Check whether Dependabot security updates and version updates are configured for a GitHub repository to identify missing automated dependency updates.
Check if Dependabot security updates and version updates are configured. Detects SUP-002.
| Name | Required | Description | Default |
|---|---|---|---|
| owner | Yes | Repository owner | |
| repo | Yes | Repository name |
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description must cover behavioral traits. It only mentions detection of SUP-002 but does not disclose read-only nature, error behavior, or any side effects. The minimal description leaves the agent uninformed about operational characteristics.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is extremely concise, with two sentences that directly state the purpose. Every word earns its place, and there is no redundant information.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool's low complexity (2 parameters, no output schema), the description is adequate but lacks details about the return value or policy rule SUP-002. It covers the core function but could be more complete for agent decision-making.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100%, so the baseline is 3. The description adds no additional meaning or context beyond what the schema already provides (e.g., no format hints, no description of what constitutes valid owner/repo).
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the verb ('Check'), resource ('Dependabot security updates and version updates'), and the specific detection rule (SUP-002). It is distinct from sibling tools like github_check_repo_dependabot by focusing on updates configuration.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies the tool is used to check Dependabot update configuration, but it does not provide explicit guidance on when to use it versus other tools (e.g., github_check_repo_dependabot). No exclusions or alternative suggestions are given.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/badchars/github-security-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server