Skip to main content

Agent Skills

The Signadot MCP server gives a coding agent the tools it needs to talk to Signadot. An agent skill sits on top of those tools and gives the agent a workflow: when to reach for a sandbox, what counts as proof, and how to recover when something goes wrong.

Skills are agent-agnostic. Any coding agent that supports the Skills format can load them.

SkillPurpose
signadot-validateValidate code changes against real cluster dependencies before declaring a task done.
signadot-plan (coming soon)Author and iterate on reusable Signadot plan specs.

signadot-validate

Coding agents are good at writing code and bad at proving it works in a microservice. signadot-validate closes that loop. It runs the changed service locally, routes real cluster traffic to it with a routing key, and iterates until validation passes. See the signadot/agent-skills README for installation.

What to expect

A few non-obvious things the skill does that are worth knowing up front:

  • Validation runs through the cluster URL, not localhost. A successful curl to http://localhost:8080 doesn't count, because it bypasses the service mesh and the routing-key propagation path you actually want to exercise.
  • The sandbox sticks around. The default is to leave it up so you can inspect it or re-run validation. The agent surfaces the signadot sandbox delete command but doesn't run it.
  • Secrets are pulled but not printed. When the skill reconstructs the environment from ConfigMaps and Secrets, secret values are redacted in chat and logs.
  • The agent iterates on its own for mechanical failures like missing env vars, stale processes, or wrong ports. It stops to ask only when the fix is a judgment call, such as choosing between fixing forward or keeping things backward-compatible.
  • Local image builds are a last resort. The skill prefers running the changed service as a local process. It only falls back to building and pushing an image when the service genuinely cannot run outside the cluster.
  • Shared resources are gated. Creating an isolated sandbox is autonomous. Updating a shared sandbox or route group, adding public preview endpoints, or running sudo signadot local connect all require your confirmation.

signadot-plan

Coming soon. signadot-plan will help an agent author, run, and tag reusable validation flows so that a verified behavior can be captured as a reusable check.