inkog_skill_scan

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden. It discloses that deep=true takes ~10 minutes and catches novel threats. It lists vulnerability types but does not mention rate limits, auth needs, or side effects. This is sufficient for a scan tool.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is concise, with only a few sentences front-loaded with the main purpose. Every sentence adds value, and there is no repetition or wasted words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity of scanning for multiple vulnerabilities and the absence of an output schema, the description is fairly complete. It explains what it does, what it detects, and how to use it. However, it could mention the return format (e.g., a report of findings) to fully inform the agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, and the description adds context for the 'deep' parameter ('AI-powered deep analysis (~10 min, catches novel threats)'). The other parameters are standard and well-described in the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description explicitly states the tool 'scans SKILL.md packages and agent tool definitions for security vulnerabilities' and lists specific vulnerability types, mapping to OWASP frameworks. It also distinguishes from the sibling tool inkog_mcp_scan for MCP server scanning.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides a clear alternative: 'For MCP server scanning, use inkog_mcp_scan instead.' It also explains when to set deep=true for deep analysis. However, it does not mention prerequisites or when not to use the tool beyond the MCP distinction.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.