Warden MCP Server

Move Item To Organization

keychain_move_item_to_organization

Transfer a vault item to an organization and optionally assign it to specific collections for team-based access control.

Instructions

Move an item to an organization (optionally assigning collection ids).

Input Schema

TableJSON Schema

Name	Required	Description	Default
`id`	Yes
`organizationId`	Yes
`collectionIds`	No

Implementation Reference

src/tools/registerTools.ts:439-1460 (handler)

The tool "keychain_move_item_to_organization" (registered as `${deps.toolPrefix}.move_item_to_organization`) is defined here. It uses the `sdk.moveItemToOrganization` method to perform the action.

  `${deps.toolPrefix}.move_item_to_organization`,
  {
    title: 'Move Item To Organization',
    description:
      'Move an item to an organization (optionally assigning collection ids).',
    inputSchema: {
      id: z.string(),
      organizationId: z.string(),
      collectionIds: z.array(z.string()).optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const item = await sdk.moveItemToOrganization(input);
    return {
      structuredContent: { item },
      content: [{ type: 'text', text: 'Moved.' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.list_organizations`,
  {
    title: 'List Organizations',
    description:
      'List organizations available to the current Bitwarden user.',
    annotations: { readOnlyHint: true },
    inputSchema: {
      search: z.string().optional(),
      limit: z.number().int().min(1).max(500).optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const orgs = await sdk.listOrganizations(input);
    const results = orgs
      .filter((x) => x && typeof x === 'object')
      .map((x) => {
        const rec = x as Record<string, unknown>;
        return { id: rec.id, name: rec.name };
      });
    return {
      structuredContent: { results },
      content: [{ type: 'text', text: `Found ${results.length} org(s).` }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.list_collections`,
  {
    title: 'List Collections',
    description: 'List collections (optionally filtered by organization).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      search: z.string().optional(),
      organizationId: z.string().optional(),
      limit: z.number().int().min(1).max(500).optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const cols = await sdk.listCollections(input);
    const results = cols
      .filter((x) => x && typeof x === 'object')
      .map((x) => {
        const rec = x as Record<string, unknown>;
        return {
          id: rec.id,
          name: rec.name,
          organizationId: rec.organizationId ?? null,
        };
      });
    return {
      structuredContent: { results },
      content: [
        { type: 'text', text: `Found ${results.length} collection(s).` },
      ],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.search_items`,
  {
    title: 'Search Items',
    description:
      'Search vault items by text and filters (org/folder/collection/url).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      text: z.string().optional(),
      type: z
        .enum(['login', 'note', 'ssh_key', 'card', 'identity'])
        .optional(),
      organizationId: z
        .union([z.string(), z.literal('null'), z.literal('notnull')])
        .optional(),
      folderId: z
        .union([z.string(), z.literal('null'), z.literal('notnull')])
        .optional(),
      collectionId: z.string().optional(),
      url: z.string().optional(),
      trash: z.boolean().optional(),
      limit: z.number().int().min(1).max(500).optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const items = await sdk.searchItems(input);
    const minimal = items.map((i) => sdk.minimalSummary(i));
    return {
      structuredContent: { results: minimal },
      content: [{ type: 'text', text: `Found ${minimal.length} item(s).` }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_item`,
  {
    title: 'Get Item',
    description: 'Get a vault item by id.',
    annotations: { readOnlyHint: true },
    inputSchema: {
      id: z.string(),
      reveal: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const item = await sdk.getItem(input.id, {
      reveal: effectiveReveal(input),
    });
    return {
      structuredContent: { item },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_uri`,
  {
    title: 'Get URI',
    description: 'Get a login URI by search term (bw get uri).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      term: z.string(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const uri = await sdk.getUri(input);
    return {
      structuredContent: toolResult('uri', uri.value, uri.revealed),
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_notes`,
  {
    title: 'Get Notes',
    description: 'Get item notes by search term (bw get notes).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      term: z.string(),
      reveal: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const notes = await sdk.getNotes(
      { term: input.term },
      { reveal: effectiveReveal(input) },
    );
    return {
      structuredContent: toolResult('notes', notes.value, notes.revealed),
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_exposed`,
  {
    title: 'Get Exposed',
    description: 'Check exposed status by search term (bw get exposed).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      term: z.string(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const exposed = await sdk.getExposed(input);
    return {
      structuredContent: toolResult(
        'exposed',
        exposed.value,
        exposed.revealed,
      ),
