CDP MCP Server

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden for behavioral disclosure. It states this is a read operation ('Get'), which implies it's non-destructive, but doesn't clarify authentication requirements, rate limits, error conditions, or what specific 'session and permissions info' includes. The mention of 'current bearer token' hints at authentication context but lacks depth about security implications or response structure.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is efficiently structured in two sentences: the first states the core purpose, the second adds parameter guidance. Every word earns its place with zero redundancy, and key information is front-loaded. It's appropriately sized for a simple lookup tool.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's moderate complexity (authentication context, 2 parameters), no annotations, and an output schema (which reduces need to describe returns), the description is minimally adequate. It covers the basic purpose and one parameter's use but misses details about the token parameter, authentication behavior, and what 'session and permissions info' entails. For a security-related tool, this leaves gaps in understanding proper usage.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the schema provides no parameter documentation. The description mentions 'tenant_name' as optional for scoping, adding some semantic context beyond the schema. However, it doesn't explain the 'token' parameter's purpose or format, leaving half the parameters (1 of 2) without meaningful description. This partially compensates but doesn't fully address the coverage gap.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Get') and target resources ('session and permissions info for the current bearer token'), making the purpose explicit. It distinguishes itself from sibling tools by focusing on authentication/authorization context rather than data operations like cdp_get_user or cdp_get_token. However, it doesn't explicitly contrast with other 'get' tools that might return similar metadata.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides some usage context by mentioning 'Optionally specify a tenant_name to scope the response,' which implies when to use the optional parameter. However, it lacks explicit guidance on when to choose this tool over alternatives like cdp_get_token or cdp_get_user for authentication-related queries, and doesn't mention prerequisites such as needing a valid token.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.