lintai docs

Appearance

Rule Reference

SEC315lintai-ai-securitystabletool_jsonwarn

Tool descriptors: duplicate tool names

MCP-style tool descriptor collection contains duplicate tool names

Provider
lintai-ai-security
Surface
tool_json
Scope
per_file
Tier
stable
Severity
warn
Confidence
high
Detection
structural
Remediation
message_only

Activation Model

Preset Membership

This rule is part of the builtin activation graph through these preset memberships.

basemembership
mcpmembership

Lifecycle

Stable Lifecycle Contract

State

stable_gated

Graduation rationale

Checks structured MCP-style tool collections for duplicate names that can shadow one another.

Deterministic signal basis

ToolJsonSignals duplicate-name detection over MCP-style tool collections.

Malicious corpus
tool-json-duplicate-tool-names
Benign corpus
tool-json-unique-tool-names
structured evidence required remediation reviewed
Canonical note

Structural stable rule intended as a high-precision check with deterministic evidence.

Nearby Signals

Related Rules

SEC314Tool descriptor: missing machine fieldsMCP-style tool descriptor is missing required machine fieldstool_jsonstable
SEC316OpenAI strict schema: missing additionalProperties falseOpenAI strict tool schema omits recursive additionalProperties: falsetool_jsonstable
SEC317OpenAI strict schema: properties not all requiredOpenAI strict tool schema does not require every declared propertytool_jsonstable
SEC318Anthropic strict schema: missing additionalProperties falseAnthropic strict tool input schema omits additionalProperties: falsetool_jsonstable

Why It Matters

Duplicate tool names create ambiguity in machine-consumed tool catalogs. One tool can shadow another, or clients can behave inconsistently about which definition wins.

What Triggers

SEC315 applies to MCP-style tool descriptor collections and triggers when the same tool name appears more than once in the parsed collection.

Example that triggers:

json
[
  { "name": "list_clusters", "inputSchema": { "type": "object", "properties": {}, "additionalProperties": false } },
  { "name": "list_clusters", "inputSchema": { "type": "object", "properties": {}, "additionalProperties": false } }
]

False Positives

This is a deterministic structural check over parsed tool names. If duplicate names are intentional, the safer fix is still to make the identifiers unique and keep aliases in descriptive fields instead.

Remediation

Rename the duplicated tool so each exported machine identifier is unique.