Manus MCP

manus_webhook_public_key

Retrieve the RSA public key for verifying webhook signatures. Cache the key to authenticate incoming webhook deliveries.

Instructions

Get the RSA public key used to sign webhook deliveries. Cache this (1 hour recommended).

Input Schema

TableJSON Schema

Name	Required	Description	Default
No arguments

Implementation Reference

manus_mcp/tools/webhooks.py:68-82 (handler)

Handler function for the manus_webhook_public_key tool. Calls the GET /v2/webhook.publicKey endpoint to retrieve the RSA public key used to verify webhook delivery signatures.

@manus_tool(
    name="manus_webhook_public_key",
    description=(
        "Get the RSA public key used to sign webhook deliveries. Cache this (1 hour recommended)."
    ),
    input_schema=WebhookPublicKeyQuery,
    output_schema=WebhookPublicKeyResponse,
)
async def webhook_public_key(q: WebhookPublicKeyQuery, ctx: ToolCtx) -> WebhookPublicKeyResponse:
    return await ctx.client.call(
        "GET",
        "/v2/webhook.publicKey",
        response_model=WebhookPublicKeyResponse,
        rate_limit_key="webhook.publicKey",
    )

manus_mcp/schemas/webhooks.py:46-47 (schema)
Input schema for the webhook public key query — no parameters needed.
```
class WebhookPublicKeyQuery(ManusModel):
    pass
```
manus_mcp/schemas/webhooks.py:50-52 (schema)
Output schema containing the RSA public_key string and optional algorithm field.
```
class WebhookPublicKeyResponse(ResponseEnvelope):
    public_key: str
    algorithm: str | None = None
```
manus_mcp/tools/webhooks.py:68-69 (registration)
Registration of the tool via the @manus_tool decorator in manus_mcp/tools/webhooks.py (same location as the handler). The decorator stores a ToolDef entry in the global registry.
```
@manus_tool(
    name="manus_webhook_public_key",
```

manus_mcp/tools/registry.py:42-80 (helper)

The manus_tool decorator/helper function used to register the tool into the global _REGISTRY dict.

def manus_tool(
    *,
    name: str,
    description: str,
    input_schema: type[TIn],
    output_schema: type[TOut],
    rate_limit_key: str | None = None,
) -> Callable[
    [Callable[[TIn, ToolCtx], Awaitable[TOut]]], Callable[[TIn, ToolCtx], Awaitable[TOut]]
]:
    """Decorator registering `handler` as a tool with the given metadata."""

    def wrap(
        handler: Callable[[TIn, ToolCtx], Awaitable[TOut]],
    ) -> Callable[[TIn, ToolCtx], Awaitable[TOut]]:
        if name in _REGISTRY:
            raise RuntimeError(f"Duplicate tool name: {name}")
        _REGISTRY[name] = ToolDef(
            name=name,
            description=description,
            input_schema=input_schema,
            output_schema=output_schema,
            handler=handler,
            rate_limit_key=rate_limit_key,
        )
        return handler

    return wrap


def all_tools() -> list[ToolDef[Any, Any]]:
    """Return a stable-ordered copy of every registered tool."""
    return sorted(_REGISTRY.values(), key=lambda t: t.name)


def clear_registry() -> None:
    """Test helper."""
    _REGISTRY.clear()

Tool Definition Quality

A4.1/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden. It mentions caching, implying the key is stable for at least an hour, but does not disclose rate limits, whether the key might change, or if authorization is needed. The description is adequate but lacks depth for a more comprehensive behavioral understanding.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is exceptionally concise: two sentences with no unnecessary words. The first sentence states the purpose directly, and the second provides a specific caching recommendation. Every word earns its place, and the structure is front-loaded for quick comprehension.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool has no output schema and no parameters, the description covers the basics but does not specify the return format (e.g., PEM, JWK) or any additional metadata. The sibling tools list suggests many webhook operations, yet the description does not clarify how the key relates to them. It is complete enough for a simple retrieval but leaves some gaps.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has no parameters (100% coverage), so the baseline is 4. The description adds value beyond the schema by explaining the purpose of the key (webhook signature verification) and suggesting a caching strategy. It effectively compensates for the lack of parameter details by providing context.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool retrieves the RSA public key for verifying webhook signatures. It distinguishes itself from sibling tools like manus_webhook_create or manus_webhook_delete, which manage webhooks rather than providing keys. The verb 'Get' and specific resource 'RSA public key' make the purpose precise.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description recommends caching for 1 hour, which provides a usage guideline. However, it does not explicitly state when to use this tool vs alternatives, though there is no alternative for this specific purpose. It also lacks guidance on when not to use it, but the context makes it clear this is the only option for retrieving the key.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/aruxojuyu665/Manus-MCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server