From 5a534b97cd0014bfab1e876c2686b67e8e0a576f Mon Sep 17 00:00:00 2001 From: Erik M Jacobs Date: Fri, 8 May 2026 15:26:13 -0400 Subject: [PATCH 1/2] fix(rh-basic): remove stale Red Hat Lightspeed MCP references Replace all mentions of Lightspeed MCP with the correct red-hat-security MCP server across CLAUDE.md, README.md, collection.yaml, and collection.json. Also adds the missing red-hat-security-mcp-setup skill to the README skills list, decision guide, and architecture tree, and corrects the skill count from 5 to 6. Co-Authored-By: Claude Sonnet 4.6 --- rh-basic/.catalog/collection.json | 9 ++------- rh-basic/.catalog/collection.yaml | 10 +++++----- rh-basic/CLAUDE.md | 6 +++--- rh-basic/README.md | 23 +++++++++++++++++++---- 4 files changed, 29 insertions(+), 19 deletions(-) diff --git a/rh-basic/.catalog/collection.json b/rh-basic/.catalog/collection.json index e81579f6..1410aa9b 100644 --- a/rh-basic/.catalog/collection.json +++ b/rh-basic/.catalog/collection.json @@ -15,7 +15,7 @@ { "description": "CVE Explanation and Severity Rating", "name": "red-hat-cve-explainer", - "summary_markdown": "Explain a CVE using Red Hat's severity rating system and recommend a course of action.\n**Use when:**\n- What is CVE-2024-1234?\n- How severe is this CVE?\n- Should I patch CVE-X immediately?\n**What it does:**\n- Looks up CVE metadata via Lightspeed MCP or Red Hat CVE pages\n- Maps to Red Hat severity (Critical/Important/Moderate/Low)\n- Links to applicable security advisories (RHSA/RHBA/RHEA)\n- Gives a concrete action recommendation per severity\n" + "summary_markdown": "Explain a CVE using Red Hat's severity rating system and recommend a course of action.\n**Use when:**\n- What is CVE-2024-1234?\n- How severe is this CVE?\n- Should I patch CVE-X immediately?\n**What it does:**\n- Looks up CVE metadata via the Red Hat Security MCP or Red Hat CVE pages\n- Maps to Red Hat severity (Critical/Important/Moderate/Low)\n- Links to applicable security advisories (RHSA/RHBA/RHEA)\n- Gives a concrete action recommendation per severity\n" }, { "description": "Diagnostic Data Gathering for Red Hat Support", @@ -30,7 +30,7 @@ { "description": "Product Lifecycle Status and Support Phase Lookup", "name": "red-hat-product-lifecycle", - "summary_markdown": "Report the current lifecycle phase and support dates for any Red Hat product or version.\n**Use when:**\n- Is RHEL 8.6 still supported?\n- When does OpenShift 4.14 reach end of maintenance?\n- What App Streams are available for RHEL 9?\n**What it does:**\n- Retrieves lifecycle dates via Lightspeed MCP or Red Hat lifecycle pages\n- Explains what updates each phase receives (security, bug, features)\n- Gives a concrete action recommendation (upgrade, EUS, patch normally)\n- Explains Red Hat's backporting model when relevant\n" + "summary_markdown": "Report the current lifecycle phase and support dates for any Red Hat product or version.\n**Use when:**\n- Is RHEL 8.6 still supported?\n- When does OpenShift 4.14 reach end of maintenance?\n- What App Streams are available for RHEL 9?\n**What it does:**\n- Retrieves lifecycle dates via the Red Hat Security MCP or Red Hat lifecycle pages\n- Explains what updates each phase receives (security, bug, features)\n- Gives a concrete action recommendation (upgrade, EUS, patch normally)\n- Explains Red Hat's backporting model when relevant\n" }, { "description": "Support Ticket Severity and SLA Guidance", @@ -124,11 +124,6 @@ "title": "Red Hat Product Life Cycles", "url": "https://access.redhat.com/product-life-cycles/" }, - { - "description": "Red Hat Insights console for inventory, CVE data, and patch advisory information.", - "title": "Red Hat Lightspeed", - "url": "https://console.redhat.com/insights" - }, { "description": "Official severity levels and SLA commitments for Red Hat support subscriptions.", "title": "Red Hat Support Severity Definitions", diff --git a/rh-basic/.catalog/collection.yaml b/rh-basic/.catalog/collection.yaml index 1a034012..a7e3d2fb 100644 --- a/rh-basic/.catalog/collection.yaml +++ b/rh-basic/.catalog/collection.yaml @@ -34,7 +34,7 @@ contents: - How severe is this CVE? - Should I patch CVE-X immediately? **What it does:** - - Looks up CVE metadata via Lightspeed MCP or Red Hat CVE pages + - Looks up CVE metadata via the Red Hat Security MCP or Red Hat CVE pages - Maps to Red Hat severity (Critical/Important/Moderate/Low) - Links to applicable security advisories (RHSA/RHBA/RHEA) - Gives a concrete action recommendation per severity @@ -70,7 +70,7 @@ contents: - When does OpenShift 4.14 reach end of maintenance? - What App Streams are available for RHEL 9? **What it does:** - - Retrieves lifecycle dates via Lightspeed MCP or Red Hat lifecycle pages + - Retrieves lifecycle dates via the Red Hat Security MCP or Red Hat lifecycle pages - Explains what updates each phase receives (security, bug, features) - Gives a concrete action recommendation (upgrade, EUS, patch normally) - Explains Red Hat's backporting model when relevant @@ -151,9 +151,9 @@ resources: - title: Red Hat Product Life Cycles url: https://access.redhat.com/product-life-cycles/ description: Lifecycle phase dates for RHEL, OpenShift, Ansible, and other Red Hat products. -- title: Red Hat Lightspeed - url: https://console.redhat.com/insights - description: Red Hat Insights console for inventory, CVE data, and patch advisory information. +- title: Red Hat Security MCP + url: https://security-mcp.api.redhat.com/mcp + description: Red Hat Security API MCP server providing live CVE, advisory, and errata data via browser SSO. - title: Red Hat Support Severity Definitions url: https://access.redhat.com/support/policy/support_process description: Official severity levels and SLA commitments for Red Hat support subscriptions. diff --git a/rh-basic/CLAUDE.md b/rh-basic/CLAUDE.md index 66744c08..71085c7f 100644 --- a/rh-basic/CLAUDE.md +++ b/rh-basic/CLAUDE.md @@ -1,10 +1,10 @@ # rh-basic Plugin -You are a Red Hat assistant for IT professionals working with Red Hat products. You help users understand CVE severity and remediation, gather diagnostics for support cases, check product lifecycle status, determine support ticket severity, and configure the Red Hat Lightspeed MCP server. +You are a Red Hat assistant for IT professionals working with Red Hat products. You help users understand CVE severity and remediation, gather diagnostics for support cases, check product lifecycle status, and determine support ticket severity. ## Skill-First Rule -ALWAYS use the appropriate skill for Red Hat workflows. Do NOT call MCP tools (`lightspeed-mcp`) directly — skills enforce correct tool sequencing, fallback logic, and credential safety. +ALWAYS use the appropriate skill for Red Hat workflows. Do NOT call MCP tools (`red-hat-security`) directly — skills enforce correct tool sequencing, fallback logic, and credential safety. To invoke a skill, use the Skill tool with the skill name (e.g., `/red-hat-cve-explainer`). @@ -34,6 +34,6 @@ Skills fall back to `WebFetch` on public Red Hat documentation when this server ## Global Rules 1. **Never expose credentials** — do not display API keys, tokens, or client secrets. Only report whether required environment variables appear set. -2. **Skill-first** — always route through a skill rather than calling `lightspeed-mcp` tools directly. +2. **Skill-first** — always route through a skill rather than calling `red-hat-security` tools directly. 3. **Fallback gracefully** — skills fall back to `WebFetch` when MCP tools are unavailable; never decline a request solely because a tool is missing. 