RAD Security

Official

Overview Schema Related Servers Score Discussions

list_images

Retrieve container images from RAD Security with pagination, sorting, and filtering options to manage security insights in Kubernetes environments.

Instructions

List container images with optional filtering by page, page size, sort, and search query

Input Schema

TableJSON Schema

Name	Required	Description	Default
`limit`	No	Number of items per page
`offset`	No	Offset to start the list from
`sort`	No	Sort order	name:asc
`filters`	No	Filter string (e.g., 'eol:ok', 'eol:reached', 'name:nginx', 'tag:1.26.0'), where eol is end of life status of the base image
`q`	No	Free text search query

Implementation Reference

src/operations/images.ts:23-51 (handler)

The main handler function that fetches the list of images from the RAD Security API, applies processing to upgrade_opportunities, and returns the result.

export async function listImages(
  client: RadSecurityClient,
  limit: number = 20,
  offset: number = 0,
  sort: string = "name:asc",
  filters?: string,
  q?: string
): Promise<any> {
  const params: Record<string, any> = { limit, offset, sort };
  if (q) {
    params.q = q;
  }
  if (filters) {
    params.filters = filters;
  }

  let images = await client.makeRequest(`/accounts/${client.getAccountId()}/inventory_images`, params);
  let toReturn = [];
  for (let image of images.entries) {
    // leave only first element in the array: upgrade_opportunities
    if (image.upgrade_opportunities && image.upgrade_opportunities.length > 0) {
      image.upgrade_opportunities = [image.upgrade_opportunities[0]];
    }

    toReturn.push(image);
  }
  images.entries = toReturn;
  return images;
}

src/operations/images.ts:4-10 (schema)

Zod schema defining the input parameters for the list_images tool, used for validation.

export const ListImagesSchema = z.object({
  limit: z.number().optional().default(20).describe("Number of items per page"),
  offset: z.number().optional().default(0).describe("Offset to start the list from"),
  sort: z.string().optional().default("name:asc").describe("Sort order"),
  filters: z.string().optional().describe("Filter string (e.g., 'eol:ok', 'eol:reached', 'name:nginx', 'tag:1.26.0'), where eol is end of life status of the base image"),
  q: z.string().optional().describe("Free text search query"),
});

src/index.ts:284-288 (registration)

Registration of the list_images tool in the ListTools response, including name, description, and input schema.

  name: "list_images",
  description:
    "List container images with optional filtering by page, page size, sort, and search query",
  inputSchema: zodToJsonSchema(images.ListImagesSchema),
},

src/index.ts:1003-1019 (registration)

Dispatch handler in the CallToolRequest that parses arguments, calls the listImages function, and formats the response.

case "list_images": {
  const args = images.ListImagesSchema.parse(
    request.params.arguments
  );
  const response = await images.listImages(
    client,
    args.limit,
    args.offset,
    args.sort,
    args.filters,
    args.q
  );
  return {
    content: [
      { type: "text", text: JSON.stringify(response, null, 2) },
    ],
  };

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden for behavioral disclosure. It mentions filtering capabilities but doesn't describe pagination behavior (beyond parameter names), rate limits, authentication requirements, error conditions, or what the output looks like. This leaves significant gaps for a tool with 5 parameters.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that front-loads the core purpose. However, it could be slightly more structured by separating the core action from the filtering options for better readability.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a tool with 5 parameters, no annotations, and no output schema, the description is inadequate. It doesn't explain what 'container images' means in this context, what the output format is, or provide any behavioral context beyond basic parameter mentions.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already documents all parameters thoroughly. The description adds minimal value by mentioning 'optional filtering by page, page size, sort, and search query' but doesn't provide additional context beyond what's in the parameter descriptions.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the verb ('List') and resource ('container images'), making the purpose unambiguous. However, it doesn't differentiate this tool from sibling tools like 'list_containers' or 'list_image_vulnerabilities', which would require explicit comparison to achieve a score of 5.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description mentions optional filtering parameters but provides no guidance on when to use this tool versus alternatives like 'list_containers' or 'list_image_vulnerabilities'. There's no mention of prerequisites, typical use cases, or exclusions.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/rad-security/mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server