relayshield-mcp

Official

Overview Schema Related Servers Score Discussions

check_breach

Check an email address against over 13 billion compromised accounts to detect data breaches. Returns breach count, name, date, and exposed data classes to verify credential integrity before high-risk actions.

Instructions

Check whether an email address appears in known data breaches. Uses Have I Been Pwned (HIBP) — 13 billion+ compromised accounts. Returns breach count and details (breach name, date, exposed data classes). Use before allowing high-risk actions that depend on credential integrity. Pay-as-you-go: $0.10 USDC per check (x402 on Base). Subscription: rapidapi.com/relayshield

Input Schema

TableJSON Schema

Name	Required	Description	Default
`email`	Yes	Email address to check

Implementation Reference

src/relayshield_mcp/server.py:296-301 (handler)
The handler/dispatch function that executes the check_breach tool logic. It sends a POST request to the /v1/breach (or /v1/payg/breach) endpoint with the email argument.
```
if name == "check_breach":
    return await client.post(
        f"{base}/breach",
        headers=headers,
        json={"email": arguments["email"]},
    )
```

src/relayshield_mcp/server.py:67-88 (schema)

The tool schema registration including name, description, and inputSchema defining the required 'email' parameter (string, email format).

types.Tool(
    name="check_breach",
    description=(
        "Check whether an email address appears in known data breaches. "
        "Uses Have I Been Pwned (HIBP) — 13 billion+ compromised accounts. "
        "Returns breach count and details (breach name, date, exposed data classes). "
        "Use before allowing high-risk actions that depend on credential integrity. "
        "Pay-as-you-go: $0.10 USDC per check (x402 on Base). "
        "Subscription: rapidapi.com/relayshield"
    ),
    inputSchema={
        "type": "object",
        "required": ["email"],
        "properties": {
            "email": {
                "type": "string",
                "format": "email",
                "description": "Email address to check",
            }
        },
    },
),

src/relayshield_mcp/server.py:64-70 (registration)

The tool is registered via the @app.list_tools() decorator which returns the check_breach Tool definition as part of the list of available tools.

@app.list_tools()
async def list_tools() -> list[types.Tool]:
    return [
        types.Tool(
            name="check_breach",
            description=(
                "Check whether an email address appears in known data breaches. "

src/relayshield_mcp/server.py:64-69 (registration)

The tool name 'check_breach' is listed in PAYG_PRICING dict as costing $0.10 USDC.

@app.list_tools()
async def list_tools() -> list[types.Tool]:
    return [
        types.Tool(
            name="check_breach",
            description=(

src/relayshield_mcp/server.py:234-248 (registration)

The call_tool function dispatches to _dispatch which routes name 'check_breach' to the handler.

@app.call_tool()
async def call_tool(name: str, arguments: dict) -> list[types.TextContent]:
    if not API_BASE:
        return _error(
            "RELAYSHIELD_API_URL environment variable must be set. "
            "See README for configuration instructions."
        )

    # VT-licensed tools require a subscription key — return coming soon for PAYG callers
    if not API_KEY and name in VT_COMING_SOON:
        return [types.TextContent(type="text", text=json.dumps({
            "ok": False,
            "tool": name,
            "status": "coming_soon",
            "message": (

Tool Definition Quality

A4.1/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Discloses underlying data source (HIBP), scale (13B+ accounts), and pricing model (pay-as-you-go $0.10 USDC, subscription option). No annotations exist, so description compensates well, though rate limits or error handling are omitted.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences plus pricing note—no fluff. Could merge some details, but overall efficient. Front-loaded with core purpose and key contextual info.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no output schema, description explains return value (breach count and details including name, date, data classes). Also covers use case, source, and cost. Lacks info on invalid email handling, but still robust for a simple tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema covers the single 'email' parameter with format and description (100% coverage). Description adds no additional parameter-level semantics beyond context about the service; baseline of 3 appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Check whether an email address appears in known data breaches'), the resource (email address against HIBP database), and differentiates from sibling tools like 'check_domain_lookalikes' which target different entities.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly recommends use 'before allowing high-risk actions that depend on credential integrity', providing clear context. No explicit exclusion criteria or alternatives, but the sibling list implicitly defines other check contexts.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/relayshield/relayshield-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server