cloudwatch_get_log_events

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

The description adds behavioral details like auto-quoting of bare literals in filter_pattern and the server-side ranked summary behavior, but does not disclose whether the operation is read-only, pagination limits, or rate limits. Since no annotations are provided, the description carries the full burden but only partially covers it.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

A single paragraph of three sentences, front-loaded with the main purpose, followed by alternative use cases. Every sentence is informative with no unnecessary repetition.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given 9 parameters and no output schema, the description covers the key behaviors and main parameters (hours_back, filter_pattern, group_by, summary_only). It misses explicit mention of the 50000 cap on max_events=0 (though that is in the schema description), and does not describe the return format.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% (all parameters described). The tool description adds supplementary context for group_by and summary_only beyond the schema, such as 'avoids dumping huge log pulls'. This is above baseline but not exceptional.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool fetches recent events from a CloudWatch log group, with optional filtering. It also contrasts raw events with aggregated summaries via group_by, distinguishing this tool from siblings like cloudwatch_insights and cloudwatch_list_log_groups.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description advises when to use group_by (to avoid large log pulls) and summary_only (to get just counts), but does not explicitly differentiate from sibling tools like cloudwatch_insights or provide when-to-use vs. alternatives.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.