Add MCP Control Plane operator guide and project skill registry tools #129

Closed
opened 2026-07-03 18:37:55 -05:00 by jcwalker3 · 0 comments
Owner

Problem

New LLM sessions are being brought into the MCP Control Plane / Gitea-Tools project without enough built-in context. Even when MCP tool schemas are visible, the LLM may not know the project-specific operating rules, profile model, identity gates, hard stops, or higher-level workflows.

Tool availability is not the same as skill availability. The MCP server should expose a read-only guide and skill registry so new LLM operators can understand how to use the tools correctly without relying on long pasted prompts.

Proposed Tools

  1. mcp_get_control_plane_guide
  2. mcp_list_project_skills
  3. Optional: mcp_get_skill_guide

Requirements

  1. mcp_get_control_plane_guide: Must return the high-level operating model:
    • Active profile
    • Authenticated identity
    • Allowed operations
    • Forbidden operations
    • Profile switching rules
    • Identity verification steps
    • Author/reviewer/merger separation
    • Hard stops
    • Fail-closed rules
    • Head-SHA pinning
    • Merge confirmation requirements
    • Redaction/secrets rules
    • No force-merge / no tags / no production reminders
  2. mcp_list_project_skills: Must return a safe, read-only list of available project skills/workflows, such as:
    • Gitea issue authoring
    • Gitea PR creation
    • Gitea PR review
    • Gitea PR merge
    • Gitea issue comments
    • Profile switching
    • Redaction/security review
    • Jenkins read-only workflow
    • GlitchTip read-only workflow
    • Release/operator workflows
  3. mcp_get_skill_guide: Should return details for one skill:
    • Skill name
    • Purpose
    • When to use it
    • Required profile/permissions
    • Allowed actions
    • Forbidden actions
    • Step-by-step workflow
    • Required verification checks
    • Hard stops
    • Common mistakes
    • Example prompts
    • Related docs/issues
  4. Safety & Redaction: All guide/skill outputs must be safe for LLM display:
    • No tokens
    • No secrets
    • No raw keychain IDs
    • No raw service URLs unless GITEA_MCP_REVEAL_ENDPOINTS=1 is set
    • No private config paths unless allowed by existing redaction policy
  5. Read-Only: The tools must be read-only and must not weaken existing gates.
  6. Testing: Add tests proving:
    • Guide tools are read-only
    • Output is profile-aware
    • Author profile warns against review/merge
    • Reviewer profile still requires eligibility and pinned-head checks
    • Unknown or unresolved identity returns stop/fail-closed guidance
    • Secrets, keychain IDs, and service URLs are redacted
    • Skill list includes expected workflows
    • Skill details return useful instructions without exposing sensitive data

Acceptance Criteria

  • New LLM sessions can call one guide tool to understand the MCP Control Plane operating model.
  • New LLM sessions can list and inspect available project skills/workflows.
  • Existing Gitea security gates remain unchanged.
  • No permissions are expanded.
  • Documentation tells future LLM operators to call the guide/skill tools before using MCP tools in a new session.
## Problem New LLM sessions are being brought into the MCP Control Plane / Gitea-Tools project without enough built-in context. Even when MCP tool schemas are visible, the LLM may not know the project-specific operating rules, profile model, identity gates, hard stops, or higher-level workflows. Tool availability is not the same as skill availability. The MCP server should expose a read-only guide and skill registry so new LLM operators can understand how to use the tools correctly without relying on long pasted prompts. ## Proposed Tools 1. `mcp_get_control_plane_guide` 2. `mcp_list_project_skills` 3. Optional: `mcp_get_skill_guide` ## Requirements 1. **`mcp_get_control_plane_guide`:** Must return the high-level operating model: - Active profile - Authenticated identity - Allowed operations - Forbidden operations - Profile switching rules - Identity verification steps - Author/reviewer/merger separation - Hard stops - Fail-closed rules - Head-SHA pinning - Merge confirmation requirements - Redaction/secrets rules - No force-merge / no tags / no production reminders 2. **`mcp_list_project_skills`:** Must return a safe, read-only list of available project skills/workflows, such as: - Gitea issue authoring - Gitea PR creation - Gitea PR review - Gitea PR merge - Gitea issue comments - Profile switching - Redaction/security review - Jenkins read-only workflow - GlitchTip read-only workflow - Release/operator workflows 3. **`mcp_get_skill_guide`:** Should return details for one skill: - Skill name - Purpose - When to use it - Required profile/permissions - Allowed actions - Forbidden actions - Step-by-step workflow - Required verification checks - Hard stops - Common mistakes - Example prompts - Related docs/issues 4. **Safety & Redaction:** All guide/skill outputs must be safe for LLM display: - No tokens - No secrets - No raw keychain IDs - No raw service URLs unless `GITEA_MCP_REVEAL_ENDPOINTS=1` is set - No private config paths unless allowed by existing redaction policy 5. **Read-Only:** The tools must be read-only and must not weaken existing gates. 6. **Testing:** Add tests proving: - Guide tools are read-only - Output is profile-aware - Author profile warns against review/merge - Reviewer profile still requires eligibility and pinned-head checks - Unknown or unresolved identity returns stop/fail-closed guidance - Secrets, keychain IDs, and service URLs are redacted - Skill list includes expected workflows - Skill details return useful instructions without exposing sensitive data ## Acceptance Criteria - New LLM sessions can call one guide tool to understand the MCP Control Plane operating model. - New LLM sessions can list and inspect available project skills/workflows. - Existing Gitea security gates remain unchanged. - No permissions are expanded. - Documentation tells future LLM operators to call the guide/skill tools before using MCP tools in a new session.
jcwalker3 added the status:in-progress label 2026-07-04 16:44:06 -05:00
sysadmin removed the status:in-progress label 2026-07-04 16:49:48 -05:00
Sign in to join this conversation.