Retrieve security vulnerabilities from scans with copy-paste fix prompts for immediate remediation in AI IDEs like Cursor and Claude Code.
List findings with copy-paste fix prompts for Cursor, Lovable, and Claude Code.
| Name | Required | Description | Default |
|---|---|---|---|
| scan_id | Yes | Scan ID |
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations provided, the description carries full burden for behavioral disclosure. It mentions 'copy-paste fix prompts for Cursor, Lovable, and Claude Code' which suggests some output format, but doesn't describe what a 'finding' is, whether this is a read-only operation, pagination behavior, error conditions, or authentication requirements. For a tool with zero annotation coverage, this leaves significant behavioral gaps.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is extremely concise - a single sentence that communicates the core purpose efficiently. There's zero wasted language, and it's front-loaded with the main action. Every word earns its place in this compact description.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the complexity (security/vulnerability findings context implied), no annotations, and no output schema, the description is insufficiently complete. It hints at output format with 'copy-paste fix prompts' but doesn't explain what findings are, their structure, or how the scan_id relates to them. For a tool that presumably returns security analysis results, more context about the domain and expected outputs would be helpful.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema description coverage is 100% with the single parameter 'scan_id' documented in the schema. The description adds no parameter-specific information beyond what the schema already provides. According to scoring rules, when schema coverage is high (>80%), the baseline is 3 even with no param info in the description.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the action ('List findings') and specifies the resource type ('findings'), which provides a specific verb+resource combination. However, it doesn't differentiate from sibling tools like 'get_scan' or 'scan_url' - we can infer it lists findings rather than scans or URLs, but no explicit distinction is made.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides no guidance on when to use this tool versus alternatives. There's no mention of prerequisites (like needing a scan_id from another operation), when this tool is appropriate versus 'get_scan', or any contextual usage instructions. The agent must infer usage from the tool name and parameter alone.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/sekrdcom/sekrd-mcp-ts'
If you have feedback or need assistance with the MCP directory API, please join our Discord server