codecks-mcp

Get Card

get_card

Retrieve comprehensive card details including content, checklists, sub-cards, conversations, and hand status from Codecks project management.

Instructions

Get full card details (content, checklist, sub-cards, conversations, hand status).

Input Schema

TableJSON Schema

Name	Required	Description
`card_id`	Yes	Full 36-char UUID
`include_content`	No	False to strip body for metadata-only checks
`include_conversations`	No	False to skip comment threads
`archived`	No

Implementation Reference

src/tools/read.ts:148-191 (handler)

MCP tool registration and handler for 'get_card'. Registers the tool with its schema (card_id, include_content, include_conversations, archived) and implements the async handler that validates the UUID, calls client.getCard(), and returns sanitized results.

server.registerTool(
  "get_card",
  {
    title: "Get Card",
    description:
      "Get full card details (content, checklist, sub-cards, conversations, hand status).",
    inputSchema: z.object({
      card_id: z.string().describe("Full 36-char UUID"),
      include_content: z
        .boolean()
        .default(true)
        .describe("False to strip body for metadata-only checks"),
      include_conversations: z.boolean().default(true).describe("False to skip comment threads"),
      archived: z.boolean().default(false),
    }),
  },
  async (args) => {
    try {
      validateUuid(args.card_id);
      const result = await client.getCard(args.card_id, {
        includeContent: args.include_content,
        includeConversations: args.include_conversations,
        archived: args.archived,
      });
      return {
        content: [
          {
            type: "text",
            text: JSON.stringify(finalizeToolResult(sanitizeCard(result))),
          },
        ],
      };
    } catch (err) {
      return {
        content: [
          {
            type: "text",
            text: JSON.stringify(finalizeToolResult(handleError(err))),
          },
        ],
      };
    }
  },
);

src/client.ts:160-194 (handler)

Client implementation of getCard method. Constructs GraphQL query fields based on options, executes the query, validates the card exists, and enriches the card with additional fields before returning.

async getCard(
  cardId: string,
  options: {
    includeContent?: boolean;
    includeConversations?: boolean;
    archived?: boolean;
  } = {},
): Promise<Record<string, unknown>> {
  const { includeContent = true, includeConversations = true } = options;

  const fields: unknown[] = [
    "id",
    "title",
    "status",
    "priority",
    "effort",
    "createdAt",
    "lastUpdatedAt",
    { assignee: ["name"] },
    { deck: ["title"] },
    { milestone: ["title"] },
    { masterTags: ["name"] },
    { childCards: ["id", "title", "status"] },
  ];
  if (includeContent) fields.push("content");

  const result = await query({
    card: { _args: { id: cardId }, _fields: fields },
  });

  const card = (result.card ?? result[cardId]) as Record<string, unknown>;
  if (!card) throw new CliError(`[ERROR] Card not found: ${cardId}`);

  return this.enrichCard(card, { includeContent, includeConversations });
}

src/client.ts:687-711 (helper)

enrichCard helper method that flattens nested relation objects (assignee→owner_name, deck→deck_name, milestone→milestone_name, masterTags→tags, childCards→sub_cards) for easier client consumption.

private enrichCard(
  card: Record<string, unknown>,
  _options: {
    includeContent?: boolean;
    includeConversations?: boolean;
  },
): Record<string, unknown> {
  // Flatten nested relations
  if (card.assignee && typeof card.assignee === "object") {
    card.owner_name = (card.assignee as Record<string, unknown>).name;
  }
  if (card.deck && typeof card.deck === "object") {
    card.deck_name = (card.deck as Record<string, unknown>).title;
  }
  if (card.milestone && typeof card.milestone === "object") {
    card.milestone_name = (card.milestone as Record<string, unknown>).title;
  }
  if (Array.isArray(card.masterTags)) {
    card.tags = (card.masterTags as Record<string, unknown>[]).map((t) => t.name);
  }
  if (Array.isArray(card.childCards)) {
    card.sub_cards = card.childCards;
  }
  return card;
}

src/security.ts:173-180 (helper)

validateUuid helper that validates a UUID string must be 36 characters with 4 hyphens, throwing CliError if invalid. Called by get_card handler to validate the card_id input.

