run_security_scanRun a combined SAST and secret detection scan on any directory using semgrep and gitleaks, returning a structured JSON audit report with installation guides for missing tools.
对目标目录执行安全扫描,内部自动并行调用 semgrep(SAST 静态分析)和 gitleaks(硬编码密钥检测),返回合并的结构化 JSON 审计报告。若依赖工具未安装,报告中会附带各平台的安装指引。
| Name | Required | Description | Default |
|---|---|---|---|
| target_path | Yes | 要扫描的目标目录的绝对路径,如 /home/user/project |
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already declare readOnlyHint=true and destructiveHint=false, so the safety profile is clear. The description adds valuable behavioral context: it runs semgrep and gitleaks in parallel, returns a merged JSON report, and handles missing tools gracefully by including installation instructions. This goes beyond the annotations without contradicting them.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is three sentences long and directly provides the essential information: purpose, internal execution, output, and error handling. It is front-loaded and contains no unnecessary words or repetition.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the single parameter and no output schema, the description adequately explains the tool's function, internal operations, and behavior when dependencies are missing. It describes the output as a merged structured JSON audit report, which is sufficient for understanding return values. A minor gap is the lack of detail about error cases beyond missing tools.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% and the parameter 'target_path' is already described in the schema. The description only reiterates that it is the target directory, adding no new semantic information beyond what the schema provides.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states it performs a security scan on a target directory, names the specific tools (semgrep and gitleaks), and specifies the output format (merged structured JSON audit report). The verb 'scan' and resource 'directory' are explicit, and since there are no sibling tools, differentiation is not needed.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description does not explicitly state when to use this tool versus alternatives, but there are no sibling tools, so that is less critical. It implies usage for security scanning of code directories but lacks explicit prerequisites or scenarios where it should be avoided.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/js2005happy/luvv-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server