check_compliance

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden for behavioral disclosure. It mentions cost and service provider, which adds some context about external dependencies and pricing. However, it doesn't describe what the tool actually does behaviorally (e.g., returns compliance violations, generates a report, requires authentication, has rate limits, or what 'check' entails operationally).

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded with the core purpose. The cost and service information is relevant but could be more integrated. Two sentences with minimal waste, though the second sentence feels somewhat tacked on rather than seamlessly structured.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no annotations and no output schema, the description is incomplete for a tool with 2 parameters. It lacks details on what the tool returns (e.g., compliance score, violations list), behavioral expectations, error handling, or prerequisites. The cost/service info adds some context but doesn't compensate for missing operational and output details.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description must compensate. It mentions 'architecture' and lists frameworks, which aligns with the two parameters, but doesn't explain what 'architecture' should contain (e.g., system design, configuration details) or the meaning of framework choices beyond listing them. No additional semantic context is provided beyond what's inferable from parameter names.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Check architecture against compliance framework' with specific frameworks listed (PCI-DSS, HIPAA, GDPR, ISO27001, SOC2, NIST). It uses a specific verb ('Check') and resource ('architecture'), but doesn't differentiate from sibling tools since none appear to be compliance-related alternatives.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. It mentions cost and service provider ('Cost: $0.015 USDC. Service: threatmodel.'), but this doesn't help an agent decide between this and other compliance or analysis tools. No explicit when/when-not instructions or sibling comparisons are included.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.