qURL

Overview Schema Related Servers Score Discussions

create_qurl

Generate a secure, policy-bound link to a protected resource with custom expiration, access controls, and one-time use. Share the ephemeral link immediately after creation.

Instructions

Create a qURL - a secure, policy-bound link to a protected resource. The returned qurl_link is ephemeral (shown once) and should be shared immediately.

Input Schema

TableJSON Schema

Name	Required	Description
`target_url`	Yes	The URL to protect with qURL
`label`	No	Human-readable label identifying who this qURL is for (max 500 chars)
`expires_in`	No	Duration string (e.g., "1h", "24h", "7d")
`one_time_use`	No	Whether the link can only be used once
`max_sessions`	No	Maximum concurrent sessions (0 = unlimited, max 1000)
`session_duration`	No	How long access lasts after clicking (e.g., "1h")
`custom_domain`	No	Custom domain to assign to the auto-created resource
`access_policy`	No	Access control policy for the qURL

Implementation Reference

src/tools/create-qurl.ts:73-92 (handler)

The createQurlTool factory function that returns the 'create_qurl' MCP tool with its handler. The handler receives validated input, calls client.createQURL(), and returns the result (including the ephemeral qurl_link).

export function createQurlTool(client: IQURLClient) {
  return {
    name: "create_qurl",
    description:
      "Create a qURL - a secure, policy-bound link to a protected resource. " +
      "The returned qurl_link is ephemeral (shown once) and should be shared immediately.",
    inputSchema: createQurlSchema,
    handler: async (input: z.infer<typeof createQurlSchema>) => {
      const result = await client.createQURL(input);
      return {
        content: [
          {
            type: "text" as const,
            text: JSON.stringify(result.data),
          },
        ],
      };
    },
  };
}

src/tools/create-qurl.ts:44-71 (schema)

Zod schema for create_qurl input validation. Defines the shape of parameters: target_url (required URL), label, expires_in, one_time_use, max_sessions, session_duration, custom_domain, and access_policy (nested).

export const createQurlSchema = z.object({
  target_url: z.string().url().describe("The URL to protect with qURL"),
  label: z
    .string()
    .max(500)
    .optional()
    .describe("Human-readable label identifying who this qURL is for (max 500 chars)"),
  expires_in: z
    .string()
    .min(1)
    .optional()
    .describe('Duration string (e.g., "1h", "24h", "7d")'),
  one_time_use: z.boolean().optional().describe("Whether the link can only be used once"),
  max_sessions: z
    .number()
    .int()
    .min(0)
    .max(1000)
    .optional()
    .describe("Maximum concurrent sessions (0 = unlimited, max 1000)"),
  session_duration: z
    .string()
    .min(1)
    .optional()
    .describe('How long access lasts after clicking (e.g., "1h")'),
  custom_domain: z.string().optional().describe("Custom domain to assign to the auto-created resource"),
  access_policy: accessPolicySchema.optional().describe("Access control policy for the qURL"),
});

src/server.ts:39-54 (registration)

The 'create_qurl' tool is registered in the MCP server via the createQurlTool factory. It's listed in toolFactories array (line 40) and registered with server.tool() in the loop at line 53.

const toolFactories = [
  createQurlTool,
  resolveQurlTool,
  listQurlsTool,
  getQurlTool,
  deleteQurlTool,
  extendQurlTool,
  updateQurlTool,
  mintLinkTool,
  batchCreateTool,
] satisfies ToolFactory[];

for (const factory of toolFactories) {
  const tool = factory(client);
  server.tool(tool.name, tool.description, tool.inputSchema.shape, tool.handler);
}

src/client.ts:43-50 (schema)
CreateQURLData interface defining the shape of the create_qurl response data (qurl_id, resource_id, qurl_link, qurl_site, expires_at, label).
```
export interface CreateQURLData {
  qurl_id: string;
  resource_id: string;
  qurl_link: string;
  qurl_site: string;
  expires_at: string;
  label?: string;
}
```

src/client.ts:328-330 (helper)

The createQURL method on the QURLClient class that makes the actual HTTP POST request to /v1/qurls.

async createQURL(input: CreateQURLInput): Promise<{ data: CreateQURLData }> {
  return this.request("POST", "/v1/qurls", input);
}

Tool Definition Quality

B3.3/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description only notes ephemeral one-time display; it omits behavioral details like permissions, side effects, or what happens if link is not shared.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two concise sentences that are front-loaded and relevant, but could include more guidelines without becoming verbose.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Complex tool with 8 params and nested objects, but no output schema or behavioral details; description is minimal and leaves significant gaps for an agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100%, so baseline is 3; description adds little beyond schema, only reinforcing ephemeral behavior.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Clearly states 'Create a qURL' and describes it as a secure, policy-bound link, effectively distinguishing it from siblings like batch_create_qurls.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Mentions ephemeral nature and immediate sharing, but does not explicitly differentiate usage contexts from siblings like batch_create_qurls or mint_link.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/layervai/qurl-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server