Identifies login requests by detecting POST requests with password or encryption parameters, aiding in JS reverse engineering for security analysis.
智能定位登录请求,自动识别包含密码/加密参数的POST请求
| Name | Required | Description | Default |
|---|---|---|---|
| keywords | No | 额外关键词用于匹配,如['encrypt','cipher'] |
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description carries the full burden. It states it 'automatically identifies' requests but does not disclose what happens if no matching request exists, whether it modifies state, or any side effects. The tool's behavior beyond identification is unclear.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is a single concise sentence that conveys the core functionality. It is front-loaded and efficient, though it could be slightly more detailed. Every word earns its place.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given one optional parameter and no output schema, the description is adequate but not fully complete. It does not specify the return format or what the output contains (e.g., list of request IDs). For a simple detection tool, it's minimally viable but could be improved.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The single parameter 'keywords' is described in the schema as 'additional keywords for matching, e.g., ['encrypt','cipher']'. The description adds value by explaining the purpose and providing examples, beyond the schema field name. Schema coverage is 100%, so baseline is 3; the example pushes it to 4.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool's purpose: intelligently locate login requests by auto-identifying POST requests with password/encrypted parameters. It uses a specific verb and resource, and distinguishes from sibling tools like network_get_requests.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies usage for finding login requests but provides no explicit guidance on when to use this tool versus alternatives such as crypto_auto_detect or network_compare_requests. No exclusions or context are given.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/jenn619/JS-reverse-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server