Technitium MCP Secure

Overview Schema Related Servers Score Discussions

dns_list_allowed

List allowed DNS zones that bypass block lists. Start with top-level zones, then drill into subdomains by passing a parent domain.

Instructions

List allowed DNS zones (domains that bypass block lists). Returns a hierarchical tree — call with no domain to see top-level zones, then pass a domain (e.g. 'com') to drill into subdomains.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`domain`	No	Optional parent domain to list children of (e.g. 'com' to see all allowed .com domains). Omit to see top-level zones.

Implementation Reference

src/tools/blocking.ts:60-83 (handler)

Full definition and handler for the dns_list_allowed tool. The tool is defined with name 'dns_list_allowed', accepts an optional 'domain' parameter, and its handler calls the API endpoint /api/allowed/list with the optional domain parameter (validated via validateDomain). Returns the JSON response from the Technitium DNS server.

{
  definition: {
    name: "dns_list_allowed",
    description:
      "List allowed DNS zones (domains that bypass block lists). Returns a hierarchical tree — call with no domain to see top-level zones, then pass a domain (e.g. 'com') to drill into subdomains.",
    inputSchema: {
      type: "object",
      properties: {
        domain: {
          type: "string",
          description:
            "Optional parent domain to list children of (e.g. 'com' to see all allowed .com domains). Omit to see top-level zones.",
        },
      },
    },
  },
  readonly: true,
  handler: async (args) => {
    const params: Record<string, string> = {};
    if (args.domain) params.domain = validateDomain(args.domain as string);
    const data = await client.callOrThrow("/api/allowed/list", params);
    return JSON.stringify(data, null, 2);
  },
},

src/tools/blocking.ts:60-75 (schema)

Input schema for dns_list_allowed. Defines a single optional string property 'domain' with description about drilling into subdomains.

{
  definition: {
    name: "dns_list_allowed",
    description:
      "List allowed DNS zones (domains that bypass block lists). Returns a hierarchical tree — call with no domain to see top-level zones, then pass a domain (e.g. 'com') to drill into subdomains.",
    inputSchema: {
      type: "object",
      properties: {
        domain: {
          type: "string",
          description:
            "Optional parent domain to list children of (e.g. 'com' to see all allowed .com domains). Omit to see top-level zones.",
        },
      },
    },
  },

src/tools/index.ts:7-7 (registration)
The blockingTools function is imported from './blocking.js' and registered in the getAllTools function at line 20 via spread operator.
```
import { blockingTools } from "./blocking.js";
```

src/index.ts:47-123 (handler)

The MCP server's CallToolRequestSchema handler that looks up the tool by name in toolMap and invokes tool.handler(args), which is how dns_list_allowed gets executed at runtime.

server.setRequestHandler(CallToolRequestSchema, async (request) => {
  const { name, arguments: args } = request.params;
  const tool = toolMap.get(name);

  if (!tool) {
    return {
      content: [
        { type: "text" as const, text: JSON.stringify({ error: `Unknown tool: ${name}` }) },
      ],
      isError: true,
    };
  }

  // Rate limit check
  const rateCheck = rateLimiter.check(name);
  if (!rateCheck.allowed) {
    audit.logSecurity("rate_limited", `Tool ${name} rate limited`);
    return {
      content: [
        {
          type: "text" as const,
          text: JSON.stringify({
            error: "Rate limited",
            retryAfterMs: rateCheck.retryAfterMs,
          }),
        },
      ],
      isError: true,
    };
  }

  const startTime = Date.now();

  try {
    const rawResult = await tool.handler((args || {}) as Record<string, unknown>);

    // Sanitize the response
    let sanitized: string;
    try {
      const parsed = JSON.parse(rawResult);
      sanitized = JSON.stringify(sanitizeResponse(parsed), null, 2);
    } catch {
      sanitized = rawResult;
    }

    audit.logToolCall(
      name,
      (args || {}) as Record<string, unknown>,
      "success",
      Date.now() - startTime
    );

    return {
      content: [{ type: "text" as const, text: sanitized }],
    };
  } catch (error) {
    const rawMessage = error instanceof Error ? error.message : String(error);
    const message = sanitizeError(rawMessage);

    audit.logToolCall(
      name,
      (args || {}) as Record<string, unknown>,
      "error",
      Date.now() - startTime,
      message
    );

    return {
      content: [
        {
          type: "text" as const,
          text: JSON.stringify({ error: message }),
        },
      ],
      isError: true,
    };
  }

Tool Definition Quality

A4.5/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, description reveals read-only behavior, hierarchical tree return, and domain parameter usage. Lacks details on error cases or permissions, but adequate for a listing tool.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences, front-loaded with main purpose, no unnecessary words. Efficient and clear.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Single optional parameter, no output schema; description covers usage fully with hierarchical tree behavior. No gaps for a simple list tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Adds value beyond schema by explaining the hierarchical drilling pattern and giving a concrete example, though schema already covers parameter description.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Clearly states 'List allowed DNS zones' with a specific verb and resource, distinguishing it from siblings like dns_list_blocked and dns_list_zones.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explains hierarchical usage with examples (call with no domain for top-level, pass domain for subdomains), but does not explicitly mention when to use alternatives.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/rosschurchill/technitium-mcp-secure'

If you have feedback or need assistance with the MCP directory API, please join our Discord server