feat: add operator guide and project skills discovery MCP tools (#128)
Add three read-only capability-discovery tools so new LLM sessions can learn the workflow rules and available project skills from the MCP server instead of long pasted operator prompts: - mcp_get_control_plane_guide: active profile, authenticated identity (fail-soft; unresolved identity returns STOP instructions), allowed/forbidden operations, profile-aware guidance (author profiles are told review/approve/merge is forbidden; reviewer profiles are told review/merge requires eligibility checks and a pinned head SHA; mixed profiles get a misconfiguration warning), and the standing rules: hard stops, fail-closed behavior, head-SHA pinning, merge confirmation, redaction, author/reviewer/merger separation, profile switching, and identity verification. - mcp_list_project_skills: registry of ten project workflows (issue authoring, PR creation, PR review, PR merge, issue comments, profile switching, redaction/security review, Jenkins read-only, GlitchTip read-only, release/operator) with description, when-to-use, required operations, status, and per-profile availability. Unimplemented services are listed as designed-not-implemented rather than omitted. - mcp_get_skill_guide: step-by-step guide per skill; unknown names fail closed with the list of valid names. All three are read-only and change no existing gate or permission. Normal output contains no endpoint URLs or keychain IDs; the guide includes the server host only under GITEA_MCP_REVEAL_ENDPOINTS=1. Tests (tests/test_operator_guide.py, 17 new): profile-aware guidance for author/reviewer, unresolved-identity STOP, read-only behavior, redaction defaults and reveal opt-in, rules coverage, registry completeness and profile awareness, unimplemented-service marking, fail-closed unknown skill names. Docs: llm-workflow-runbooks.md now tells new sessions to call the guide tools first. Closes #128 Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
@@ -18,6 +18,17 @@ behavior they rely on already exists (canonical runtime profiles, the
|
||||
interactive setup menu, identity/eligibility checks, gated review/merge, and
|
||||
audit logging). See [Related documents](#related-documents).
|
||||
|
||||
> **New session? Call the guide tools first (#128).** Before using any other
|
||||
> Gitea MCP tool in a fresh session, call `mcp_get_control_plane_guide`
|
||||
> (read-only): it reports the active profile, authenticated identity,
|
||||
> allowed/forbidden operations, profile-aware do/don't guidance, and the
|
||||
> non-negotiable rules (hard stops, fail-closed behavior, head-SHA pinning,
|
||||
> merge confirmation, redaction, author/reviewer separation, profile
|
||||
> switching). Then call `mcp_list_project_skills` to discover the available
|
||||
> project workflows and `mcp_get_skill_guide(<name>)` for step-by-step
|
||||
> instructions. This replaces long pasted operator prompts for the standard
|
||||
> rules; operator prompts still control task-specific scope.
|
||||
|
||||
For cross-project use, copy the portable workflow skill at
|
||||
[`../skills/llm-project-workflow/SKILL.md`](../skills/llm-project-workflow/SKILL.md).
|
||||
It extracts the issue-first, isolated-worktree, no-self-review, profile-safety,
|
||||
|
||||
Reference in New Issue
Block a user