"Managing Kubernetes Clusters on AWS Elastic Beanstalk" matching MCP tools:

• awsinspect_batch

  InsideOut (Riley)

  BATCH INSPECTION: run up to 32 AWS inspect probes in one call. ⚠️ **PREREQUISITE**: Same as awsinspect — deploy attempt required. Check convostatus for hasDeployAttempt=true before calling. Use this when you need to check more than ~3 resources. The backend fetches Oracle credentials ONCE per batch and fans out probes against a single AWS config — for a 12-resource health check this is ~5–8× faster and 12× fewer Oracle round-trips than calling awsinspect 12 times. BUDGETS: - Up to 32 sub-probes per call (subs array length). - 30s per-sub timeout; 60s total batch wall-clock. - Concurrency cap 8 — sub-probes run in parallel but never saturate AWS. - 512 KB response cap: subs past the cap keep their envelope (index/service/action/ok) but have result replaced with truncated=true. PARTIAL FAILURE IS EXPECTED. The response is an ordered results array; each entry has {index, service, action, ok, result, error}. Inspect each result — do NOT abort on the first error. A credential fetch failure leaves cred-less probes (list-actions, list-metrics) succeeding anyway. REQUIRES: session_id from convoopen response (format: sess_v2_...). Supported services: account, alb, apigateway, backup, bedrock, cloudfront, cloudwatchlogs, cognito, cost-explorer, dynamodb, ebs, ec2, ecs, eks, elasticache, kms, lambda, msk, opensearch, rds, s3, secretsmanager, sqs, vpc, waf For a specific service's actions, use awsinspect (singular) with action="list-actions" — batch is not the place for discovery. Batch responses are always summarized (no detail/raw per-sub); use singular awsinspect when you need full metadata or raw API output for one resource. EXAMPLES: - awsinspect_batch(session_id=..., subs=[ {"service":"ec2","action":"describe-instances"}, {"service":"rds","action":"describe-db-instances"}, {"service":"vpc","action":"describe-vpcs"}, {"service":"s3","action":"list-buckets"}]) - awsinspect_batch(session_id=..., subs=[ {"service":"ec2","action":"get-metrics","filters":"{\"hours\":6}"}, {"service":"rds","action":"get-metrics","filters":"{\"hours\":6}"}])

  Connector

• awsinspect_batch

  InsideOut (Riley)

  BATCH INSPECTION: run up to 32 AWS inspect probes in one call. ⚠️ **PREREQUISITE**: Same as awsinspect — deploy attempt required. Check convostatus for hasDeployAttempt=true before calling. Use this when you need to check more than ~3 resources. The backend fetches Oracle credentials ONCE per batch and fans out probes against a single AWS config — for a 12-resource health check this is ~5–8× faster and 12× fewer Oracle round-trips than calling awsinspect 12 times. BUDGETS: - Up to 32 sub-probes per call (subs array length). - 30s per-sub timeout; 60s total batch wall-clock. - Concurrency cap 8 — sub-probes run in parallel but never saturate AWS. - 512 KB response cap: subs past the cap keep their envelope (index/service/action/ok) but have result replaced with truncated=true. PARTIAL FAILURE IS EXPECTED. The response is an ordered results array; each entry has {index, service, action, ok, result, error}. Inspect each result — do NOT abort on the first error. A credential fetch failure leaves cred-less probes (list-actions, list-metrics) succeeding anyway. REQUIRES: session_id from convoopen response (format: sess_v2_...). Supported services: account, alb, apigateway, backup, bedrock, cloudfront, cloudwatchlogs, cognito, cost-explorer, dynamodb, ebs, ec2, ecs, eks, elasticache, kms, lambda, msk, opensearch, rds, s3, secretsmanager, sqs, vpc, waf For a specific service's actions, use awsinspect (singular) with action="list-actions" — batch is not the place for discovery. Batch responses are always summarized (no detail/raw per-sub); use singular awsinspect when you need full metadata or raw API output for one resource. EXAMPLES: - awsinspect_batch(session_id=..., subs=[ {"service":"ec2","action":"describe-instances"}, {"service":"rds","action":"describe-db-instances"}, {"service":"vpc","action":"describe-vpcs"}, {"service":"s3","action":"list-buckets"}]) - awsinspect_batch(session_id=..., subs=[ {"service":"ec2","action":"get-metrics","filters":"{\"hours\":6}"}, {"service":"rds","action":"get-metrics","filters":"{\"hours\":6}"}])

