Execute qualquer Skill no Manus
com um clique

Execute qualquer Skill no Manus com um clique

tool-invocation-rules

Estrelas0

Forks5

Atualizado25 de maio de 2026 às 14:44

Extends the base tool invocation format with examples of correct vs. incorrect invocations, argument formatting guidance, schema lookup procedures, and edge cases for unknown tools. [STRICT]

Instalação

Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.

Executar no Manus

Fonte

RHEcosystemAppEng

RHEcosystemAppEng/google-lightspeed-agent

Abrir repositório GitHub Ver repositórios do creator

Download

Executar no Manus

Ocupações relacionadasSOC

Baseado na classificação ocupacional SOC

Desenvolvedores de softwareInformática e Matemática·SOC 15-1252

SKILL.md

readonly

name	tool-invocation-rules
description	Extends the base tool invocation format with examples of correct vs. incorrect invocations, argument formatting guidance, schema lookup procedures, and edge cases for unknown tools. [STRICT]
metadata	{"author":"red-hat","version":"1.1"}

Tool Invocation — Extended Rules [STRICT]

In addition to the base tool invocation format in the system prompt, follow these detailed rules and examples.

Correct vs. Incorrect Invocation

Correct — a single function call with JSON arguments:

tool: vulnerability__get_cves
args: {"limit": 20, "severity": "Critical", "sort": "-cvss_score"}

Incorrect — generating code that would call the API:

# NEVER do this:
response = default_api.get_cves(limit=20, severity="Critical")
for cve in response.data:
    print(cve.id)

Incorrect — pseudocode or instructional text:

Step 1: Call the vulnerability API at /api/v1/cves?limit=20
Step 2: Parse the JSON response...

Even when describing a multi-step plan to the user, execute each step as an actual tool call — do not write out what the calls "would look like."

Argument Formatting

Pass arguments as their native JSON types: strings as "text", numbers as 20 (not "20"), booleans as true/false (not "true"/"false").
Omit optional arguments you don't need — do not pass them as null or empty strings unless the schema specifically requires it.
For list/array parameters, use JSON arrays: ["tag1", "tag2"], not comma-separated strings.

Schema Lookup

If you're unsure about a tool's parameters, call the corresponding *_get_openapi tool (e.g., vulnerability__get_openapi) to retrieve the schema. Prefer this over guessing parameter names or types. However, for well-known parameters documented in the multi-step-workflows skill (like limit, offset, severity, sort), use them directly without a schema lookup.

Tool Discovery

Only invoke tools that are registered and available in your current toolset. Do not invent tool names or guess at tools that might exist.
If a user asks for something and no matching tool exists, say so clearly rather than attempting a plausible-sounding tool name.
When describing your capabilities to users, use domain terms ("I can look up your CVE data" or "I can check your host inventory") rather than exposing internal tool names.

One Action Per Call

Each tool call performs exactly one action. To query CVEs for three different hosts, make three separate tool calls — do not try to batch them into a single call unless the tool schema explicitly supports a list of host IDs.

Mais deste repositório

mesmo repositório

multi-step-workflows

RHEcosystemAppEng/google-lightspeed-agent

Guides multi-step tool chaining and common filter parameters for Inventory, Vulnerability, and Advisor tools. Enables the agent to combine information from multiple tools to answer complex queries instead of giving up after a single call. [PREFERRED]

2026-06-110

efficient-counting

RHEcosystemAppEng/google-lightspeed-agent

Answers total/count/"how many?" queries for any resource — CVEs, hosts, advisory rules, blueprints, subscriptions, or content sources — with a single API call using limit=1 and response metadata instead of fetching all pages. [PREFERRED]

2026-06-110

pagination-handling

RHEcosystemAppEng/google-lightspeed-agent

Teaches the agent how to handle paginated API responses correctly. Covers default fetch behavior, pagination metadata interpretation, stop conditions, and per-API pagination conventions for Vulnerability, Inventory, Advisor, and other tool categories. [PREFERRED]

2026-06-110

guardrails-safety

RHEcosystemAppEng/google-lightspeed-agent

Extends the base guardrails with detailed examples, edge cases, and severity-interpretation rules. Covers scope edge cases, prompt-injection patterns to recognize, data-integrity examples, and CVE severity context (advisor vs. vulnerability). [STRICT]

2026-05-250

error-handling

RHEcosystemAppEng/google-lightspeed-agent

Handles oversized tool results and tool errors gracefully. Teaches the agent to retry with narrower queries on oversized responses and to interpret HTTP status codes correctly instead of silently swallowing failures. [PREFERRED]

2026-05-250

response-formatting

RHEcosystemAppEng/google-lightspeed-agent

Defines the agent's capabilities reference and response style including output formatting rules for CVE lists, host inventories, advisor recommendations, and mixed results. [GUIDANCE]

2026-05-250

name	tool-invocation-rules
description	Extends the base tool invocation format with examples of correct vs. incorrect invocations, argument formatting guidance, schema lookup procedures, and edge cases for unknown tools. [STRICT]
metadata	{"author":"red-hat","version":"1.1"}

Tool Invocation — Extended Rules [STRICT]

In addition to the base tool invocation format in the system prompt, follow these detailed rules and examples.

Correct vs. Incorrect Invocation

Correct — a single function call with JSON arguments:

tool: vulnerability__get_cves
args: {"limit": 20, "severity": "Critical", "sort": "-cvss_score"}

Incorrect — generating code that would call the API:

# NEVER do this:
response = default_api.get_cves(limit=20, severity="Critical")
for cve in response.data:
    print(cve.id)

Incorrect — pseudocode or instructional text:

Step 1: Call the vulnerability API at /api/v1/cves?limit=20
Step 2: Parse the JSON response...

Even when describing a multi-step plan to the user, execute each step as an actual tool call — do not write out what the calls "would look like."

Argument Formatting

Pass arguments as their native JSON types: strings as "text", numbers as 20 (not "20"), booleans as true/false (not "true"/"false").
Omit optional arguments you don't need — do not pass them as null or empty strings unless the schema specifically requires it.
For list/array parameters, use JSON arrays: ["tag1", "tag2"], not comma-separated strings.

Schema Lookup

Tool Discovery

Only invoke tools that are registered and available in your current toolset. Do not invent tool names or guess at tools that might exist.
If a user asks for something and no matching tool exists, say so clearly rather than attempting a plausible-sounding tool name.
When describing your capabilities to users, use domain terms ("I can look up your CVE data" or "I can check your host inventory") rather than exposing internal tool names.