Skip to main content
Glama

search_in_sources

Read-only

Locate function names, endpoints, literals, or code patterns in JS sources loaded by the selected debugger context, searching external, inline, and minified scripts without executing or pausing.

Instructions

Finds a known function name, endpoint, string literal, token, or code pattern in JavaScript loaded by the selected debugger context—the main frame by default, or the frame chosen with select_frame. It searches external, inline/eval, and minified sources in that context without executing or pausing the page, returning 1-based lines plus context-scoped scriptIds; URLs are the preferred selectors for URL-backed matches. Use select_frame first for iframe-specific source work, get_script_source for nearby context, save_script_source for a whole bundle, or set_breakpoint_on_text when runtime values are needed. For a known captured request, prefer get_request_initiator before a broad source search.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
queryYesSource text to locate, or a regular-expression pattern when isRegex=true. Prefer a distinctive function name, endpoint, property, or literal that can also anchor set_breakpoint_on_text.
isRegexNoInterpret query as a regular expression when true. Leave false for literal endpoint, token, and code-text searches.
urlFilterNoCase-insensitive script-URL substring used to narrow matches to a known bundle or domain. It excludes unnamed inline/eval scripts.
maxResultsNoMaximum matches to return (default: 30). Narrow with urlFilter before increasing this for common text.
caseSensitiveNoMatch case exactly when true. Leave false for discovery; set true when choosing exact code text for a breakpoint.
maxLineLengthNoMaximum characters in each matched-line preview (default: 150). Use get_script_source rather than a very large preview when surrounding context is needed.
excludeMinifiedNoSkip sources with very long lines when true. Keep the default false for reverse engineering because relevant code often exists only in compressed bundles.

Output Schema

TableJSON Schema
NameRequiredDescriptionDefault
okYesWhether the tool completed successfully.
dataNo
toolYesStable MCP tool name.
errorNo
summaryYesConcise human-readable outcome.
Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations declare readOnlyHint=true and destructiveHint=false. The description adds behavioral details: searches without executing or pausing the page, returns 1-based lines plus context-scoped scriptIds, and URLs are preferred selectors. No contradictions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is well-structured into two paragraphs: first explaining what the tool does and how it works, second providing usage guidance. Every sentence adds value, and there is no redundancy. It is appropriately sized for the complexity.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (7 parameters, output schema exists), the description is complete. It covers behavioral aspects, return elements, and usage context. The output schema exists, so return values need not be elaborated.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100%, so the baseline is 3. However, the description adds extra meaning for several parameters: urlFilter 'excludes unnamed inline/eval scripts', maxLineLength suggests using get_script_source for surrounding context, excludeMinified explains why keeping default false is best for reverse engineering. This additional context pushes the score to 4.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool finds function names, endpoints, string literals, tokens, or code patterns in JavaScript sources. It specifies the scope (selected debugger context, main frame or chosen frame) and distinguishes from siblings by mentioning related tools like select_frame, get_script_source, etc.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines5/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides explicit guidance on when to use this tool vs alternatives: use select_frame first for iframe-specific work, get_script_source for nearby context, save_script_source for whole bundle, set_breakpoint_on_text when runtime values are needed, and get_request_initiator for a known captured request. It also mentions to prefer get_request_initiator before a broad source search.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/zhizhuodemao/js-reverse-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server