export function validateUuid(value: string, field = "card_id"): string {
  if (typeof value !== "string" || value.length !== 36 || (value.match(/-/g) ?? []).length !== 4) {
    throw new CliError(
      `[ERROR] ${field} must be a full 36-char UUID, got: ${JSON.stringify(value)}`,
    );
  }
  return value;
}

src/security.ts:46-96 (helper)

sanitizeCard helper that performs security sanitization on card objects. Tags user text fields (title, content, etc.) with [USER_DATA] markers, checks for injection patterns, and recursively sanitizes sub_cards and conversations.

export function sanitizeCard(card: Record<string, unknown>): Record<string, unknown> {
  const out = { ...card };
  const warnings: string[] = [];

  for (const field of USER_TEXT_FIELDS) {
    if (field in out && typeof out[field] === "string") {
      for (const desc of checkInjection(out[field] as string)) {
        warnings.push(`${field}: ${desc}`);
      }
      out[field] = tagUserText(out[field] as string);
    }
  }

  if (Array.isArray(out.sub_cards)) {
    out.sub_cards = (out.sub_cards as Record<string, unknown>[]).map((sc) => {
      const tagged = { ...sc };
      if (typeof tagged.title === "string") {
        for (const desc of checkInjection(tagged.title as string)) {
          warnings.push(`sub_card.title: ${desc}`);
        }
        tagged.title = tagUserText(tagged.title as string);
      }
      return tagged;
    });
  }

  if (Array.isArray(out.conversations)) {
    out.conversations = (out.conversations as Record<string, unknown>[]).map((conv) => {
      const tagged = { ...conv };
      if (Array.isArray(tagged.messages)) {
        tagged.messages = (tagged.messages as Record<string, unknown>[]).map((msg) => {
          const m = { ...msg };
          if (typeof m.content === "string") {
            for (const desc of checkInjection(m.content as string)) {
              warnings.push(`conversation.message: ${desc}`);
            }
            m.content = tagUserText(m.content as string);
          }
          return m;
        });
      }
      return tagged;
    });
  }

  if (warnings.length > 0) {
    out._safety_warnings = warnings;
  }

  return out;
}

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It mentions what data is retrieved but doesn't cover critical aspects like whether this is a read-only operation (implied by 'Get' but not explicit), authentication requirements, rate limits, error conditions, or response format. For a tool with 4 parameters and no annotation coverage, this leaves significant behavioral gaps.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that front-loads the core purpose. Every element earns its place by specifying what details are retrieved. There's no redundancy or unnecessary elaboration, making it optimally concise for a retrieval operation.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a tool with 4 parameters, no annotations, and no output schema, the description is insufficiently complete. It doesn't explain the return format, error handling, authentication needs, or how the boolean parameters interact. While concise, it leaves too many contextual gaps for proper agent understanding of this data retrieval operation.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 75% (3 of 4 parameters have descriptions), so the schema does substantial work. The description adds minimal value beyond the schema - it mentions 'content, checklist, sub-cards, conversations, hand status' which loosely maps to the boolean parameters but doesn't provide additional context about parameter interactions or usage scenarios. This meets the baseline for good schema coverage.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the verb 'Get' and resource 'full card details', specifying what information is retrieved (content, checklist, sub-cards, conversations, hand status). It distinguishes this from sibling tools like 'list_cards' which likely returns summaries rather than full details. However, it doesn't explicitly differentiate from other detail-retrieval tools if they exist, keeping it at 4 rather than 5.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. It doesn't mention when to use 'get_card' versus 'list_cards' for overviews, or when to use it versus other detail-oriented tools. There's no context about prerequisites, timing, or exclusions, leaving the agent with minimal usage direction.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/rangogamedev/codecks-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server