Orihime

find_cross_service_taint

Trace taint paths from HTTP endpoint parameters to outgoing REST calls to detect cross-service injection vulnerabilities.

Instructions

Find taint paths from HTTP endpoint handler parameters to outgoing REST calls.

This is an Orihime-native equivalent of SonarQube Enterprise "Advanced SAST"
cross-service taint analysis.

A taint path is a call chain that starts at an HTTP endpoint handler method
(whose parameters are user-controlled: @RequestParam, @PathVariable, @RequestBody)
and ends at a method that issues an outgoing HTTP call (UNRESOLVED_CALL or
CALLS_REST edge).  Intermediate hops are method CALLS edges.

Args:
    repo_name: Repository to analyse.
    max_depth: Maximum call-chain depth to traverse (default 6).

Returns:
    List of dicts, each describing one taint path::

        {
            "source_handler_fqn":   str,  # endpoint handler method
            "source_endpoint":       str,  # HTTP path e.g. GET /api/users/{id}
            "sink_method_fqn":       str,  # method that makes the outgoing call
            "sink_url_pattern":      str,  # URL pattern of the outgoing call
            "sink_http_method":      str,  # GET/POST/...
            "path_length":           int,  # number of hops
            "call_chain":            list, # [method_fqn, ...] from source to sink
        }

Input Schema

TableJSON Schema

Name	Required	Description	Default
`repo_name`	Yes
`max_depth`	No

Output Schema

TableJSON Schema

Name	Required	Description	Default
`result`	Yes

Tool Definition Quality

A4.2/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Given no annotations, the description explains the behavioral process: traversing call chains from HTTP handlers to outgoing calls via CALLS edges, and defines the output format. It does not mention prerequisites or side effects, but the read-only analytical nature is clear.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is well-structured with a brief summary, detailed explanation, Args and Returns sections. It is concise, front-loaded with the main purpose, and every sentence adds value.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

The description covers purpose, parameters, and output schema well. It lacks mention of prerequisites like requiring the repo to be indexed, but overall it provides sufficient context for a complex analysis tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, but the description adds descriptions for both parameters: repo_name as 'Repository to analyse' and max_depth with default and explanation. This adds meaningful context beyond the bare schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool finds taint paths from HTTP endpoint handler parameters to outgoing REST calls. It specifies the verb 'find', the resource 'taint paths', and narrows the scope to cross-service analysis, differentiating from generic taint analysis tools like find_taint_paths.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies the tool is for cross-service taint analysis but does not explicitly state when to use it over siblings like find_taint_paths, find_taint_flows, or find_taint_sinks. No when-not or alternative guidance is provided.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/srinivasan-sundaresan95/orihime'

If you have feedback or need assistance with the MCP directory API, please join our Discord server