Memory Shell Detector MCP

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden and excels: it explains the removal mechanism for different component types (Filter/Servlet/Listener, Spring components, Agent types), details the safety mechanism requiring AI confirmation, describes the two-phase execution (analysis then removal), and mentions remote execution via SSH. This provides comprehensive behavioral context beyond basic parameters.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is well-structured with clear sections (purpose, underlying command, mechanism, safety, parameters, returns) and appropriately sized. While comprehensive, it's not overly verbose; every sentence adds value. Minor deduction because the parameter explanations could be slightly more concise.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's high complexity (destructive operation, 10 parameters, no annotations, but with output schema), the description is remarkably complete: it covers purpose, usage workflow, behavioral details, parameter meanings, safety mechanisms, and return behavior. The output schema handles return values, so the description appropriately focuses on operational context.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

With 0% schema description coverage for 10 parameters, the description fully compensates: it explains all parameters in the Args section with clear semantics (class_name, pid, tools_dir, ai_confirmed, use_ssh, and SSH connection parameters), including their purposes and the critical ai_confirmed workflow. This adds substantial meaning beyond the bare schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: '从 JVM 内存中移除指定的内存马类' (remove specified memory shell classes from JVM memory). It specifies the exact action (remove), target (memory shell classes), and mechanism (Java Agent technology), distinguishing it from siblings like scan_process or view_class_code which only detect or view.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides explicit usage guidelines: it explains the two-step process (first call with ai_confirmed=False to get decompiled source for analysis, then call with ai_confirmed=True to execute removal), mentions the underlying command, and implicitly distinguishes from siblings by focusing on removal rather than detection or listing.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.