Check for security updates and vulnerable packages on your system. Optionally scan for known CVEs using internet access.
Check for security updates and vulnerable packages
| Name | Required | Description | Default |
|---|---|---|---|
| checkCVE | No | Check for known CVEs (requires internet) |
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description bears full responsibility. It does not disclose whether the tool modifies the system, requires network access (except via parameter), or what the output format is. The parameter description hints at CVE checking requiring internet, but the main description lacks behavioral context.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is a single concise sentence that is front-loaded. It could be slightly more precise about what is checked, but it is efficient and avoids redundancy.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the simplicity of the tool (1 optional param, no output schema), the description is minimally adequate. However, it does not specify what the output looks like or the scope of the check (e.g., system packages, user-installed packages).
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% with one parameter already described. The description does not add meaning beyond the schema; it only repeats the parameter's purpose. Baseline of 3 is appropriate.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool checks for security updates and vulnerable packages. It distinguishes from sibling security tools like security-check-firewall or security-check-ssh, but does not explicitly differentiate from security-quick-scan or security-scan-ports.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
No guidance on when to use this tool versus alternatives. The description only states what it does, with no mention of when it is appropriate or when to prefer sibling tools like security-quick-scan or security-scan-ports.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/washyu/ansible-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server