# Sample MCP tools/list Compatibility Report Fictional sample. This shows the shape of the paid `$25` MCP report deliverable. It is not a report about a real buyer, company, repository, or private MCP server. ## Scope Reviewed one redacted MCP `tools/list` JSON export for a fictional server named `example-workflow-mcp`. No source code, private repositories, credentials, customer records, cookies, private screenshots, payment pages, or live tool calls were reviewed. No MCP tools were invoked. ## Executive Summary The tool metadata is not ready for unattended approval. Two schema-shape issues can cause client validation or model argument generation to diverge from runtime expectations: - `invoke_function.data` and `invoke_function.user` are emitted as boolean schemas instead of parameter schema objects. - `echo_array.items` uses a union `type` array that should be regression-tested in the target MCP client before launch. Recommended launch gate: keep affected tools in `ask` until the schema output is fixed and the regression tests below pass. ## Findings | Severity | Code | Location | Why It Matters | Recommended Fix | | --- | --- | --- | --- | --- | | High | `invalid_property_schema_shape` | `invoke_function.inputSchema.properties.data` | Top-level MCP input properties should map names to schema objects. A boolean entry can break client-side validation or lose argument guidance. | Replace `true` with an explicit object schema such as `{ "type": "object", "description": "Function input payload." }` or a narrower object shape. | | High | `invalid_property_schema_shape` | `invoke_function.inputSchema.properties.user` | The client cannot reliably infer what object shape or data boundary is expected. | Replace `true` with an explicit object schema and document whether user context is optional, redacted, or forbidden. | | Medium | `property_union_type_compatibility` | `echo_array.inputSchema.properties.items.type` | Some clients or LLM tool adapters may drop `["array", "null"]` details and generate stringified arrays. | Add target-client regression coverage for array, null, and malformed-string cases. Consider `anyOf` only if the target client preserves it correctly. | | Low | `property_without_description` | `invoke_function.inputSchema.properties.timeout` | Missing descriptions reduce review quality and can make generated arguments less reliable. | Add a concise description and bounds, for example `Seconds to wait before returning a timeout error; default 30; max 120.` | ## Suggested Regression Tests ```js for (const tool of tools) { const props = tool.inputSchema?.properties ?? {}; for (const [name, schema] of Object.entries(props)) { assert(schema && typeof schema === "object" && !Array.isArray(schema), `${tool.name}.${name}`); } } ``` Additional target-client checks: - Ask the client to call `echo_array` with `["a", "b"]`; assert the server receives an array, not a string. - Ask the client to call `echo_array` with `null`; assert the server behavior matches the declared schema. - Ask the client to call `invoke_function` with an object payload; assert the generated arguments match the server validator. - Capture a new `tools/list` snapshot digest after every schema change and re-review changed metadata before approval. ## Approval Recommendation | Tool | Default Gate | Reason | | --- | --- | --- | | `invoke_function` | Ask | Schema shape is ambiguous for `data` and `user`; this tool can trigger function execution. | | `echo_array` | Ask | Union type needs target-client compatibility proof. | | `check_status` | Allow | Read-only status check with explicit string parameters and no mutation signal. | ## Buyer Action List 1. Fix boolean property schemas. 2. Add descriptions to all top-level parameters. 3. Run `mcp-permission-matrix` against the new `tools/list` snapshot. 4. Add target-client regression tests for array/null/structured-object generation. 5. Keep changed tools in `ask` until the snapshot digest and regression evidence are recorded. ## Safety Boundary This report is a planning aid, not legal advice, compliance certification, penetration testing, incident response, or a guarantee that an MCP server is safe.