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_folder`,
  {
    title: 'Get Folder',
    description: 'Get a folder by id (bw get folder).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      id: z.string(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const folder = await sdk.getFolder(input);
    return {
      structuredContent: { folder },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_collection`,
  {
    title: 'Get Collection',
    description: 'Get a collection by id (bw get collection).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      id: z.string(),
      organizationId: z.string().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const collection = await sdk.getCollection(input);
    return {
      structuredContent: { collection },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_organization`,
  {
    title: 'Get Organization',
    description: 'Get an organization by id (bw get organization).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      id: z.string(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const organization = await sdk.getOrganization(input);
    return {
      structuredContent: { organization },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_org_collection`,
  {
    title: 'Get Org Collection',
    description: 'Get an org collection by id (bw get org-collection).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      id: z.string(),
      organizationId: z.string().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const collection = await sdk.getOrgCollection(input);
    return {
      structuredContent: { collection },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.delete_item`,
  {
    title: 'Delete Item',
    description:
      'Delete an item by id (soft-delete by default; set permanent=true to hard delete).',
    inputSchema: {
      id: z.string(),
      permanent: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    await sdk.deleteItem(input);
    return {
      structuredContent: { ok: true },
      content: [{ type: 'text', text: 'Deleted.' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.delete_items`,
  {
    title: 'Delete Items',
    description:
      'Delete multiple items by id. Returns per-id results (soft-delete by default; set permanent=true to hard delete).',
    inputSchema: {
      ids: z.array(z.string()).min(1).max(200),
      permanent: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const results = await sdk.deleteItems(input);
    const okCount = results.filter((r) => r.ok).length;
    return {
      structuredContent: { results, okCount, total: results.length },
      content: [
        { type: 'text', text: `Deleted ${okCount}/${results.length}.` },
      ],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.restore_item`,
  {
    title: 'Restore Item',
    description: 'Restore an item from trash by id.',
    inputSchema: {
      id: z.string(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const item = await sdk.restoreItem(input);
    return {
      structuredContent: { item },
      content: [{ type: 'text', text: 'Restored.' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.create_attachment`,
  {
    title: 'Create Attachment',
    description:
      'Attach a file (base64) to an existing item. Returns the updated (redacted) item.',
    inputSchema: {
      itemId: z.string(),
      filename: z.string(),
      contentBase64: z.string(),
      reveal: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const item = await sdk.createAttachment(clampReveal(input));
    return {
      structuredContent: { item },
      content: [{ type: 'text', text: 'Attached.' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.delete_attachment`,
  {
    title: 'Delete Attachment',
    description:
      'Delete an attachment from an item. Returns the updated (redacted) item.',
    inputSchema: {
      itemId: z.string(),
      attachmentId: z.string(),
      reveal: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const item = await sdk.deleteAttachment(clampReveal(input));
    return {
      structuredContent: { item },
      content: [{ type: 'text', text: 'Deleted.' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_attachment`,
  {
    title: 'Get Attachment',
    description:
      'Download an attachment from an item and return it as base64 (bw get attachment).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      itemId: z.string(),
      attachmentId: z.string(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const attachment = await sdk.getAttachment(input);
    return {
      structuredContent: { attachment },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.send_list`,
  {
    title: 'Send List',
    description: 'List all the Sends owned by you (bw send list).',
    annotations: { readOnlyHint: true, openWorldHint: true },
    inputSchema: {},
    _meta: toolMeta,
  },
  async (_input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const sends = await sdk.sendList();
    return {
      structuredContent: { sends },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.send_template`,
  {
    title: 'Send Template',
    description: 'Get json templates for send objects (bw send template).',
    annotations: { readOnlyHint: true, openWorldHint: true },
    inputSchema: {
      object: z.enum(['send.text', 'text', 'send.file', 'file']),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const template = await sdk.sendTemplate(input);
    return {
      structuredContent: { template },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.send_get`,
  {
    title: 'Send Get',
    description:
