frontend_security_audit_ci_pipeline

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already declare readOnlyHint, idempotentHint, etc. Description adds behavior beyond annotations, notably that ${{ secrets.FOO }} and ${{ env.FOO }} references are NOT flagged, only literal secrets. Also specifies size limit (500 KB) and output structure (risk_level, findings).

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is front-loaded with the action, then parameters, output, behavioral note, safety assurance, and feedback fallback. Every sentence adds value, though the feedback section is more meta-tooling. Still well-structured and not overly verbose.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (multiple config types, output schema exists), the description is complete: it covers what is scanned, checked, and not checked, parameter details, size limit, read-only nature, and a feedback mechanism. No gaps remain for agent selection or invocation.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% with both parameters fully described in the schema. The description repeats these details (e.g., 'Required. 500 KB max.') but does not add new semantic meaning beyond what the schema provides. Baseline 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool scans CI configs (GitHub Actions, Vercel, Netlify) for exposed secrets, missing lockfile enforcement, and unpinned dependencies. It distinguishes from sibling tools like frontend_security_audit_manifest by specifying the resource (CI configs) and checks performed.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides context on when to use (user has CI config content), notes limited functionality for Vercel/Netlify (secrets only in Sprint 8), and clarifies that ${{ secrets/ env }} references are not flagged. It lacks explicit alternatives or when-not-to-use but offers a feedback fallback if results don't serve the need.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.