  Connector

• aws___read_documentation

  AWS Knowledge

  Fetch and convert AWS related documentation pages to markdown format. ## Usage This tool reads documentation pages concurrently and converts them to markdown format. Supports AWS documentation, AWS Amplify docs, AWS GitHub repositories and CDK construct documentation. When content is truncated, a Table of Contents (TOC) with character positions is included to help navigate large documents. ## Best Practices - Batch 2-5 requests when reading multiple pages or jumping to different sections of the same document - Use single request for initial TOC fetch (small max_length) or when evaluating content before deciding next steps - Use TOC character positions to jump directly to relevant sections - Stop early once you find the needed information ## Request Format Each request must be an object with: - `url`: The documentation URL to fetch (required) - `max_length`: Maximum characters to return (optional, default: 10000 characters) - `start_index`: Starting character position (optional, default: 0) For batching you can input a list of requests. ## Example Request ``` { "requests": [ { "url": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-management.html", "max_length": 5000, "start_index": 0 }, { "url": "https://repost.aws/knowledge-center/ec2-instance-connection-troubleshooting" } ] } ``` ## URL Requirements Allow-listed URL prefixes: - docs.aws.amazon.com - aws.amazon.com - repost.aws/knowledge-center - docs.amplify.aws - ui.docs.amplify.aws - github.com/aws-cloudformation/aws-cloudformation-templates - github.com/aws-samples/aws-cdk-examples - github.com/aws-samples/generative-ai-cdk-constructs-samples - github.com/aws-samples/serverless-patterns - github.com/awsdocs/aws-cdk-guide - github.com/awslabs/aws-solutions-constructs - github.com/cdklabs/cdk-nag - constructs.dev/packages/@aws-cdk-containers - constructs.dev/packages/@aws-cdk - constructs.dev/packages/@cdk-cloudformation - constructs.dev/packages/aws-analytics-reference-architecture - constructs.dev/packages/aws-cdk-lib - constructs.dev/packages/cdk-amazon-chime-resources - constructs.dev/packages/cdk-aws-lambda-powertools-layer - constructs.dev/packages/cdk-ecr-deployment - constructs.dev/packages/cdk-lambda-powertools-python-layer - constructs.dev/packages/cdk-serverless-clamscan - constructs.dev/packages/cdk8s - constructs.dev/packages/cdk8s-plus-33 - strandsagents.com/ Deny-listed URL prefixes: - aws.amazon.com/marketplace ## Example URLs - https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html - https://docs.aws.amazon.com/lambda/latest/dg/lambda-invocation.html - https://aws.amazon.com/about-aws/whats-new/2023/02/aws-telco-network-builder/ - https://aws.amazon.com/builders-library/ensuring-rollback-safety-during-deployments/ - https://aws.amazon.com/blogs/developer/make-the-most-of-community-resources-for-aws-sdks-and-tools/ - https://repost.aws/knowledge-center/example-article - https://docs.amplify.aws/react/build-a-backend/auth/ - https://ui.docs.amplify.aws/angular/connected-components/authenticator - https://github.com/aws-samples/aws-cdk-examples/blob/main/README.md - https://github.com/awslabs/aws-solutions-constructs/blob/main/README.md - https://constructs.dev/packages/aws-cdk-lib/v/2.229.1?submodule=aws_lambda&lang=typescript - https://github.com/aws-cloudformation/aws-cloudformation-templates/blob/main/README.md - https://strandsagents.com/docs/user-guide/quickstart/overview/index.md ## Output Format Returns a list of results, one per request: - Success: Markdown content with `status: "SUCCESS"`, `total_length`, `start_index`, `end_index`, `truncated`, `redirected_url` (if page was redirected) - Error: Error message with `status: "ERROR"`, `error_code` (not_found, invalid_url, throttled, downstream_error, validation_error) - Truncated content includes a ToC with character positions for navigation - Redirected pages include a note in the content and populate the `redirected_url` field ## Handling Long Documents If the response indicates the document was truncated, you have several options: 1. **Continue Reading**: Make another call with `start_index` set to the previous `end_index` 2. **Jump to Section**: Use the ToC character positions to jump directly to specific sections 3. **Stop Early**: Stop reading once you've found the needed information **Example - Jump to Section:** ``` # TOC shows: "Using a logging library (char 3331-6016)" # Jump directly to that section: {"requests":[{"url": "https://docs.aws.amazon.com/lambda/latest/dg/python-logging.html", "start_index": 3331, "max_length": 3000}]} ```

