Skip to main content
Glama
geoffbelknap

LimaCharlie MCP

by geoffbelknap

lc_list_vulnerability_cve_hosts

List all hosts affected by a given CVE to identify vulnerable endpoints for targeted remediation.

Instructions

List endpoints affected by one CVE.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
cveYes
oidYes
limitNo
cursorNo
searchNo
filtersNo
sort_byNo
sort_ascNo
include_tagsNo
filter_via_stateNo
normalized_package_nameNo
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations provided, so description carries full burden. It does not disclose behavioral traits like read-only nature, pagination (implied by cursor/limit params), authentication needs, or rate limits. Only states the basic action.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness3/5

Is the description appropriately sized, front-loaded, and free of redundancy?

At 5 words, it is very concise but lacks structure. It front-loads the purpose but omits necessary details. A good compromise would be slightly longer to cover key aspects.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness1/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity (11 params, no output schema, no annotations), the description is severely incomplete. It does not explain how to use the tool, what the response contains, or how it differs from other vulnerability list tools. Highly incomplete.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters1/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0% and description adds no meaning for any of the 11 parameters. Does not explain what 'oid', 'cve', 'limit', 'cursor', etc. represent. Completely inadequate for a parameter-heavy tool.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description 'List endpoints affected by one CVE' is specific about the verb and resource. It distinguishes from sibling tools that list CVEs themselves (lc_list_vulnerability_cves) or all endpoints (lc_list_vulnerability_endpoints), though it could be more explicit.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No guidance on when to use this tool vs alternatives like lc_list_vulnerability_endpoints. No prerequisites or context about required parameters (oid, cve) are mentioned. Usage is implied but not stated.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/geoffbelknap/limacharlie-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server