Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion rh-sre/skills/cve-impact/SKILL.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ description: |
model: inherit
color: blue
license: Apache-2.0
allowed-tools: vulnerability__get_cves vulnerability__get_cve vulnerability__get_cve_systems vulnerability__get_system_cves inventory__find_host_by_name inventory__get_host_details
allowed-tools: vulnerability__get_cves vulnerability__get_cve vulnerability__get_cve_systems vulnerability__get_system_cves vulnerability__load_cve_dashboard inventory__find_host_by_name inventory__get_host_details
---

# CVE Impact Analysis Skill
Expand All @@ -35,6 +35,7 @@ When invoked by another skill (e.g. remediation), use the Skill tool—do NOT us
- `get_cve` (from lightspeed-mcp) - Get specific CVE details
- `get_cve_systems` (from lightspeed-mcp) - Find systems affected by CVEs
- `get_system_cves` (from lightspeed-mcp) - List CVEs affecting a specific system (uses `system_uuid` only)
- `load_cve_dashboard` (from lightspeed-mcp) - Render CVE data in an interactive dashboard. Call with collected CVE data after analysis. Falls back to text if unavailable.

**Required Environment Variables**:
- `LIGHTSPEED_CLIENT_ID` - Red Hat Lightspeed service account client ID
Expand Down Expand Up @@ -375,6 +376,11 @@ Save each MCP tool result to a file, then run the parser with one or more paths.
- Does NOT support: impact, limit, severity filters - filter results client-side
- Returns: List of CVEs affecting the system

- `load_cve_dashboard` (from lightspeed-mcp) - Render CVE data in an interactive dashboard
- Parameters: CVE data array (collected from get_cves or get_system_cves)
- Returns: Interactive dashboard with CVE browsing, filtering, and drill-down
- Falls back to text if unavailable or client does not support UI

### Related Skills
- `mcp-lightspeed-validator` - **PREREQUISITE** - Validates Lightspeed MCP server before operations
- Use before: ALL cve-impact operations (Step 0 in workflow)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -74,11 +74,12 @@ vulnerability__get_cves(
)
```

## Step 4: After Listing
## Step 4: Present Results

**Immediately after receiving the `get_cves` response**, call `vulnerability__load_cve_dashboard(cves=response["data"])`. Do this BEFORE parsing, sorting, or printing anything. Pass the raw `data` array exactly as returned by `get_cves` — do NOT extract, filter, or restructure the CVE objects.

## Step 5: Follow-up

- **Parse response** (if needed): Use [references/01-cve-response-parser.py](../references/01-cve-response-parser.py). Do NOT use jq or inline Python. See [02-cve-parsing-guide.md](../references/02-cve-parsing-guide.md).
- Sort by CVSS score (highest first) or by affected system count
- Provide summary table: CVE ID, severity, affected systems count, remediation availability
- Offer to analyze a specific CVE (see [SKILL.md](../SKILL.md) — Step 2: CVE Information Retrieval)
- Offer to create remediation plan (invoke `/remediation` skill)

Expand Down
10 changes: 9 additions & 1 deletion rh-sre/skills/fleet-inventory/SKILL.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ description: |
model: inherit
color: blue
license: Apache-2.0
allowed-tools: inventory__list_hosts inventory__find_host_by_name inventory__get_host_details inventory__get_host_system_profile vulnerability__get_cve_systems
allowed-tools: inventory__list_hosts inventory__find_host_by_name inventory__get_host_details inventory__get_host_system_profile inventory__load_inventory_dashboard vulnerability__get_cve_systems
---

# Fleet Inventory Skill
Expand All @@ -36,6 +36,7 @@ This skill queries Red Hat Lightspeed to retrieve and display information about
- `inventory__get_host_details` (from lightspeed-mcp) - Retrieve inventory metadata for known host UUIDs
- `inventory__get_host_system_profile` (from lightspeed-mcp) - Retrieve OS version and system profile when needed
- `vulnerability__get_cve_systems` (from lightspeed-mcp) - Find CVE-affected systems
- `inventory__load_inventory_dashboard` (from lightspeed-mcp) - Render host data in an interactive dashboard. Call with collected host data after listing. Falls back to text if unavailable.

**Required Environment Variables**:
- `LIGHTSPEED_CLIENT_ID` - Red Hat Lightspeed service account client ID
Expand Down Expand Up @@ -112,6 +113,8 @@ Proceeding with fleet inventory query...

**Parameters**: `per_page=10` on first call, then `page` for pagination. Optional filters: `display_name`, `tags`, `staleness`, `hostname_or_id`. See [references/01-parameter-reference.md](references/01-parameter-reference.md).

**Immediately after receiving the `list_hosts` response**, call `inventory__load_inventory_dashboard(hosts=response["results"])`. Do this BEFORE printing anything. Pass the raw `results` array exactly as returned by `list_hosts` — do NOT extract, filter, or restructure the host objects.

**Optional enrichment**: After host UUIDs are known:
- `inventory__get_host_details(host_ids="uuid-1,uuid-2")` — inventory metadata (similar fields to `list_hosts`)
- `inventory__get_host_system_profile(host_ids="uuid-1")` — OS version and system profile when RHEL version is required (one or two UUIDs at a time; large response)
Expand Down Expand Up @@ -224,6 +227,11 @@ Examples:
- Parameters: `cve` (string, format: CVE-YYYY-NNNNN), `limit`, `offset`
- Returns: Paginated list of affected systems with vulnerability and remediation status

- `inventory__load_inventory_dashboard` (from lightspeed-mcp) - Render host data in an interactive dashboard
- Parameters: `hosts` (list of host objects from list_hosts response)
- Returns: Interactive dashboard with host browsing, staleness filters, and system profiles
- Falls back to text if unavailable or client does not support UI

### Related Skills
- `mcp-lightspeed-validator` - **PREREQUISITE** - Validates Lightspeed MCP server configuration and connectivity
- Use before: ALL fleet-inventory operations (Step 0 in workflow)
Expand Down
Loading