Skip to main content
Glama
douglasborthwick-crypto

mcp-server-insumer

by douglasborthwick-crypto
OverviewSchemaRelated ServersScoreDiscussions
JavaScript

insumer_jwks

Retrieve InsumerAPI's ECDSA P-256 public signing key via JWKS to verify attestation signatures dynamically without hardcoding the key. No authentication required.

Instructions

Get the JWKS (JSON Web Key Set) containing InsumerAPI's ECDSA P-256 public signing key. Use this to verify attestation signatures without hardcoding the key. The kid field in attestation responses identifies which key signed the response. No authentication required.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault

No arguments

Implementation Reference

  • src/index.ts:159-170 (handler)
    The actual handler for the 'insumer_jwks' tool. It fetches the JWKS (JSON Web Key Set) from the InsumerAPI endpoint and returns it as JSON. No authentication or parameters required.
    server.tool(
  "insumer_jwks",
  "Get the JWKS (JSON Web Key Set) containing InsumerAPI's ECDSA P-256 public signing key. Use this to verify attestation signatures without hardcoding the key. The kid field in attestation responses identifies which key signed the response. No authentication required.",
  {},
  async () => {
    const res = await fetch(`${API_BASE}/jwks`);
    const data = await res.json();
    return {
      content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }],
    };
  }
);
  • src/index.ts:159-162 (schema)
    Schema definition for the insumer_jwks tool. It takes an empty object (no parameters) and has a description string explaining its purpose.
    server.tool(
  "insumer_jwks",
  "Get the JWKS (JSON Web Key Set) containing InsumerAPI's ECDSA P-256 public signing key. Use this to verify attestation signatures without hardcoding the key. The kid field in attestation responses identifies which key signed the response. No authentication required.",
  {},
  • src/index.ts:159-170 (registration)
    Registration of the 'insumer_jwks' tool via server.tool() on the McpServer instance. The tool name, description, empty schema, and handler are all registered here.
    server.tool(
  "insumer_jwks",
  "Get the JWKS (JSON Web Key Set) containing InsumerAPI's ECDSA P-256 public signing key. Use this to verify attestation signatures without hardcoding the key. The kid field in attestation responses identifies which key signed the response. No authentication required.",
  {},
  async () => {
    const res = await fetch(`${API_BASE}/jwks`);
    const data = await res.json();
    return {
      content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }],
    };
  }
);

Tool Definition Quality

A4.5/5.0
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description covers behavioral traits well, stating it is a read operation and requires no authentication. It does not mention rate limits or response format, but for a simple get, this is sufficient.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Three short, front-loaded sentences with no extraneous information. Every sentence adds value: purpose, usage guidance, and authentication requirement.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's simplicity (no parameters, no output schema), the description fully explains its purpose, usage, and a key behavioral note (no auth). It is complete for an agent to decide when to invoke it.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The tool has zero parameters, so schema coverage is effectively 100%. The description does not need to add parameter details, and the baseline score of 4 applies.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool retrieves the JWKS containing the ECDSA P-256 public signing key, distinguishing it from other sibling tools like insumer_attest or insumer_verify, which focus on different operations.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly says to use this tool for verifying attestation signatures without hardcoding the key, and explains the role of the 'kid' field. It provides good usage context but does not explicitly mention when not to use it.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/douglasborthwick-crypto/mcp-server-insumer'

If you have feedback or need assistance with the MCP directory API, please join our Discord server