Skip to main content
Glama
mastyf-ai

mastyf-ai

Official

verify_supply_chain

Verify the supply chain integrity of an MCP server package version using signed attestation.

Instructions

Full supply chain integrity verification with signed attestation for MCP server packages

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
versionNoPackage version (optional)
packageNameYesMCP server package name to verify
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations exist, so the description carries full burden. It mentions 'signed attestation' implying a cryptographic output, but does not disclose side effects (e.g., writing records), permissions, rate limits, or what verification entails. The description lacks essential behavioral context.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single 14-word sentence that is front-loaded with purpose. Every word earns its place; there is no waste.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

With no annotations or output schema, the description is insufficient for an agent to understand the full tool behavior. It does not explain the return format, what 'verification' means, or the nature of the signed attestation. The tool appears complex but the description is too vague.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% (both parameters have descriptions). The description adds no additional meaning or constraints beyond the schema. Baseline 3 is appropriate as the schema already documents parameters adequately.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Full supply chain integrity verification with signed attestation for MCP server packages'. It uses a specific verb (verify), resource (supply chain), and differentiates from sibling tools like 'supply_chain_status' or 'verify_certification'.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No usage guidelines are provided. The description does not indicate when to use this tool versus alternatives (e.g., supply_chain_status, verify_certification), nor does it mention prerequisites or scenarios to avoid.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/mastyf-ai/mastyf.ai'

If you have feedback or need assistance with the MCP directory API, please join our Discord server