Devici MCP Server

get_threats

Retrieve paginated threat data from Devici to analyze security risks and monitor potential vulnerabilities in your system.

Instructions

Get threats from Devici with pagination

Input Schema

TableJSON Schema

Name	Required	Description	Default
`limit`	No
`page`	No

Output Schema

TableJSON Schema

Name	Required	Description	Default
`result`	Yes

Implementation Reference

src/devici_mcp_server/server.py:147-151 (handler)

The MCP tool handler function for 'get_threats' that uses the API client to fetch paginated threats from Devici and returns the result as a string.

async def get_threats(limit: int = 20, page: int = 0) -> str:
    """Get threats from Devici with pagination"""
    async with create_client_from_env() as client:
        result = await client.get_threats(limit=limit, page=page)
        return str(result)

src/devici_mcp_server/server.py:146-146 (registration)
FastMCP decorator that registers the get_threats function as an MCP tool.
```
@mcp.tool()
```

src/devici_mcp_server/api_client.py:209-212 (helper)

API client method implementing the HTTP request to retrieve threats from the Devici API /threats/ endpoint.

async def get_threats(self, limit: int = 20, page: int = 0) -> Dict[str, Any]:
    """Get all threats."""
    params = {"limit": limit, "page": page}
    return await self._make_request("GET", "/threats/", params=params)

Tool Definition Quality

C2.8/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It mentions pagination, which hints at a list operation, but fails to describe critical aspects such as authentication requirements, rate limits, error handling, or the format of returned data. This leaves significant gaps for an agent to understand how to interact with the tool effectively.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is extremely concise with a single sentence ('Get threats from Devici with pagination'), which is front-loaded and wastes no words. It efficiently communicates the core action and a key feature (pagination) without unnecessary detail.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (a read operation with pagination), no annotations, and an output schema present, the description is minimally adequate. It covers the basic purpose and pagination but lacks details on behavior, parameters, and how it differs from siblings. The output schema may help with return values, but the description itself is incomplete for full contextual understanding.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The description does not add any meaning beyond the input schema, which has 0% description coverage. Parameters 'limit' and 'page' are only defined by their titles and types in the schema, with no explanation in the description. Since schema coverage is low, the description does not compensate, but the baseline is 3 as it doesn't mislead.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose3/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description states the verb ('Get') and resource ('threats from Devici'), which provides a basic purpose. However, it doesn't distinguish this tool from sibling tools like 'get_threat' (singular) or 'get_threats_by_component', leaving the scope vague beyond mentioning pagination.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No explicit guidance is provided on when to use this tool versus alternatives. The description mentions pagination, which implies usage for listing threats, but it doesn't clarify distinctions from other threat-related tools like 'get_threat' or 'get_threats_by_component'.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/sdelements/devici-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server