Skip to main content
Glama

execute_probe

Execute one read-only tool probe after verifying read-only status, schema validity, and argument provenance; returns observation or rejection reason.

Instructions

Validate and, if permitted, execute ONE tool call against the target. DEFAULT-DENY: a probe runs ONLY IF it is provably read-only — a read-verb tool name (list/get/read/search/...), a server readOnlyHint, or a query-executor whose sql/query argument is a read-only statement (SELECT/WITH/SHOW/DESCRIBE/EXPLAIN/PRAGMA). A write-verb tool name or the destructive backstop (server destructiveHint or destructive-verb name) rejects regardless of your declaration. Your classification is REQUIRED but ADVISORY — recorded as evidence, it never authorizes execution. Also enforces JSON-schema validation, anti-fabrication provenance (an argument that DECLARES an observed source must cite a value actually captured — otherwise rejected; providing provenance is optional but citing a non-existent observation is fabrication), and the probe budget. Returns a redacted observation or the rejection reason. The observation's identifiers list EVERY short leaf scalar as a candidate (name, value, json_pointer, from_tool) — your raw material to author entity names, identifiers, enums (from distinct values), and relationships. Every result includes a gaps report (unsampled_structures, unexecuted_tools, untraversed_identifiers, sampling_hints, depth_signal).

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
toolYesA tool name from inspect_target's tool_cards.
targetYes
argumentsYesArguments for the target tool call.
objectiveNoOptional note on what this probe is trying to learn.
provenanceNoOrigin of each argument. Provide it for any identifier you took from a prior response: use kind "observed" citing the exact probe and pointer the value came from — DiscoMCP verifies that citation exists and rejects a fabricated one. Use "user_defined" ONLY for a value the human user explicitly supplied. Omitting provenance no longer rejects a probe, but never invent an identifier and claim it was observed.
classificationYesYOUR risk classification of this tool, judged from its name, description, input_schema and annotations. ADVISORY evidence only: recorded as agent-attributed evidence in the profile, it does NOT authorize execution. DiscoMCP runs a probe only when it is provably read-only (read-verb tool name, server readOnlyHint, or a query-executor with a read-only sql/query argument); write-verb names and the destructive backstop are rejected regardless of what you declare.
Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description fully discloses behavioral traits: validation, execution conditions, classification advisory, provenance checking, anti-fabrication, budget enforcement, return values (redacted observation or rejection reason), and gaps report. There is no contradiction with missing annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is lengthy but packed with essential information for a complex tool. It front-loads the purpose and then systematically explains behavioral rules. Could be slightly more concise, but the density of information justifies the length.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (6 parameters, nested objects, no output schema), the description is remarkably complete. It explains all behaviors, return values, and edge cases (rejection reasons, gaps report). There are no obvious gaps.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 83%, which is high, but the description adds significant value beyond the schema by explaining the advisory nature of classification, provenance checking rules, and the meaning of gaps report. It helps the agent understand parameter semantics more fully.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Validate and, if permitted, execute ONE tool call against the target.' It specifies it is for probe execution, distinguishing it from sibling tools like inspect_target or list_targets which serve different functions. The verb 'execute' and resource 'probe' are explicit.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines5/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides detailed usage guidelines: 'DEFAULT-DENY' policy, conditions for a probe to run (read-only provability), classification advisory, provenance requirements, and budget enforcement. It explicitly contrasts with destructive tools and tells when not to use. This is comprehensive guidance.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/ieranama/discomcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server