BloodHound MCP Server

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden of behavioral disclosure. It states the tool 'retrieves' data, implying a read-only operation, and mentions potential abuse contexts, but doesn't cover critical aspects like authentication requirements, rate limits, error handling, or response format. For a tool with no annotation coverage, this is a significant gap in transparency about how the tool behaves in practice.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded, with the core purpose stated first, followed by explanatory context and parameter details. Each sentence adds value: the first defines the tool, the second explains RDP rights, the third provides security context, and the Args section clarifies parameters. There's no redundant or wasted text, though the security note could be more integrated.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's moderate complexity (3 parameters, no output schema, no annotations), the description is partially complete. It covers the purpose and parameters well, but lacks details on behavioral traits (e.g., permissions, errors) and output format. Without annotations or an output schema, the agent is left guessing about the return structure and operational constraints, making this adequate but with clear gaps.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The description adds substantial meaning beyond the input schema, which has 0% description coverage. It explains that 'user_id' is 'The ID of the user to query,' and provides default values and purposes for 'limit' and 'skip' (e.g., 'Maximum number of RDP rights to return' and 'for pagination'). This compensates well for the schema's lack of descriptions, though it doesn't detail data types or constraints like valid ranges.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Retrieves the RDP rights of a specific user within the domain.' It specifies the verb ('retrieves'), resource ('RDP rights'), and scope ('specific user within the domain'), making the intent unambiguous. However, it doesn't explicitly differentiate from sibling tools like 'get_computer_rdp_rights' or 'get_group_rdp_rights', which target different entities, so it falls short of a perfect score.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. It mentions that 'RDP rights can be abused for lateral movement and privilege escalation,' which hints at a security or penetration testing context, but doesn't specify prerequisites, exclusions, or direct comparisons to sibling tools like 'get_user_ps_remote_rights' or 'get_user_dcom_rights' for similar access rights. This leaves the agent without clear usage instructions.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.