Skip to content

fix(rh-sre): use get_mcp_version in mcp-lightspeed-validator#125

Merged
dmartinol merged 1 commit into
RHEcosystemAppEng:mainfrom
dmartinol:fix/123-mcp-lightspeed-validator-use-get-mcp-version
Jun 22, 2026
Merged

fix(rh-sre): use get_mcp_version in mcp-lightspeed-validator#125
dmartinol merged 1 commit into
RHEcosystemAppEng:mainfrom
dmartinol:fix/123-mcp-lightspeed-validator-use-get-mcp-version

Conversation

@dmartinol

Copy link
Copy Markdown
Collaborator

Fixes #123

Summary

Switch the mcp-lightspeed-validator skill from vulnerability__get_cves to get_mcp_version for connectivity checks. get_mcp_version is always available on the MCP gateway regardless of enabled toolsets and does not trigger CVE UI surfaces.

Also updates the get_cves / limit_ troubleshooting doc to remove the validator from affected skills and point connectivity validation to /mcp-lightspeed-validator.

Pack(s) affected

  • ocp-admin
  • rh-ai-engineer
  • rh-automation
  • rh-basic
  • rh-developer
  • rh-sre
  • rh-virt
  • Other / repo-wide

Change type

  • New skill
  • New agent
  • New pack
  • Update existing skill / agent
  • MCP server config (mcps.json)
  • Docs / README
  • CI / tooling
  • Federation (external pack)

Contribution method

  • Created/imported with /agentic-contribution-skill
  • Manual contribution (validated with make validate + make validate-skill-design-changed)

Pack-persona alignment (new skills only)

N/A — existing validator skill update.

AGENTS.md compliance

  • Agents orchestrate skills; no direct MCP/tool calls in agents
  • Skills are single-purpose task executors
  • Skills encapsulate all tool access (MCP tools invoked only inside skills)
  • Document consultation: file is read with the Read tool, then declared to the user
  • No credentials hardcoded; env vars used via ${VAR} references
  • Human-in-the-loop confirmation added for any destructive or critical operations

Validation

  • make validate passes locally
  • New/changed skills have valid YAML frontmatter (name, description)
  • New/changed agents have valid YAML frontmatter (name, description)

Test plan

  • ./scripts/run-skill-linter.sh rh-sre/skills/mcp-lightspeed-validator/ passes
  • Invoke /mcp-lightspeed-validator and confirm it calls get_mcp_version (not vulnerability__get_cves)
  • Confirm validation still works when vulnerability toolset is disabled

Made with Cursor

…tivity validation

- Revised the workaround for MCP tool failures to clarify the use of default parameters.
- Updated the allowed tools in the MCP Lightspeed Validator to use `get_mcp_version` instead of `vulnerability__get_cves`.
- Adjusted the workflow steps to align with the new validation method.

These changes enhance clarity and ensure accurate usage of the MCP tools.

Signed-off-by: Daniele Martinoli <dmartino@redhat.com>
@dmartinol dmartinol requested a review from r2dedios June 22, 2026 08:42

@r2dedios r2dedios left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀

@dmartinol dmartinol merged commit 4c46ab0 into RHEcosystemAppEng:main Jun 22, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[rh-sre] mcp-lightspeed-validator skill should not invoke get_cves tool

2 participants