Get CWE Detail

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already declare readOnlyHint=true, destructiveHint=false, idempotentHint=true. The description adds that it returns specific fields but does not disclose additional behavioral traits (e.g., whether the data is cached, latency implications, or pagination). No contradiction with annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences: first defines purpose and output fields, second provides an example. No wasted words; information is front-loaded and efficiently conveyed.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the single parameter and no output schema, the description adequately covers what the tool does and returns. It lists the key fields but doesn't specify the exact return structure (e.g., JSON keys). For a detail retrieval tool, this is mostly sufficient.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema fully documents the cwe_id parameter with pattern and description. The description adds value by showing an example usage ('cwe_id='CWE-79'') and explaining the parameter in context, which helps the agent understand the expected format beyond the regex.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the verb 'Get', the resource 'CWE', and lists specific fields returned (full name, description, exploit likelihood, parent CWE, total vulnerability count). It also provides an example with 'CWE-79', distinguishing it from sibling tools like list_cwes which returns all CWEs.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage when needing details of a specific CWE, but does not explicitly state when to use or not use this tool compared to alternatives like list_cwes or get_vulnerability. No exclusionary guidance is provided.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.