hound_audit

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It describes the tool's actions (parsing lockfiles and querying OSV) and scope (batch vulnerability scanning), but lacks details on permissions, rate limits, error handling, or output format. This is adequate for a read-only analysis tool but misses key operational context that annotations would typically cover.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is highly concise and front-loaded, consisting of a single sentence that efficiently communicates the tool's core functionality. Every word earns its place by specifying the action, target, and method without redundancy or unnecessary elaboration, making it easy for an agent to quickly grasp the tool's purpose.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's moderate complexity (parsing multiple lockfile formats and querying an external service), no annotations, and no output schema, the description is incomplete. It adequately covers the 'what' but lacks details on behavioral traits, error conditions, or result interpretation. For a tool with no structured output documentation, more context on expected results would be beneficial.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema fully documents both parameters (lockfile_content and lockfile_name). The description adds no additional parameter semantics beyond what the schema provides, such as format specifics or validation rules. The baseline score of 3 reflects adequate but minimal value addition from the description in this dimension.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with specific verbs ('scan', 'parses', 'batch-queries') and resources ('project's lockfile', 'dependency risks', 'OSV for vulnerabilities'). It explicitly lists the supported file formats, distinguishing it from sibling tools like hound_license_check or hound_upgrade by focusing on vulnerability scanning rather than licensing or upgrade analysis.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage context by specifying it scans lockfiles for dependency risks, but it does not explicitly state when to use this tool versus alternatives like hound_vulns or hound_advisories. It provides no guidance on prerequisites, exclusions, or comparative scenarios with sibling tools, leaving the agent to infer appropriate usage from the purpose alone.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.