      'Get Sends owned by you. Use text=true to return text content; downloadFile=true to download a file send (bw send get).',
    annotations: { readOnlyHint: true, openWorldHint: true },
    inputSchema: {
      id: z.string(),
      text: z.boolean().optional(),
      downloadFile: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const result = await sdk.sendGet(input);
    return {
      structuredContent: { result },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.send_create`,
  {
    title: 'Send Create',
    description:
      'Create a Bitwarden Send. For file sends, pass filename+contentBase64. (bw send).',
    annotations: {
      readOnlyHint: false,
      destructiveHint: false,
      openWorldHint: true,
    },
    inputSchema: {
      type: z.enum(['text', 'file']),
      text: z.string().optional(),
      filename: z.string().optional(),
      contentBase64: z.string().optional(),
      deleteInDays: z.number().int().min(1).max(3650).optional(),
      password: z.string().optional(),
      maxAccessCount: z.number().int().min(1).max(1_000_000).optional(),
      hidden: z.boolean().optional(),
      name: z.string().optional(),
      notes: z.string().optional(),
      fullObject: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const send = await sdk.sendCreate(input);
    return {
      structuredContent: { send },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.send_create_encoded`,
  {
    title: 'Send Create (Encoded JSON)',
    description:
      'Create a Send via `bw send create`. Provide `encodedJson` (base64) or `json` (will be bw-encoded). Optional: `text`, `hidden`, or `file` (filename+contentBase64).',
    annotations: {
      readOnlyHint: false,
      destructiveHint: false,
      openWorldHint: true,
    },
    inputSchema: {
      encodedJson: z.string().optional(),
      json: z.unknown().optional(),
      text: z.string().optional(),
      hidden: z.boolean().optional(),
      file: z
        .object({
          filename: z.string(),
          contentBase64: z.string(),
        })
        .optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const send = await sdk.sendCreateEncoded(input);
    return {
      structuredContent: { send },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.send_edit`,
  {
    title: 'Send Edit (Encoded JSON)',
    description:
      'Edit a Send via `bw send edit`. Provide `encodedJson` (base64) or `json` (will be bw-encoded). Optional: `itemId` (maps to --itemid).',
    annotations: {
      readOnlyHint: false,
      destructiveHint: false,
      openWorldHint: true,
    },
    inputSchema: {
      encodedJson: z.string().optional(),
      json: z.unknown().optional(),
      itemId: z.string().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const send = await sdk.sendEdit(input);
    return {
      structuredContent: { send },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.send_remove_password`,
  {
    title: 'Send Remove Password',
    description: "Remove a Send's saved password (bw send remove-password).",
    annotations: {
      readOnlyHint: false,
      destructiveHint: true,
      openWorldHint: true,
    },
    inputSchema: {
      id: z.string(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const result = await sdk.sendRemovePassword(input);
    return {
      structuredContent: { result },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.send_delete`,
  {
    title: 'Send Delete',
    description: 'Delete a Send (bw send delete).',
    annotations: {
      readOnlyHint: false,
      destructiveHint: true,
      openWorldHint: true,
    },
    inputSchema: {
      id: z.string(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const result = await sdk.sendDelete(input);
    return {
      structuredContent: { result },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.receive`,
  {
    title: 'Receive',
    description:
      'Access a Bitwarden Send from a url. Use obj=true for JSON object; downloadFile=true for file content. (bw receive)',
    annotations: { readOnlyHint: true, openWorldHint: true },
    inputSchema: {
      url: z.string(),
      password: z.string().optional(),
      obj: z.boolean().optional(),
      downloadFile: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const result = await sdk.receive(input);
    return {
      structuredContent: { result },
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_username`,
  {
    title: 'Get Username',
    description: 'Get a login username by search term (bw get username).',
    annotations: { readOnlyHint: true },
    inputSchema: {
      term: z.string(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const username = await sdk.getUsername(input);
    return {
      structuredContent: toolResult(
        'username',
        username.value,
        username.revealed,
      ),
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_password`,
  {
    title: 'Get Password',
    description:
      'Get a login password by search term (bw get password). Returning a password requires reveal=true.',
    annotations: { readOnlyHint: true },
    inputSchema: {
      term: z.string(),
      reveal: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const password = await sdk.getPassword(
      { term: input.term },
      { reveal: effectiveReveal(input) },
    );
    return {
      structuredContent: toolResult(
        'password',
        password.value,
        password.revealed,
      ),
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_totp`,
  {
    title: 'Get TOTP',
    description:
      'Get a TOTP code/seed by search term (bw get totp). Returning a TOTP requires reveal=true.',
    annotations: { readOnlyHint: true },
    inputSchema: {
