MalwareAnalyzerMCP

Overview Schema Related Servers Score Discussions

hexdump

Display file contents in hexadecimal format for malware analysis, enabling inspection of binary data with options for offset and length control.

Instructions

Display file contents in hexadecimal format

Example usage:

Standard hexdump: { "target": "suspicious.exe" }
With length limit: { "target": "suspicious.exe", "length": 256 }
With offset: { "target": "suspicious.exe", "offset": 1024 }

Input Schema

TableJSON Schema

Name	Required	Description
`target`	Yes	Target file or data to analyze
`options`	No	Additional command-line options
`length`	No	Number of bytes to display
`offset`	No	Starting offset in the file

Implementation Reference

serverMCP.js:130-163 (handler)

Core handler logic for the 'hexdump' tool (shared with other specialized tools). Validates input arguments using the tool's Zod schema, constructs the full hexdump shell command using the tool's buildCommand function, executes it via terminalManager.shellCommand, and returns the execution result.

if (commands[name]) {
  try {
    const cmdConfig = commands[name];
    
    // Validate arguments against schema
    const validationResult = cmdConfig.schema.safeParse(args);
    if (!validationResult.success) {
      return {
        content: [{ 
          type: "text", 
          text: `Error: Invalid parameters for ${name} command.\n${JSON.stringify(validationResult.error.format())}`
        }],
        isError: true,
      };
    }
    
    // Build the command string
    const commandStr = cmdConfig.buildCommand(validationResult.data);
    console.error(`Executing specialized command: ${commandStr}`);
    
    // Execute the command via the terminal manager
    const result = await terminalManager.shellCommand(commandStr);
    console.error(`${name} command executed with PID: ${result.pid}, blocked: ${result.isBlocked}`);
    
    return {
      content: [{ type: "text", text: JSON.stringify(result) }],
    };
  } catch (error) {
    console.error(`Error executing ${name} command:`, error);
    return {
      content: [{ type: "text", text: `Error: ${error instanceof Error ? error.message : String(error)}` }],
      isError: true,
    };
  }

commands.js:73-76 (schema)

Zod input schema for the hexdump tool, extending baseCommandSchema with optional length and offset parameters for controlling the hexdump output.

schema: baseCommandSchema.extend({
  length: z.number().optional().describe("Number of bytes to display"),
  offset: z.number().optional().describe("Starting offset in the file")
}),

serverMCP.js:113-117 (registration)
Registers the 'hexdump' tool (and all other specialized tools from commands.js) in the MCP server's ListTools response by mapping command configurations to MCP tool definitions with name, description, and converted JSON schema.
```
const specializedTools = Object.values(commands).map(cmd => ({
  name: cmd.name,
  description: cmd.description + (cmd.helpText ? '\n' + cmd.helpText : ''),
  inputSchema: zodToJsonSchema(cmd.schema),
}));
```

commands.js:77-89 (helper)

Helper function specific to hexdump tool that constructs the complete shell command string from input arguments, applying defaults and options for the external hexdump utility.

buildCommand: (args) => {
  let options = args.options ? args.options : '-C'; // Default to canonical hex+ASCII display
  
  if (args.length) {
    options += ` -n ${args.length}`;
  }
  
  if (args.offset) {
    options += ` -s ${args.offset}`;
  }
  
  return `hexdump ${options} ${args.target}`;
},

Tool Definition Quality

A3.7/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full burden for behavioral disclosure. While it shows example usage patterns, it doesn't describe important behavioral aspects like: whether this reads files safely or modifies them, what permissions are needed, how large files are handled, what the output format looks like, or any rate limits. The description is functional but lacks critical operational context.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is perfectly structured: a clear purpose statement followed by three specific usage examples. Every sentence earns its place by showing different parameter combinations. No wasted words, and the information is front-loaded with the core functionality stated first.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no annotations and no output schema, the description provides basic functionality but lacks completeness for a file analysis tool. It shows how to invoke the tool but doesn't describe what the output looks like, error conditions, file size limitations, or security considerations. The examples help but don't compensate for missing behavioral context.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already documents all parameters. The description adds value through concrete usage examples that demonstrate how parameters work together (target with length, target with offset), showing practical combinations beyond what the schema provides. However, it doesn't explain the 'options' parameter's purpose or format.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with a specific verb ('Display') and resource ('file contents in hexadecimal format'), distinguishing it from sibling tools like 'file' (general file info), 'strings' (extract text), and 'xxd' (similar but different hex tool). The description immediately communicates what the tool does without ambiguity.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides example usage scenarios that imply when to use the tool (for hex analysis of files), but it doesn't explicitly state when to choose this tool over alternatives like 'xxd' or 'objdump'. The examples show different parameter combinations but lack guidance on tool selection criteria or prerequisites.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/abdessamad-elamrani/MalwareAnalyzerMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server