From 932ef7baea1036da636bbf04a6f283f1aeb9211a Mon Sep 17 00:00:00 2001 From: Tomer Figenblat Date: Fri, 26 Jun 2026 13:40:20 -0400 Subject: [PATCH] feat: add dashboard-aware presentation tools to cve-impact and fleet-inventory skills Signed-off-by: Tomer Figenblat --- rh-sre/skills/cve-impact/SKILL.md | 8 +++++++- .../cve-impact/references/flows/01-account-cves.md | 9 +++++---- rh-sre/skills/fleet-inventory/SKILL.md | 10 +++++++++- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/rh-sre/skills/cve-impact/SKILL.md b/rh-sre/skills/cve-impact/SKILL.md index 33f896c9..52712699 100644 --- a/rh-sre/skills/cve-impact/SKILL.md +++ b/rh-sre/skills/cve-impact/SKILL.md @@ -11,7 +11,7 @@ description: | model: inherit color: blue license: Apache-2.0 -allowed-tools: vulnerability__get_cves vulnerability__get_cve vulnerability__get_cve_systems vulnerability__get_system_cves inventory__find_host_by_name inventory__get_host_details +allowed-tools: vulnerability__get_cves vulnerability__get_cve vulnerability__get_cve_systems vulnerability__get_system_cves vulnerability__load_cve_dashboard inventory__find_host_by_name inventory__get_host_details --- # CVE Impact Analysis Skill @@ -35,6 +35,7 @@ When invoked by another skill (e.g. remediation), use the Skill tool—do NOT us - `get_cve` (from lightspeed-mcp) - Get specific CVE details - `get_cve_systems` (from lightspeed-mcp) - Find systems affected by CVEs - `get_system_cves` (from lightspeed-mcp) - List CVEs affecting a specific system (uses `system_uuid` only) +- `load_cve_dashboard` (from lightspeed-mcp) - Render CVE data in an interactive dashboard. Call with collected CVE data after analysis. Falls back to text if unavailable. **Required Environment Variables**: - `LIGHTSPEED_CLIENT_ID` - Red Hat Lightspeed service account client ID @@ -375,6 +376,11 @@ Save each MCP tool result to a file, then run the parser with one or more paths. - Does NOT support: impact, limit, severity filters - filter results client-side - Returns: List of CVEs affecting the system +- `load_cve_dashboard` (from lightspeed-mcp) - Render CVE data in an interactive dashboard + - Parameters: CVE data array (collected from get_cves or get_system_cves) + - Returns: Interactive dashboard with CVE browsing, filtering, and drill-down + - Falls back to text if unavailable or client does not support UI + ### Related Skills - `mcp-lightspeed-validator` - **PREREQUISITE** - Validates Lightspeed MCP server before operations - Use before: ALL cve-impact operations (Step 0 in workflow) diff --git a/rh-sre/skills/cve-impact/references/flows/01-account-cves.md b/rh-sre/skills/cve-impact/references/flows/01-account-cves.md index d981a9e9..c2a976c0 100644 --- a/rh-sre/skills/cve-impact/references/flows/01-account-cves.md +++ b/rh-sre/skills/cve-impact/references/flows/01-account-cves.md @@ -74,11 +74,12 @@ vulnerability__get_cves( ) ``` -## Step 4: After Listing +## Step 4: Present Results + +**Immediately after receiving the `get_cves` response**, call `vulnerability__load_cve_dashboard(cves=response["data"])`. Do this BEFORE parsing, sorting, or printing anything. Pass the raw `data` array exactly as returned by `get_cves` — do NOT extract, filter, or restructure the CVE objects. + +## Step 5: Follow-up -- **Parse response** (if needed): Use [references/01-cve-response-parser.py](../references/01-cve-response-parser.py). Do NOT use jq or inline Python. See [02-cve-parsing-guide.md](../references/02-cve-parsing-guide.md). -- Sort by CVSS score (highest first) or by affected system count -- Provide summary table: CVE ID, severity, affected systems count, remediation availability - Offer to analyze a specific CVE (see [SKILL.md](../SKILL.md) — Step 2: CVE Information Retrieval) - Offer to create remediation plan (invoke `/remediation` skill) diff --git a/rh-sre/skills/fleet-inventory/SKILL.md b/rh-sre/skills/fleet-inventory/SKILL.md index e58334c3..d02e4956 100644 --- a/rh-sre/skills/fleet-inventory/SKILL.md +++ b/rh-sre/skills/fleet-inventory/SKILL.md @@ -19,7 +19,7 @@ description: | model: inherit color: blue license: Apache-2.0 -allowed-tools: inventory__list_hosts inventory__find_host_by_name inventory__get_host_details inventory__get_host_system_profile vulnerability__get_cve_systems +allowed-tools: inventory__list_hosts inventory__find_host_by_name inventory__get_host_details inventory__get_host_system_profile inventory__load_inventory_dashboard vulnerability__get_cve_systems --- # Fleet Inventory Skill @@ -36,6 +36,7 @@ This skill queries Red Hat Lightspeed to retrieve and display information about - `inventory__get_host_details` (from lightspeed-mcp) - Retrieve inventory metadata for known host UUIDs - `inventory__get_host_system_profile` (from lightspeed-mcp) - Retrieve OS version and system profile when needed - `vulnerability__get_cve_systems` (from lightspeed-mcp) - Find CVE-affected systems +- `inventory__load_inventory_dashboard` (from lightspeed-mcp) - Render host data in an interactive dashboard. Call with collected host data after listing. Falls back to text if unavailable. **Required Environment Variables**: - `LIGHTSPEED_CLIENT_ID` - Red Hat Lightspeed service account client ID @@ -112,6 +113,8 @@ Proceeding with fleet inventory query... **Parameters**: `per_page=10` on first call, then `page` for pagination. Optional filters: `display_name`, `tags`, `staleness`, `hostname_or_id`. See [references/01-parameter-reference.md](references/01-parameter-reference.md). +**Immediately after receiving the `list_hosts` response**, call `inventory__load_inventory_dashboard(hosts=response["results"])`. Do this BEFORE printing anything. Pass the raw `results` array exactly as returned by `list_hosts` — do NOT extract, filter, or restructure the host objects. + **Optional enrichment**: After host UUIDs are known: - `inventory__get_host_details(host_ids="uuid-1,uuid-2")` — inventory metadata (similar fields to `list_hosts`) - `inventory__get_host_system_profile(host_ids="uuid-1")` — OS version and system profile when RHEL version is required (one or two UUIDs at a time; large response) @@ -224,6 +227,11 @@ Examples: - Parameters: `cve` (string, format: CVE-YYYY-NNNNN), `limit`, `offset` - Returns: Paginated list of affected systems with vulnerability and remediation status +- `inventory__load_inventory_dashboard` (from lightspeed-mcp) - Render host data in an interactive dashboard + - Parameters: `hosts` (list of host objects from list_hosts response) + - Returns: Interactive dashboard with host browsing, staleness filters, and system profiles + - Falls back to text if unavailable or client does not support UI + ### Related Skills - `mcp-lightspeed-validator` - **PREREQUISITE** - Validates Lightspeed MCP server configuration and connectivity - Use before: ALL fleet-inventory operations (Step 0 in workflow)