scm-mcp

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden but offers minimal behavioral disclosure. It states this is a list operation (implied read-only), but doesn't describe authentication requirements, rate limits, pagination behavior, error conditions, or what 'security zones' represent in this context. The description adds only basic operational context without rich behavioral traits needed for a tool with zero annotation coverage.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded with the core purpose first. The two-sentence structure is efficient with zero waste. The Args section provides necessary parameter context without redundancy. However, the formatting with separate 'Args:' section slightly disrupts flow compared to integrated prose.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given 2 parameters with 0% schema coverage and no annotations, but with an output schema present, the description is minimally adequate. It covers the basic operation and parameters but lacks behavioral context, error handling, and deeper semantic explanations. The output schema reduces the need to describe return values, but for a list tool with no annotations, more operational guidance would be beneficial.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description must compensate. It provides semantic meaning for both parameters: 'folder' scopes the query, and 'tsg_id' is optional with a default value. However, it doesn't explain parameter formats (e.g., folder naming conventions), what TSG ID represents, or provide examples. The description adds value beyond the bare schema but doesn't fully compensate for the 0% coverage gap.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with 'List security zones in a folder' - a specific verb ('List') and resource ('security zones') with scoping ('in a folder'). It distinguishes from siblings like 'scm_get_security_zone' (singular get) and 'scm_create_security_zone' (create), though not explicitly mentioned. However, it doesn't fully differentiate from other list tools like 'scm_list_addresses' beyond the resource type.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides minimal usage guidance. It mentions the folder parameter scopes the query, but offers no explicit when-to-use rules, alternatives, or exclusions. For example, it doesn't clarify when to use this vs. 'scm_get_security_zone' for single zones or 'scm_search' for broader queries. The guidance is limited to basic parameter context.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.