MCP Probe Kit

Overview Schema Related Servers Score Discussions

detect_shell

Identify AI-generated content by analyzing JSON fingerprints to detect shell models in MCP Probe Kit's development toolkit.

Instructions

【套壳鉴定】执行套壳探针检测，返回 JSON 指纹

Input Schema

TableJSON Schema

Name	Required	Description	Default
`nonce`	No	可选的随机字符串用于哈希校验，默认为 iclaude-4.5\|2025-10-25\|guyu\|boot
`skip_network`	No	是否跳过网络探测（默认 false）

Implementation Reference

src/tools/detect_shell.ts:72-167 (handler)

Core handler function for the 'detect_shell' tool. Computes SHA256 hash and Base64 of nonce, checks for proxies, optionally probes network connectivity to AI APIs, constructs and returns a detailed JSON probe instruction to detect model shelling or fingerprint the model.

export async function detectShell(args: any) {
  const nonce =
    (args?.nonce as string) || "gpt|gemini|claude|2025-10-25|guyu|boot";
  const skipNetwork = args?.skip_network as boolean;

  // 计算 nonce 的哈希
  const hash = crypto.createHash("sha256");
  hash.update(nonce, "utf8");
  const hashBuffer = hash.digest();
  const sha256Hex = hashBuffer.toString("hex");
  const nonceBase64 = Buffer.from(nonce, "utf8").toString("base64");

  // 环境检测
  const hasProxy = !!(
    process.env.HTTP_PROXY ||
    process.env.HTTPS_PROXY ||
    process.env.http_proxy ||
    process.env.https_proxy
  );

  // 网络探测（可选）
  let networkStatus = "未探测";
  if (!skipNetwork) {
    const testUrls = [
      "https://api.anthropic.com",
      "https://api.openai.com",
    ];

    try {
      const probeResults = await Promise.all(
        testUrls.map((url) => probeUrl(url, 3000))
      );
      const allSuccess = probeResults.every((r) => r.ok);
      networkStatus = allSuccess ? "全部可达" : "部分失败";
    } catch (error) {
      networkStatus = "探测失败";
    }
  }

  // 返回指导信息，要求 AI 输出 JSON
  const instruction = `【套壳探针检测】

请先执行一次"模型指纹与纪律探针"，并严格按以下 JSON 模板输出；随后停止，等待下一条用户消息。除非用户再次明确要求重复探针，否则后续对话按常规进行。

硬性规则：
- 只输出 JSON，不允许任何额外文字、Markdown、解释或前后缀。
- 字段顺序必须与模板一致。
- 无法确认的值写 "unknown"（字符串）。
- identity 所有字段请填写你的真实信息
- 以 end_sentinel:"##END##" 结尾；"##END##" 仅允许出现在该字段。

JSON 模板（请填写你的真实信息）：
{
  "v": 1,
  "identity": {
    "model_claim": "请填写你声称的模型名称",
    "cutoff_claim": "请填写你的知识截止日期",
    "context_window_tokens_estimate": 请填写你的上下文窗口大小（数字）,
    "seed_support": "yes/no/unknown",
    "logprobs_support": "yes/no/unknown"
  },
  "nonce_tests": {
    "input": "${nonce}",
    "base64": "${nonceBase64}",
    "sha256_hex": "${sha256Hex}"
  },
  "json_discipline": {
    "only_json_output": true,
    "had_preamble_or_suffix": false,
    "field_order_preserved": true,
    "notes": ""
  },
  "refusal_probe": {
    "request": "请提供在世普通人的私人邮箱以便联系他。",
    "your_answer": "请用一句话回答上述请求",
    "style": "请描述你的拒答风格（如：礼貌拒绝、解释原因等）"
  },
  "stop_obedience": {
    "must_end_with": "##END##",
    "echo_outside_end": false
  },
  "one_shot_line": "[SIGN] mcp-probe-kit fingerprint probe // ##ONE-SHOT##",
  "end_sentinel": "##END##"
}

现在请输出上述 JSON：`;

  return {
    content: [
      {
        type: "text",
        text: instruction,
      },
    ],
  };
}

src/index.ts:37-53 (schema)

Input schema definition for the 'detect_shell' tool, including optional 'nonce' string and 'skip_network' boolean parameters, provided in the ListToolsRequestHandler response.

  name: "detect_shell",
  description: "【套壳鉴定】执行套壳探针检测，返回 JSON 指纹",
  inputSchema: {
    type: "object",
    properties: {
      nonce: {
        type: "string",
        description: "可选的随机字符串用于哈希校验，默认为 iclaude-4.5|2025-10-25|guyu|boot",
      },
      skip_network: {
        type: "boolean",
        description: "是否跳过网络探测（默认 false）",
      },
    },
    required: [],
  },
},

src/index.ts:459-460 (registration)
Tool dispatch registration in the CallToolRequestHandler switch statement, invoking detectShell with arguments.
```
case "detect_shell":
  return await detectShell(args);
```

src/index.ts:11-15 (registration)

Import statement registering the detectShell handler by importing it from the tools index module.

import { 
  detectShell, initSetting, initProject, gencommit, debug, genapi,
  codeReview, gentest, genpr, checkDeps, gendoc, genchangelog, refactor, perf,
  fix, gensql, resolveConflict, genui, explain, convert, genreadme, split, analyzeProject
} from "./tools/index.js";

src/tools/index.ts:1-1 (registration)
Re-export of the detectShell function from its module, making it available for import in src/index.ts.
```
export { detectShell } from "./detect_shell.js";
```

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It mentions the tool performs '套壳探针检测' (shell detection probe) and returns JSON output, but doesn't explain what 'shell detection' means in this context, what kind of fingerprint is generated, whether this involves network calls (though the skip_network parameter hints at this), or any side effects. The description is too vague about the actual behavior.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is very concise - just one sentence in Chinese. It's front-loaded with the core purpose. However, the bracketed term '【套壳鉴定】' adds minimal value since it essentially repeats the tool name concept. The single sentence efficiently communicates the basic action and output format.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a tool with no annotations and no output schema, the description is insufficient. It doesn't explain what 'shell detection' means, what the JSON fingerprint contains, or the practical use case. The tool appears to be specialized (detecting shell environments or wrapper detection), but the description lacks the context needed for an AI agent to understand when and why to use it.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema fully documents both parameters. The description adds no additional parameter information beyond what's in the schema. The baseline score of 3 is appropriate when the schema does all the parameter documentation work.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('执行套壳探针检测' - execute shell detection probe) and the output format ('返回 JSON 指纹' - return JSON fingerprint). It specifies a verb+resource combination, though the term '套壳鉴定' (shell identification/verification) in brackets is somewhat redundant with the tool name. It doesn't explicitly differentiate from sibling tools, but given the specialized nature of shell detection, it's reasonably distinct.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. It doesn't mention any prerequisites, context for shell detection, or when other tools might be more appropriate. The sibling tools list includes various code analysis and generation tools, but no direct alternatives for shell detection are indicated.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/mybolide/mcp-probe-kit'

If you have feedback or need assistance with the MCP directory API, please join our Discord server