  Connector

• aws___get_regional_availability

  AWS Knowledge

  Check AWS resource availability across regions for products (service and features), APIs, and CloudFormation resources. ## Quick Reference - Maximum 10 regions per call (split into multiple calls for more regions) - Single region: filters optional, supports pagination - Multiple regions: filters required, no pagination, queries run concurrently - Status values: 'isAvailableIn' | 'isNotAvailableIn' | 'isPlannedIn' | 'Not Found' - Response field: 'products' (product), 'service_apis' (api), 'cfn_resources' (cfn) ## When to Use 1. Pre-deployment Validation - Verify resource availability before deployment - Prevent deployment failures due to regional restrictions - Validate multi-region architecture requirements 2. Architecture Planning - Design region-specific solutions - Plan multi-region deployments - Compare regional capabilities ## Examples **Check specific resources in one region**: ``` regions=["us-east-1"], resource_type="product", filters=["AWS Lambda"] regions=["us-east-1"], resource_type="api", filters=["Lambda+Invoke", "S3+GetObject"] regions=["us-east-1"], resource_type="cfn", filters=["AWS::Lambda::Function"] ``` **Compare availability across regions**: ``` regions=["us-east-1", "eu-west-1"], resource_type="product", filters=["AWS Lambda"] ``` **Explore all resources** (single region only, with pagination handling support via next_token due to large output): ``` regions=["us-east-1"], resource_type="product" ``` Follow up with next_token from response to get more results. ## Response Format **Single Region**: Flat structure with optional next_token. Example: ``` {"products": {"AWS Lambda": "isAvailableIn"}, "next_token": null, "failed_regions": null} ``` **Multiple Regions**: Nested by region. Example: ``` {"products": {"AWS Lambda": {"us-east-1": "isAvailableIn", "eu-west-2": "isAvailableIn"}}, ...} ``` ## Filter Guidelines The filters must be passed as an array of values and must follow the format below. 1. Product - service and feature (resource_type='product') Format: 'Product' Example filters: - ['Latency-Based Routing', 'AWS Amplify', 'AWS Application Auto Scaling'] - ['PrivateLink Support', 'Amazon Aurora'] 2. APIs (resource_type='api') Format: to filter on API level 'SdkServiceId+APIOperation' Example filters: - ['Athena+UpdateNamedQuery', 'ACM PCA+CreateCertificateAuthority', 'IAM+GetSSHPublicKey'] Format: to filter on SdkService level 'SdkServiceId' Example filters: - ['EC2', 'ACM PCA'] 3. CloudFormation (resource_type='cfn') Format: 'CloudformationResourceType' Example filters: - ['AWS::EC2::Instance', 'AWS::Lambda::Function', 'AWS::Logs::LogGroup']

  Connector

• convoopen

  InsideOut (Riley)

  WORKFLOW: Step 1 of 4 - Start infrastructure design conversation Open an InsideOut V2 session and receive the assistant's intro message. The response contains a clean message from Riley (the infrastructure advisor) - display it to the user. ⚠️ Riley will ask questions - forward these to the user, DO NOT answer on their behalf. CRITICAL: This tool returns a session_id in the response metadata. You MUST use this session_id for ALL subsequent tool calls (convoreply, tfgenerate, tfdeploy, etc.). Use when the user mentions keywords like: 'setup my cloud infra', 'provision infrastructure', 'deploy infra', 'start insideout', 'use insideout', or similar intent to begin infra setup. OPTIONAL: project_context (string) - General tech stack summary so Riley can skip discovery questions and jump to recommendations. The agent should confirm this with the user before sending. Include whichever apply: language/framework, databases/services, container usage, existing IaC, CI/CD platform, cloud provider, Kubernetes usage, what the project does. Example: 'Next.js 14 + TypeScript, PostgreSQL, Redis, Docker Compose, deployed to AWS ECS, GitHub Actions CI/CD, ~50k MAU'. NEVER include credentials, secrets, API keys, PII, source code, or internal URLs/IPs -- only general metadata summaries useful to a cloud architect agent. IMPORTANT: source (string) - You MUST set this to identify which IDE/tool you are. Auto-detect from your environment: 'claude-code', 'codex', 'antigravity', 'kiro', 'vscode', 'web', 'mcp'. If unsure, use the name of your IDE/tool in lowercase. Do NOT omit this — it controls the 'Open {IDE}' button on the credential connect screen. OPTIONAL: github_username (string) - GitHub username for deploy commit attribution. Pre-populates the GitHub username field on the connect page. 💡 TIP: Examine workflow.usage prompt for more context on how to properly use these tools.

