Enumerate all security checks in the MCP security scanner with name, description, OWASP MCP Top 10 mapping, severity range, and category.
List all security checks available in mcp-security-scanner with name, description, OWASP MCP Top 10 mapping, severity range, and category.
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations exist, so the description must disclose behavioral traits. It does not state whether the operation is read-only, if authentication is needed, rate limits, or any side effects. While a list operation is presumably safe, this is not explicitly confirmed.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is a single sentence that front-loads the action and resource. It efficiently conveys the purpose and output details. Slight improvement could be breaking into two sentences for readability, but current structure is effective.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
With zero parameters and no output schema, the description covers the basic purpose and output fields. However, it lacks usage context and behavioral transparency, leaving gaps for an AI agent to fully determine when and how to invoke it correctly.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
There are zero parameters with 100% schema coverage. The description does not need to add parameter semantics since none exist. It appropriately describes the output fields but does not detail the response format (e.g., array of objects), but without an output schema this is acceptable.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description explicitly states the action ('List all security checks'), the resource ('mcp-security-scanner'), and the attributes returned (name, description, OWASP MCP Top 10 mapping, severity range, category). This is a specific verb+resource combination that clearly distinguishes it from sibling tools like scanner_owasp_mapping or specific check tools.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides no guidance on when to use this tool versus alternatives (e.g., when to list all checks vs. run a specific check). It does not mention prerequisites, frequency, or disclaimers about when not to use it.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/badchars/mcp-security-scanner'
If you have feedback or need assistance with the MCP directory API, please join our Discord server