Scan files for sensitive information with regex, checksum, and optional AI detection, then apply masking strategies like mask, replace, hash, or redact.
扫描文件中的敏感信息
Args: file_path: 文件路径 enable_ai: 是否启用 AI 检测 mask_strategy: 脱敏策略
Returns: JSON 格式的检测结果
| Name | Required | Description | Default |
|---|---|---|---|
| file_path | Yes | ||
| enable_ai | No | ||
| mask_strategy | No |
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description must carry the full burden. It only states that the tool returns JSON detection results, but does not disclose whether it is read-only, destructive, or requires specific permissions. No side effects or behavioral traits are mentioned.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is concise with a single purpose line and clearly separated Args/Returns sections. Every sentence is functional, though the main description could be more front-loaded. No redundant content.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the presence of an output schema (implied but not shown), the description should explain what the detection results contain, the effect of enable_ai, and possible mask_strategy values. It lacks this context, making it incomplete for an AI agent to fully understand the tool's behavior.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
With 0% schema description coverage, the description adds meaning by naming each parameter and giving brief Chinese explanations: '文件路径' for file_path, '是否启用 AI 检测' for enable_ai (adding AI context), and '脱敏策略' for mask_strategy. This goes beyond the schema's type/default, but still lacks detail on expected values or behavior.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the verb (scan) and resource (files) for sensitive information. It distinguishes from siblings like scan_text and scan_report by specifying files. The purpose is specific and unambiguous.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
No guidance on when to use this tool versus alternatives such as scan_text, mask_file, or list_rules. The description does not mention prerequisites, context, or exclusions.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/hawklithm/sensitive-info-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server