name, description, and JSON input schema.

{
    name: "file_list",
    description: "List files from server",
    schema: fileListSchema,
    inputSchema: {
        type: "object",
        properties: {
            path: { type: "string", description: "Path to list files from" }
        }
    }
},

src/index.ts:915-935 (handler)

Handler implementation for the 'file_list' tool. It extracts the path argument, constructs CLI args calling 'coho file-list', executes via executeCohoCommand, and returns the result as text content.

case "file_list": {
    const { path } = args as FileListArgs;
    const fileArgs = [
        'file-list',
        '--project', config.projectId,
        '--space', config.space
    ];

    if (path) fileArgs.push(path);

    const result = await executeCohoCommand(fileArgs);
    return {
        content: [
            {
                type: "text",
                text: result
            }
        ],
        isError: false
    };
}

src/index.ts:529-564 (helper)

Helper function executeCohoCommand that runs coho CLI commands with admin token, used by the file_list handler to invoke the coho file-list command.

async function executeCohoCommand(args: string[]): Promise<string> {
    const safeArgs = ['coho', ...args, '--admintoken', '***'];
    console.error(`Executing command: ${safeArgs.join(' ')}`);
    try {
        const { stdout, stderr } = await execFile('coho', [...args, '--admintoken', config.adminToken], {
            timeout: 120000 // 2 minutes timeout for CLI operations
        });
        if (stderr) {
            // Sanitize stderr before logging to avoid token exposure
            const safeSterr = stderr.replace(new RegExp(config.adminToken, 'g'), '***');
            console.error(`Command output to stderr:`, safeSterr);
        }
        console.error(`Command successful`);
        const result = stdout || stderr;
        // Sanitize result to ensure admin token is not exposed
        return result ? result.replace(new RegExp(config.adminToken, 'g'), '***') : result;
    } catch (error: any) {
        // Comprehensive sanitization of all error properties to avoid admin token exposure
        const sanitizeText = (text: string): string => text ? text.replace(new RegExp(config.adminToken, 'g'), '***') : text;

        const sanitizedMessage = sanitizeText(error?.message || 'Unknown error');
        const sanitizedCmd = sanitizeText(error?.cmd || '');
        const sanitizedStdout = sanitizeText(error?.stdout || '');
        const sanitizedStderr = sanitizeText(error?.stderr || '');

        // Log sanitized error details
        console.error(`Command failed: ${sanitizedMessage}`);
        if (sanitizedCmd) console.error(`Command: ${sanitizedCmd}`);
        if (sanitizedStdout) console.error(`Stdout: ${sanitizedStdout}`);
        if (sanitizedStderr) console.error(`Stderr: ${sanitizedStderr}`);

        // Return sanitized error message
        const errorDetails = [sanitizedMessage, sanitizedStderr].filter(Boolean).join(' - ');
        throw new McpError(ErrorCode.InvalidRequest, `Command failed: ${errorDetails}`);
    }
}

Tool Definition Quality

C2.7/5.0

Behavior1/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description bears full responsibility for behavioral disclosure. The one-line description adds no information beyond the tool name, failing to mention output format, error behavior, permissions, or side effects.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is very concise at 4 words, front-loading the core purpose. While it lacks structure, it is appropriately terse for a simple list operation and avoids unnecessary verbosity.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

The tool has one optional parameter and no output schema. The description does not explain default behavior when 'path' is omitted or what the returned list contains (e.g., names, metadata). This lack of context makes it incomplete for an agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema already has 100% description coverage for the 'path' parameter. The tool description does not add any additional meaning or context beyond what is in the schema, so it meets the baseline of 3.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('List') and resource ('files'), and specifies 'from server', which distinguishes it from sibling tools like file_delete and file_upload. However, it does not elaborate on what information is listed or the scope.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No guidance is provided on when to use file_list versus alternatives. There is no mention of prerequisites, conditions, or exclusion cases, leaving the agent without decision-making context.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/RestDB/codehooks-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server