BloodHound MCP Server

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden for behavioral disclosure. It describes what the tool does (retrieves active sessions) and mentions potential security implications, but lacks critical behavioral details: whether this is a read-only operation, what permissions are required, how sessions are defined/identified, rate limits, error conditions, or what the output format looks like. The security context hints at sensitive data but doesn't explicitly state access requirements.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is reasonably structured with a purpose statement followed by parameter documentation. However, the middle sentences about 'potential targets for lateral movement' and 'attack paths' are somewhat redundant with the core purpose and could be condensed. The information is front-loaded appropriately, but there's some verbosity in the security context that doesn't directly aid tool selection.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a tool with 3 parameters, no annotations, and no output schema, the description is incomplete. While it covers parameters well, it lacks critical information about behavioral characteristics (permissions, safety, rate limits), output format, error handling, and differentiation from sibling tools. The security context adds some value but doesn't compensate for these fundamental gaps in a domain where such tools likely have significant access implications.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The description includes an 'Args' section that documents all three parameters with clear explanations beyond what the schema provides (schema description coverage is 0%). It explains that user_id identifies 'the user to query,' limit controls 'maximum number of sessions to return' with a default, and skip enables 'pagination.' This adds meaningful context that the bare schema lacks, though it doesn't specify format constraints or validation rules.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Retrieves the active sessions of a specific user within the domain.' It specifies the verb (retrieves) and resource (active sessions) with a clear scope (specific user within domain). However, it doesn't explicitly differentiate from sibling tools like 'get_computer_sessions' or 'get_group_sessions,' which reduces it from a perfect score.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. While it mentions potential use cases (identifying targets for lateral movement, planning attack paths), these are application contexts rather than tool selection guidelines. There's no mention of prerequisites, when not to use it, or how it differs from similar sibling tools in the list.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.