fix: fix the reliance on resources (#31)

owenrumney · web-flow · commit d07b63656b0c · 2025-05-17T14:51:26.000+01:00
diff --git a/pkg/tools/scan/aqua.go b/pkg/tools/scan/aqua.go
@@ -3,8 +3,8 @@ package scan
 import (
 	"context"
 	"errors"
+	"fmt"
 	"os"
-	"strings"
 
 	"path/filepath"
 
@@ -16,6 +16,9 @@ import (
 
 func (t *ScanTools) scanWithAquaPlatform(ctx context.Context, args []string, creds creds.AquaCreds) (*mcp.CallToolResult, error) {
 
+	// add quiet to reduce the noise
+	args = append(args, "--quiet")
+
 	logger := log.WithPrefix("aqua")
 	logger.Debug("Scanning with args", log.Any("args", args))
 	logger.Info("Using Aqua platform for scanning")
@@ -66,14 +69,15 @@ func (t *ScanTools) scanWithAquaPlatform(ctx context.Context, args []string, cre
 
 	logger.Debug("Environment", log.Any("ENV", os.Environ()))
 
-	tempFile := filepath.Join(os.TempDir(), "trivy-mcp-scan.results.json")
+	filename := "trivy-mcp-scan.results.json"
+	resultsFilePath := filepath.Join(os.TempDir(), filename)
 	defer func() {
-		if err := os.Remove(tempFile); err != nil {
+		if err := os.Remove(resultsFilePath); err != nil {
 			logger.Error("Failed to remove temp file", log.Err(err))
 		}
 	}()
 
-	if err := os.Setenv("AQUA_ASSURANCE_EXPORT", tempFile); err != nil {
+	if err := os.Setenv("AQUA_ASSURANCE_EXPORT", resultsFilePath); err != nil {
 		logger.Error("Failed to set Aqua assurance export in environment variables", log.Err(err))
 		return nil, err
 	}
@@ -83,11 +87,15 @@ func (t *ScanTools) scanWithAquaPlatform(ctx context.Context, args []string, cre
 		return nil, err
 	}
 
-	sb := strings.Builder{}
-	sb.WriteString("Aqua scan results:\n")
-	sb.WriteString("====================================\n")
-	sb.WriteString("Scan completed successfully\n")
-
-	return mcp.NewToolResultText(sb.String()), nil
+	return mcp.NewToolResultResource(
+		fmt.Sprintf(`The results can be found in the file "%s", which is found at "%s" \n
+		 Summarise the contents of the file and report it back to the user in a nicely formatted way.\n
+	It is important that the output MUST include the ID and the severity of the issues to inform the user of the issues.
+	`, filename, resultsFilePath),
+		mcp.TextResourceContents{
+			URI:      resultsFilePath,
+			MIMEType: "application/json",
+		},
+	), nil
 
 }
diff --git a/pkg/tools/scan/scan.go b/pkg/tools/scan/scan.go
@@ -160,23 +160,14 @@ func (t *ScanTools) ScanWithTrivyHandler(ctx context.Context, request mcp.CallTo
 		return result, nil
 	}
 
-	defer func() {
-		if err := os.Remove(resultsFilePath); err != nil {
-			logger.Error("Failed to remove results file", log.Err(err))
-		}
-	}()
-
-	content, err := os.ReadFile(resultsFilePath)
-	if err != nil {
-		logger.Error("Failed to read scan results file", log.Err(err))
-		return nil, errors.New("failed to read scan results file")
-	}
-
 	return mcp.NewToolResultResource(
-		"The embedded resource is a human readable JSON format and found at the filepath that can be further processed.",
+		fmt.Sprintf(`The results can be found in the file "%s", which is found at "%s" \n
+		 Summarise the contents of the file and report it back to the user in a nicely formatted way.\n
+	It is important that the output MUST include the ID and the severity of the issues to inform the user of the issues.
+	`, filename, resultsFilePath),
 		mcp.TextResourceContents{
-			URI:  resultsFilePath,
-			Text: string(content),
+			URI:      resultsFilePath,
+			MIMEType: "application/json",
 		},
 	), nil
 }
diff --git a/plugin.yaml b/plugin.yaml
@@ -1,7 +1,7 @@
 name: mcp
 repository: github.com/aquasecurity/trivy-mcp
 maintainer: aquasecurity
-version: 0.0.6
+version: 0.0.7
 summary: Starts an MCP server that knows how to work with Trivy
 description: |-
   A Trivy plugin that starts an MCP server that knows how to work with Trivy.
@@ -10,25 +10,25 @@ platforms:
     - selector:
         os: linux
         arch: amd64
-      uri: https://github.com/aquasecurity/trivy-mcp/releases/download/v0.0.6/trivy-mcp-linux-amd64.tar.gz
+      uri: https://github.com/aquasecurity/trivy-mcp/releases/download/v0.0.7/trivy-mcp-linux-amd64.tar.gz
       bin: ./trivy-mcp
     - selector:
         os: linux
         arch: arm64
-      uri: https://github.com/aquasecurity/trivy-mcp/releases/download/v0.0.6/trivy-mcp-linux-arm64.tar.gz
+      uri: https://github.com/aquasecurity/trivy-mcp/releases/download/v0.0.7/trivy-mcp-linux-arm64.tar.gz
       bin: ./trivy-mcp
     - selector:
         os: darwin
         arch: amd64
-      uri: https://github.com/aquasecurity/trivy-mcp/releases/download/v0.0.6/trivy-mcp-darwin-amd64.tar.gz
+      uri: https://github.com/aquasecurity/trivy-mcp/releases/download/v0.0.7/trivy-mcp-darwin-amd64.tar.gz
       bin: ./trivy-mcp
     - selector:
         os: darwin
         arch: arm64
-      uri: https://github.com/aquasecurity/trivy-mcp/releases/download/v0.0.6/trivy-mcp-darwin-arm64.tar.gz
+      uri: https://github.com/aquasecurity/trivy-mcp/releases/download/v0.0.7/trivy-mcp-darwin-arm64.tar.gz
       bin: ./trivy-mcp
     - selector:
         os: windows
         arch: amd64
-      uri: https://github.com/aquasecurity/trivy-mcp/releases/download/v0.0.6/trivy-mcp-windows-amd64.tar.gz
+      uri: https://github.com/aquasecurity/trivy-mcp/releases/download/v0.0.7/trivy-mcp-windows-amd64.tar.gz
       bin: ./trivy-mcp
