servicenow-mcp

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden. It discloses that this is a mutation tool ('Update') and specifies a permission requirement ('requires WRITE_ENABLED=true'), which is useful behavioral context. However, it lacks details on side effects (e.g., whether updates are reversible, audit trail implications), error handling, or response format. For a mutation tool with zero annotation coverage, this is a moderate but incomplete disclosure.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that front-loads the core action and resource, followed by parenthetical details on updatable fields and a prerequisite. Every word earns its place with no redundancy or fluff, making it highly concise and well-structured.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (mutation with 2 parameters, no output schema, and no annotations), the description is moderately complete. It covers the purpose, usage condition, and hints at parameter semantics, but lacks details on behavioral traits (e.g., idempotency, side effects) and doesn't explain return values. For a mutation tool, this leaves gaps that could hinder an agent's ability to use it correctly without trial and error.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already documents both parameters ('sys_id' and 'fields') adequately. The description adds marginal value by listing example fields ('state, risk acceptance notes, remediation date') that map to the 'fields' object, but doesn't provide syntax, constraints, or format details beyond what the schema implies. This meets the baseline for high schema coverage.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Update') and resource ('a vulnerability entry'), and specifies the fields that can be updated ('state, risk acceptance notes, remediation date'). It distinguishes itself from sibling tools like 'get_vulnerability' by being a write operation. However, it doesn't explicitly differentiate from other 'update_' tools (e.g., 'update_incident', 'update_asset'), which keeps it from a perfect score.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides explicit context for when to use this tool: it requires 'WRITE_ENABLED=true', indicating a prerequisite condition. This is a clear usage guideline. However, it doesn't specify when not to use it (e.g., vs. creating a new vulnerability) or name alternatives for related operations, which prevents a score of 5.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.