Skip to main content
Glama
oathe-ai

oathe-mcp

Official
by oathe-ai
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Remote

search_audits

Search completed behavioral security audits to check if a skill has been audited. Filter by verdict or minimum trust score to find audits before submitting a new one.

Instructions

Search all completed Oathe behavioral security audits. Find which skills have been audited, filter by verdict or minimum trust score. Returns up to 100 completed audits. Use this to check if a skill has already been audited before submitting a new audit.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
verdictNoFilter by audit verdict
min_scoreNoMinimum trust score (0-100)
sortNoSort field (default: created_at)
orderNoSort order (default: DESC)

Implementation Reference

  • src/tools/search-audits.ts:37-63 (handler)
    The core handler function for search_audits. It builds query params from optional inputs (verdict, min_score, sort, order), calls GET /api/audits/search, and returns the JSON result or an error message.
      async ({ verdict, min_score, sort, order }) => {
    const params = new URLSearchParams();
    if (verdict) params.set('verdict', verdict);
    if (min_score !== undefined) params.set('min_score', String(min_score));
    if (sort) params.set('sort', sort);
    if (order) params.set('order', order);

    const query = params.toString();
    const path = query ? `/api/audits/search?${query}` : '/api/audits/search';

    try {
      const res = await apiFetch(path);
      const data = (await res.json()) as SearchResponse;
      return {
        content: [{ type: 'text' as const, text: JSON.stringify(data, null, 2) }],
      };
    } catch (err) {
      if (err instanceof ApiError) {
        return {
          content: [{ type: 'text' as const, text: err.message }],
          isError: true,
        };
      }
      throw err;
    }
  },
);
  • src/tools/search-audits.ts:15-35 (schema)
    Zod input schema for search_audits. Defines optional filters: verdict (enum), min_score (0-100 int), sort (field enum), and order (ASC/DESC).
    inputSchema: {
  verdict: z
    .enum(['SAFE', 'CAUTION', 'DANGEROUS', 'MALICIOUS'])
    .optional()
    .describe('Filter by audit verdict'),
  min_score: z
    .number()
    .int()
    .min(0)
    .max(100)
    .optional()
    .describe('Minimum trust score (0-100)'),
  sort: z
    .enum(['created_at', 'trust_score', 'skill_slug'])
    .optional()
    .describe('Sort field (default: created_at)'),
  order: z
    .enum(['ASC', 'DESC'])
    .optional()
    .describe('Sort order (default: DESC)'),
},
  • src/index.ts:23-23 (registration)
    Registration call in the main entry point that wires search_audits into the MCP server.
    registerSearchAudits(server);
  • src/tools/search-audits.ts:6-64 (registration)
    The registerSearchAudits function that registers the tool on the MCP server with name 'search_audits'.
    export function registerSearchAudits(server: McpServer): void {
  server.registerTool(
    'search_audits',
    {
      description:
        'Search all completed Oathe behavioral security audits. ' +
        'Find which skills have been audited, filter by verdict or minimum trust score. ' +
        'Returns up to 100 completed audits. ' +
        'Use this to check if a skill has already been audited before submitting a new audit.',
      inputSchema: {
        verdict: z
          .enum(['SAFE', 'CAUTION', 'DANGEROUS', 'MALICIOUS'])
          .optional()
          .describe('Filter by audit verdict'),
        min_score: z
          .number()
          .int()
          .min(0)
          .max(100)
          .optional()
          .describe('Minimum trust score (0-100)'),
        sort: z
          .enum(['created_at', 'trust_score', 'skill_slug'])
          .optional()
          .describe('Sort field (default: created_at)'),
        order: z
          .enum(['ASC', 'DESC'])
          .optional()
          .describe('Sort order (default: DESC)'),
      },
    },
    async ({ verdict, min_score, sort, order }) => {
      const params = new URLSearchParams();
      if (verdict) params.set('verdict', verdict);
      if (min_score !== undefined) params.set('min_score', String(min_score));
      if (sort) params.set('sort', sort);
      if (order) params.set('order', order);

      const query = params.toString();
      const path = query ? `/api/audits/search?${query}` : '/api/audits/search';

      try {
        const res = await apiFetch(path);
        const data = (await res.json()) as SearchResponse;
        return {
          content: [{ type: 'text' as const, text: JSON.stringify(data, null, 2) }],
        };
      } catch (err) {
        if (err instanceof ApiError) {
          return {
            content: [{ type: 'text' as const, text: err.message }],
            isError: true,
          };
        }
        throw err;
      }
    },
  );
}
  • src/lib/types.ts:80-80 (helper)
    Type alias defining SearchResponse as an array of SearchResult objects, used as the response type for the search endpoint.
    export type SearchResponse = SearchResult[];

Tool Definition Quality

A4.1/5.0
Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations provided, so description carries full burden. It discloses that only completed audits are returned and caps at 100 results. However, it lacks details on pagination for larger result sets, authentication requirements, or other side effects. While adequate, key behavioral specifics are missing.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Four concise sentences with no redundancy. The first sentence states purpose, second details filtering, third specifies result limit, fourth gives usage tip. Well-structured and front-loaded.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no output schema, the description covers what is returned (up to 100 completed audits, skill information), but does not specify exact fields or structure of results. It adequately supports the search use case but leaves some gaps for a fully self-contained description.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so baseline is 3. The description adds context like 'filter by verdict or minimum trust score' and ties usage to checking prior audits, but does not elaborate beyond schema definitions for sort and order. Overall, it adds moderate contextual meaning.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool searches completed audits, with filtering by verdict and min_score, and returns up to 100 results. It effectively differentiates from sibling tools (check_audit_status, get_audit_report, etc.) by focusing on listing/filtering.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines5/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly states: 'Use this to check if a skill has already been audited before submitting a new audit.' This provides clear when-to-use guidance and implicitly advises against using it for other purposes like submitting or viewing individual reports.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/oathe-ai/oathe-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server