refactor: improved red-hat-security-mcp-setup to be agent agnostic

[lkrzyzanek]

Summary

Added claude CLI support with evaluation script (requires interactive mode) and generic "mcp.json" way.

The skill itself now also tries to trigger authentication and verifies it during the setup.

Pack(s) affected

• ocp-admin
• rh-ai-engineer
• rh-automation
• rh-basic
• rh-developer
• rh-sre
• rh-virt
• Other / repo-wide

Change type

• New skill
• New agent
• New pack
• Update existing skill / agent
• MCP server config (mcps.json)
• Docs / README
• CI / tooling
• Federation (external pack)

Contribution method

• Created/imported with /agentic-contribution-skill
• Manual contribution (validated with make validate + make validate-skill-design-changed)

Pack-persona alignment (new skills only)

CLAUDE.md compliance

• Agents orchestrate skills; no direct MCP/tool calls in agents
• Skills are single-purpose task executors
• Skills encapsulate all tool access (MCP tools invoked only inside skills)
• Document consultation: file is read with the Read tool, then declared to the user
• No credentials hardcoded; env vars used via ${VAR} references
• Human-in-the-loop confirmation added for any destructive or critical operations

Federation request (external pack)

• Repository URL:
• Pack path:
• Ref:
• License:
• Contact:

Validation

• make validate passes locally
• New/changed skills have valid YAML frontmatter (name, description)
• New/changed agents have valid YAML frontmatter (name, description)

[dmartinol]

what's the reason to mention the /red-hat-cve-explainer skill here?

[lkrzyzanek]

Claude add it as a hint for next step
At some degree it make sense to navigate user what to do next.

But I can remove it if it doesn't fit into whole picture.