      term: z.string(),
      reveal: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const totp = await sdk.getTotp(
      { term: input.term },
      { reveal: effectiveReveal(input) },
    );
    return {
      structuredContent: toolResult('totp', totp.value, totp.revealed, {
        period: totp.period,
        timeLeft: totp.timeLeft,
      }),
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.get_password_history`,
  {
    title: 'Get Password History',
    description:
      'Get an item password history (if any). Returning passwords requires reveal=true.',
    annotations: { readOnlyHint: true },
    inputSchema: {
      id: z.string(),
      reveal: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const history = await sdk.getPasswordHistory(input.id, {
      reveal: effectiveReveal(input),
    });
    return {
      structuredContent: toolResult(
        'password_history',
        history.value,
        history.revealed,
      ),
      content: [{ type: 'text', text: 'OK' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.create_login`,
  {
    title: 'Create Login',
    description: 'Create a login item.',
    inputSchema: {
      name: z.string(),
      username: z.string().optional(),
      password: z.string().optional(),
      uris: z
        .array(
          z.object({
            uri: z.string(),
            match: uriMatchInputSchema.optional(),
          }),
        )
        .optional(),
      totp: z.string().optional(),
      notes: z.string().optional(),
      fields: z
        .array(
          z.object({
            name: z.string(),
            value: z.string(),
            hidden: z.boolean().optional(),
          }),
        )
        .optional(),
      attachments: z
        .array(
          z.object({
            filename: z.string(),
            contentBase64: z.string(),
          }),
        )
        .optional(),
      favorite: z.boolean().optional(),
      organizationId: z.string().optional(),
      collectionIds: z.array(z.string()).optional(),
      folderId: z.string().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const created = await sdk.createLogin({
      ...input,
      uris: normalizeUrisInput(input.uris),
    });
    return {
      structuredContent: { item: created },
      content: [{ type: 'text', text: 'Created.' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.create_logins`,
  {
    title: 'Create Logins',
    description: 'Create multiple login items in a single call.',
    inputSchema: {
      items: z.array(
        z.object({
          name: z.string(),
          username: z.string().optional(),
          password: z.string().optional(),
          uris: z
            .array(
              z.object({
                uri: z.string(),
                match: uriMatchInputSchema.optional(),
              }),
            )
            .optional(),
          totp: z.string().optional(),
          notes: z.string().optional(),
          fields: z
            .array(
              z.object({
                name: z.string(),
                value: z.string(),
                hidden: z.boolean().optional(),
              }),
            )
            .optional(),
          attachments: z
            .array(
              z.object({
                filename: z.string(),
                contentBase64: z.string(),
              }),
            )
            .optional(),
          favorite: z.boolean().optional(),
          organizationId: z.string().optional(),
          collectionIds: z.array(z.string()).optional(),
          folderId: z.string().optional(),
        }),
      ),
      continueOnError: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const results = await sdk.createLogins({
      items: input.items.map((it) => ({
        ...it,
        uris: normalizeUrisInput(it.uris),
      })),
      continueOnError: input.continueOnError,
    });
    return {
      structuredContent: { results },
      content: [
        { type: 'text', text: `Created ${results.length} login(s).` },
      ],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.set_login_uris`,
  {
    title: 'Set Login URIs',
    description:
      'Set or update the URIs (and per-URI match types) for a login item. mode=replace overwrites; mode=merge updates/adds by uri.',
    inputSchema: {
      id: z.string(),
      mode: z.enum(['replace', 'merge']).optional(),
      uris: z.array(
        z.object({
          uri: z.string(),
          match: uriMatchInputSchema.optional(),
        }),
      ),
      reveal: z.boolean().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const updated = await sdk.setLoginUris({
      id: input.id,
      mode: input.mode,
      uris: normalizeUrisInput(input.uris) ?? [],
      reveal: effectiveReveal(input),
    });
    return {
      structuredContent: { item: updated },
      content: [{ type: 'text', text: 'Updated.' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.create_note`,
  {
    title: 'Create Note',
    description: 'Create a secure note item.',
    inputSchema: {
      name: z.string(),
      notes: z.string().optional(),
      fields: z
        .array(
          z.object({
            name: z.string(),
            value: z.string(),
            hidden: z.boolean().optional(),
          }),
        )
        .optional(),
      favorite: z.boolean().optional(),
      organizationId: z.string().optional(),
      collectionIds: z.array(z.string()).optional(),
      folderId: z.string().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const created = await sdk.createNote(input);
    return {
      structuredContent: { item: created },
      content: [{ type: 'text', text: 'Created.' }],
    };
  },
);

