Audit and compile Python tool schemas for LLM agents.
Project description
mcp-toolsmith
Audit and compile Python tool schemas for LLM agents.
Alpha: JSON tool files are safe by default. Python files require --execute
and should only be used with trusted code. The public API may change before
1.0.0.
mcp-toolsmith is a small Python-first CLI and library for checking whether tool
metadata is usable by LLM agents, then compiling those tools into MCP or
OpenAI-style tool definitions.
It helps catch problems such as vague tool names, missing descriptions, oversized schemas, overlapping tools, and prompt-injection-like language inside tool metadata.
Install
pip install mcp-toolsmith==0.1.0a1
For local development:
python -m pip install -e ".[dev]"
Usage
Audit JSON tool definitions
JSON tool definitions are safe by default:
mcp-toolsmith audit tools.json
Example JSON input:
{
"tools": [
{
"name": "search_docs",
"description": "Search project documentation by natural language query.",
"inputSchema": {
"type": "object",
"properties": {
"query": {
"type": "string",
"description": "Question or topic to search for."
},
"limit": {
"type": "integer",
"description": "Maximum number of results to return.",
"default": 5
}
},
"required": ["query"]
}
}
]
}
Example audit output:
OK Audited 1 tool(s) from tools.json
Errors: 0 Warnings: 0
search_docs [mcp] ~55 schema tokens
No findings
Compile tools
Compile to MCP-style tool definitions:
mcp-toolsmith compile tools.json --target mcp
Compile to OpenAI-style function definitions:
mcp-toolsmith compile tools.json --target openai
Audit trusted Python files
Python files are executable source code, so mcp-toolsmith refuses to import
them unless you opt in:
mcp-toolsmith audit tools.py --execute
mcp-toolsmith compile tools.py --target mcp --execute
Use --execute only for trusted files.
Trusted Python files can contain top-level functions and Pydantic v2 models:
from pydantic import BaseModel, Field
def get_weather(city: str, unit: str = "celsius") -> str:
"""Get current weather for a city.
Args:
city: City and country, such as Madrid, Spain.
unit: Temperature unit to return.
"""
return "sunny"
class SearchDocsInput(BaseModel):
"""Search project documentation by natural language query."""
query: str = Field(description="Question or topic to search for.")
limit: int = Field(default=5, description="Maximum number of results.")
In this alpha, trusted Python discovery includes every public top-level function and every public Pydantic model in the file. Decorator-based discovery is planned for a later release.
Python API
from mcp_toolsmith import audit_file, compile_file
report = audit_file("tools.json")
report.print()
mcp_tools = compile_file("tools.json", target="mcp")
openai_tools = compile_file("tools.json", target="openai")
For trusted Python files:
report = audit_file("tools.py", execute=True)
mcp_tools = compile_file("tools.py", target="mcp", execute=True)
Checks
| Check | Why it matters |
|---|---|
| Vague tool names | Agents may pick the wrong tool when names are generic |
| Missing descriptions | Tool selection depends heavily on clear descriptions |
| Missing argument descriptions | Models need argument-level context |
| Oversized schemas | Large schemas cost tokens and can distract smaller models |
| Overlapping tools | Similar tools make tool choice unstable |
| Tool-poisoning language | Tool metadata is part of the prompt surface |
Roadmap
| Version | Goal |
|---|---|
0.1.0a1 |
Safe-by-default CLI, Python/Pydantic discovery behind --execute, audit report, MCP/OpenAI compile |
0.2.0 |
Decorator-based Python tool discovery |
0.3.0 |
OpenAPI input and richer JSON Schema validation |
0.4.0 |
Provider compatibility profiles for Anthropic, Gemini, and OpenAI |
0.5.0 |
Deterministic schema compaction and rewriting |
1.0.0 |
Stable public API and compatibility matrix |
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mcp_toolsmith-0.1.0a1.tar.gz.
File metadata
- Download URL: mcp_toolsmith-0.1.0a1.tar.gz
- Upload date:
- Size: 14.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
40defbbb95929b7c7d30118b897e72f5e88312f21594b8449e268f581658fc11
|
|
| MD5 |
618fa2fa890893830276773927a1d63c
|
|
| BLAKE2b-256 |
afde7f722bfd13abd8c14b528df285f3c30eca556649188fa49b7e5ad0e6363b
|
File details
Details for the file mcp_toolsmith-0.1.0a1-py3-none-any.whl.
File metadata
- Download URL: mcp_toolsmith-0.1.0a1-py3-none-any.whl
- Upload date:
- Size: 15.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4e6c4eb81276fd534d5df2328c8e0ad10b981ada0a4d2d4cb2bb7f4945f371e1
|
|
| MD5 |
71eb9a99346f08f79d5e1ac11b3cf3b2
|
|
| BLAKE2b-256 |
68a159b322bc9f9028c118d6edaea933febcdde8909dda4d06b17e5021bb9db8
|
