ControlKeel

Overview Schema Related Servers Score Discussions

ck_validate

Validate code, config, shell commands, or text against CK policy to catch violations before execution. Returns findings for blocked actions.

Instructions

Validate proposed code, config, shell commands, or text against CK policy before execution. Read-only — no changes are applied to the project. Returns a validation result with any policy violations as findings. content is required. kind classifies the artifact (code/config/shell/text) for policy routing. source_type identifies the content's origin (developer, tool_output, human_review, issue, pull_request, web) for trust-boundary checks; untrusted sources receive stricter scrutiny. domain_pack applies a domain-specific policy pack (e.g., hipaa, owasp). requested_capabilities declares what the content needs (network, filesystem, shell, deploy) so the trust boundary can evaluate the request. Call ck_validate before writing files, running shell commands, or executing generated code. If validation returns blocked findings, do not proceed — use ck_finding to record them.

Input Schema

TableJSON Schema

Name	Required	Description
`artifact_type`	No	Canonical artifact type. Compatibility aliases `instruction` and `text` are accepted and normalized to `source`.
`content`	Yes	The content to validate or process: source code, config text, shell command, or freeform text.
`domain_pack`	No	Domain-specific policy pack to apply during validation.
`intended_use`	No	How the validated content will be used after validation.
`kind`	No	Artifact kind classification for validation routing.
`path`	No	File or directory path relative to the project root.
`requested_capabilities`	No
`security_workflow_phase`	No	Canonical workflow phase. Compatibility aliases such as `preflight`, `analysis`, and `pre_edit` are accepted and normalized.
`session_id`	No	Unique session identifier for correlating findings, proofs, budget, and audit trail.
`source_type`	No	Origin category of the record (e.g., developer, tool_output, human_review).
`target_scope`	No	Deployment scope of the artifact being validated.
`task_id`	No	Task identifier within the session for scoped operations.
`trust_level`	No

Tool Definition Quality

A4.3/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description carries full burden. It declares read-only behavior ('no changes are applied') and states it returns a validation result with findings. It does not disclose rate limits, permission requirements, or output format details, but sufficiently covers key behavioral traits for safe invocation.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single paragraph of 8 sentences, front-loaded with purpose and behavioral info. It is concise for the amount of content, though slightly structured; bullet points could improve scannability.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given 13 parameters, no output schema, and many sibling tools, the description covers purpose, behavior, key parameter roles, and usage instructions. It lacks explanation of what 'CK policy' entails or the validation result format, but overall provides sufficient context for correct tool selection and invocation.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 85%, so baseline is 3. The description adds value by explaining how parameters like kind, source_type, domain_pack, and requested_capabilities affect policy routing and trust-boundary checks, going beyond the schema's field descriptions to provide actionable guidance.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool validates proposed code, config, shell commands, or text against CK policy before execution. It explicitly distinguishes from sibling tools like ck_execute_code by noting it is read-only and precedes execution, and directs to ck_finding for recording blocked findings.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description instructs to call ck_validate before writing files, running shell commands, or executing generated code, and specifies not to proceed if blocked findings are returned. It lacks explicit mention of when not to use or alternatives for non-validation tasks, but provides clear context for its primary use case.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/aryaminus/controlkeel'

If you have feedback or need assistance with the MCP directory API, please join our Discord server