4. **Suggest next steps** — after completing a skill, suggest related skills the user might run next. diff --git a/rh-basic/README.md b/rh-basic/README.md index 90cb3cd5..dd8d7e9b 100644 --- a/rh-basic/README.md +++ b/rh-basic/README.md @@ -9,8 +9,8 @@ Essential Red Hat skills for IT professionals working with Red Hat products. Thi The agentic skill pack for Red Hat customers provides lightweight, self-contained skills that work with or without a configured MCP server. Each skill falls back to web sources when MCP tools are unavailable. -- **5 skills** covering the most common Red Hat support and operations workflows -- **1 MCP server integration** (Red Hat Lightspeed) for live CVE and inventory data +- **6 skills** covering the most common Red Hat support and operations workflows +- **1 MCP server integration** (Red Hat Security MCP) for live CVE and advisory data - **Self-installing** via the `red-hat-get-started` skill ## Quick Start @@ -72,7 +72,7 @@ Reports the current lifecycle phase and support dates for any Red Hat product or - "What App Streams are available for RHEL 9?" **What it does:** -- Retrieves lifecycle dates via Lightspeed MCP or Red Hat lifecycle pages +- Retrieves lifecycle dates via the Red Hat Security MCP or Red Hat lifecycle pages - Explains what updates each phase receives (security, bug, features) - Gives a concrete action recommendation (upgrade, EUS, patch normally) - Explains Red Hat's backporting model @@ -99,6 +99,20 @@ Fetches and installs all skills from the agentic skill pack for Red Hat customer **Use when:** - Setting up Red Hat skills for the first time in a project +### 6. **red-hat-security-mcp-setup** - Red Hat Security MCP Configuration + +Adds the Red Hat Security MCP server to the current project's `.mcp.json` using HTTP transport and browser SSO. + +**Use when:** +- "Set up the Red Hat Security MCP server" +- "Add red-hat-security to my MCP config" + +**What it does:** +- Locates or creates `.mcp.json` in the project root +- Merges the `red-hat-security` HTTP transport entry without removing existing servers +- Explains the Red Hat Customer Portal SSO browser login flow +- Advises the user to restart Claude Code for the new server to take effect + ## Skills Decision Guide | User Request | Skill | Reason | @@ -108,6 +122,7 @@ Fetches and installs all skills from the agentic skill pack for Red Hat customer | "Is RHEL 8 still supported?" | **red-hat-product-lifecycle** | Lifecycle date lookup | | "What severity is my support case?" | **red-hat-support-severity** | SLA guidance | | "Install Red Hat skills" | **red-hat-get-started** | First-time setup | +| "Set up the Red Hat Security MCP server" | **red-hat-security-mcp-setup** | MCP server configuration | ## MCP Server Integration @@ -139,13 +154,13 @@ rh-basic/ ├── red-hat-diagnostics/SKILL.md ├── red-hat-get-started/SKILL.md ├── red-hat-product-lifecycle/SKILL.md + ├── red-hat-security-mcp-setup/SKILL.md └── red-hat-support-severity/SKILL.md ``` ## References - [Red Hat Customer Portal](https://access.redhat.com/) -- [Red Hat Lightspeed](https://console.redhat.com/insights) - [Red Hat Product Lifecycle](https://access.redhat.com/product-life-cycles/) - [Red Hat CVE Database](https://access.redhat.com/security/security-updates/#/cve) - [Lola Package Manager](https://github.com/RedHatProductSecurity/lola) From e2c42f2ff0d359260933824c323d22d0caadd6ee Mon Sep 17 00:00:00 2001 From: Erik M Jacobs Date: Fri, 8 May 2026 16:27:02 -0400 Subject: [PATCH 2/2] fix(rh-basic): regenerate collection.json from collection.yaml Run catalog_yaml_to_json.py to bring collection.json back in sync after manual edits to collection.yaml. Co-Authored-By: Claude Sonnet 4.6 --- rh-basic/.catalog/collection.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/rh-basic/.catalog/collection.json b/rh-basic/.catalog/collection.json index 1410aa9b..109121d2 100644 --- a/rh-basic/.catalog/collection.json +++ b/rh-basic/.catalog/collection.json @@ -124,6 +124,11 @@ "title": "Red Hat Product Life Cycles", "url": "https://access.redhat.com/product-life-cycles/" }, + { + "description": "Red Hat Security API MCP server providing live CVE, advisory, and errata data via browser SSO.", + "title": "Red Hat Security MCP", + "url": "https://security-mcp.api.redhat.com/mcp" + }, { "description": "Official severity levels and SLA commitments for Red Hat support subscriptions.", "title": "Red Hat Support Severity Definitions",