registerTool(
  `${deps.toolPrefix}.create_ssh_key`,
  {
    title: 'Create SSH Key',
    description:
      'Create an SSH key object (stored as secure note with fields).',
    inputSchema: {
      name: z.string(),
      publicKey: z.string(),
      privateKey: z.string(),
      fingerprint: z.string().optional(),
      comment: z.string().optional(),
      notes: z.string().optional(),
      favorite: z.boolean().optional(),
      organizationId: z.string().optional(),
      collectionIds: z.array(z.string()).optional(),
      folderId: z.string().optional(),
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    if (isReadOnly) return readonlyBlocked();
    const sdk = await deps.getSdk(extra.authInfo);
    const created = await sdk.createSshKey(input);
    return {
      structuredContent: { item: created },

Tool Definition Quality

C2.8/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden for behavioral disclosure. It mentions the optional assignment of collection ids, which adds some context, but fails to cover critical aspects like whether this is a destructive operation, permission requirements, side effects on the item or organization, or error conditions. This is inadequate for a mutation tool.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence with zero wasted words. It is front-loaded with the core action and includes the optional parameter detail concisely, making it easy to parse quickly.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (a mutation operation with 3 parameters), lack of annotations, and no output schema, the description is incomplete. It omits details on parameter meanings, behavioral traits, return values, and usage context, leaving significant gaps for an AI agent to operate effectively.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters2/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description must compensate. It only mentions 'collection ids' as optional, ignoring 'id' and 'organizationId' parameters. This leaves two required parameters undocumented, failing to add meaningful semantics beyond the bare schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Move') and target ('an item to an organization'), which is specific and distinguishes it from sibling tools like 'keychain_delete_item' or 'keychain_update_item'. However, it doesn't specify what type of 'item' is being moved (e.g., login, card, note), which prevents a perfect score.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives like 'keychain_update_item' or 'keychain_restore_item', nor does it mention prerequisites or constraints. It simply restates the basic function without contextual usage information.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/icoretech/warden-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server