guardvibe

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full disclosure burden. It explains the analysis mechanism ('following variable assignments through code') but omits safety profile (read-only vs. destructive), performance characteristics, or output structure (findings format, locations reported).

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

Two dense sentences with zero waste. Front-loaded with the core action ('Track user input'), followed by specific examples, value proposition, and technical mechanism. Every clause adds unique information about scope or capability.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the lack of output schema, the description should ideally characterize return values (e.g., list of vulnerabilities, dataflow paths). While the input side is well-covered via the schema, the omission of output format or error behavior leaves a gap for a security analysis tool with no annotations.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

With 100% schema description coverage, the baseline is 3. The description adds context that the code parameter will be analyzed for tainted data flows, but does not elaborate on parameter syntax, validation rules, or provide examples beyond what the schema already documents.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

Description uses specific verbs ('Track', 'Detects') and enumerates exact sources (request body, URL params, form data) and sinks (SQL queries, eval, file operations, redirects). It distinguishes from regex-based siblings (scan_file, check_code) by emphasizing 'variable assignments' and vulnerabilities 'that regex rules miss'.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

Implies when to use via 'Detects injection vulnerabilities that regex rules miss,' suggesting use for taint analysis when pattern matching is insufficient. However, it lacks explicit guidance on when to use sibling analyze_cross_file_dataflow versus this tool for single-file analysis.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.