red_team

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description carries full weight. It explains default behavior (strict=False reports hits without raising), output format (each row shows input, caught, pattern), and meaning of 'caught' (true if any pattern matched). It does not detail side effects or permissions, but the read-only nature is implied.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is concise (5 sentences), front-loaded with the main action, and efficiently includes use cases, an example, and output details without redundancy.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a tool with 2 simple parameters and an output schema, the description covers purpose, usage, default, and output format. It lacks detail on what happens when strict=True or how extra_patterns behave, but overall it is fairly complete for effective tool invocation.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 0%, so description must compensate. It adds meaning for 'strict' by explaining its default and effect (reports hits without raising). However, 'extra_patterns' is not described, leaving its purpose ambiguous. The output description is provided but parameter semantics are only partially addressed.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description explicitly states the verb 'run' and the resource 'a curated set of injection payloads through the sanitizer.' It clearly defines the tool's function and distinguishes it from siblings like scan_input or patterns_list by focusing on a predefined set for testing effectiveness.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides specific use cases: 'is the sanitizer actually catching things?' and 'compliance evidence for security review.' It does not directly mention when not to use it or compare to alternatives, but the guidance is clear for the intended scenarios.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.