Model Safety MCP

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden of behavioral disclosure. It states the tool runs artifact_safety_report and aggregates findings, which implies a read-only, non-destructive operation, but doesn't clarify permissions needed, rate limits, error handling, or what 'aggregate' entails (e.g., format, summarization). For a tool with no annotations, this leaves significant gaps in understanding its behavior.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that front-loads the core action: 'Run artifact_safety_report across every file in a directory and aggregate the findings.' It has zero waste, with every word contributing to understanding the tool's purpose without unnecessary elaboration.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity (directory scanning with aggregation), no annotations, no output schema, and low parameter coverage, the description is incomplete. It lacks details on output format, error cases, performance implications, or how it interacts with sibling tools. For a tool that processes multiple files and aggregates results, more context is needed to use it effectively.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 1 parameter (path) with 0% description coverage, meaning the schema provides no semantic context. The description adds minimal value by implying the path is to a directory ('every file in a directory'), but doesn't specify format (e.g., absolute/relative path), constraints, or examples. This is insufficient compensation for the low schema coverage, failing to fully document the parameter's meaning.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Run artifact_safety_report across every file in a directory and aggregate the findings.' It specifies the verb (run and aggregate), the resource (files in a directory), and the operation (artifact_safety_report). However, it doesn't explicitly differentiate from sibling tools like modelscan_scan or picklescan_scan, which might perform similar scanning operations on directories.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. It mentions artifact_safety_report as the underlying operation but doesn't explain when to choose this directory-level scan over individual file scans or other sibling tools like deep_model_inspect. There are no explicit when/when-not statements or named alternatives beyond the implied artifact_safety_report.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.