  Connector

• secret_scan

  AgentSec MCP

  Scan text content for hardcoded secrets, API keys, and credentials using 20 pre-compiled patterns. Privacy guarantee: Input text is NEVER logged, cached, stored, or forwarded. Only findings_count and finding offsets (not matched values) are returned. Detected pattern types include: AWS keys, GitHub/GitLab PATs, OpenAI/Anthropic keys, Stripe secrets, Slack tokens, PEM private keys, JWT tokens, and 13 more. Per-call rate limit: 100/min. Payment: $0.05 USDC per scan.

  Connector

• browse_by_tag

  AI Agents Overflow

  Browse the knowledge base by technology tag at the START of a task. Call this when beginning work with a specific technology to discover what verified knowledge already exists — before you hit problems. Examples of useful tags: 'pytorch', 'cuda', 'fastapi', 'docker', 'ros2', 'numpy', 'jetson', 'arm64', 'postgresql', 'redis', 'kubernetes', 'react'. Returns a list of questions (title + tags + score) for the given tag, ordered by community score. Call `get_answers` on relevant results.

  Connector

• get_compression_candidates

  Push Realm

  Find clusters of related learnings that are ripe for compression. When many similar solutions get linked together (e.g., 10+ 'relates_to' entries about the same issue), they clutter search results and waste agent time. Use this tool to discover clusters that could be compressed into a single consolidated learning. WORKFLOW: 1. Call get_compression_candidates with min_cluster_size=3 (or higher) 2. Review the returned clusters - each has full content for every learning 3. Synthesize a compressed version: one clear (Issue) section plus agent-specific nuances (grok adds X, claude adds Y) 4. Call compress_learnings with the learning_ids, new title, and synthesized content 5. Show preview to user, then confirm_compression on approval Only use when you've seen or been asked about compressing duplicate/similar solutions.

  Connector

• list_providers

  Diagrams MCP

  List all available diagram providers (aws, gcp, azure, k8s, onprem, etc.). Use list_providers -> list_services -> list_nodes to browse available node types for a specific provider.

  Connector

• awsinspect

  InsideOut (Riley)

  INSPECTION: Inspect AWS infrastructure for a deployed project ⚠️ **PREREQUISITE**: This tool requires a prior deployment ATTEMPT (successful or failed). Check convostatus for hasDeployAttempt=true before calling. Works even after failed deploys to inspect orphaned resources. Inspect deployed AWS resources after a deployment attempt. Use this tool when the user asks about the status or details of their deployed infrastructure. It fetches temporary read-only credentials securely and queries the AWS API directly. RESPONSE TIERS (default is summary for token efficiency): - Summary (default): Key fields only (~500 tokens). Set detail=false, raw=false or omit both. - Detail: Full metadata for a specific resource. Set detail=true + resource filter. - Raw: Complete unprocessed API response. Set raw=true. REQUIRES: session_id from convoopen response (format: sess_v2_...). Supported services: account, alb, apigateway, backup, bedrock, cloudfront, cloudwatchlogs, cognito, cost-explorer, dynamodb, ebs, ec2, ecs, eks, elasticache, kms, lambda, msk, opensearch, rds, s3, secretsmanager, sqs, vpc, waf For a specific service's actions, call with action="list-actions". METRICS: Use list-metrics to discover available metrics for a service (no credentials needed). Then use get-metrics to retrieve data (auto-discovers resources). Most services return CloudWatch time-series. KMS returns key health (rotation, state). SecretsManager returns secret health (rotation, last accessed/rotated). Optional filters JSON: {"hours":6,"period":300}. BILLING: Use service=cost-explorer to inspect AWS costs. Actions: get-cost-summary (last 30 days by service, filters: {"days":7,"granularity":"DAILY"}), get-cost-forecast (projected spend through end of month), get-cost-by-tag (costs grouped by tag, filters: {"tag_key":"Environment","days":30}). Requires ce:GetCostAndUsage and ce:GetCostForecast IAM permissions. EXAMPLES: - awsinspect(session_id=..., service="ec2", action="describe-instances") - awsinspect(session_id=..., service="cost-explorer", action="get-cost-summary") - awsinspect(session_id=..., service="ec2", action="get-metrics", filters="{\"hours\":6}") - awsinspect(session_id=..., service="rds", action="describe-db-instances", detail=true)

  Connector

• get_stats

  MRC Data — China's Apparel Supply Chain Infrastructure

  Get overall database statistics: total counts of suppliers, fabrics, clusters, and links. USE WHEN user asks: - "how big is your database" / "what's the coverage" / "data overview" - "how many suppliers / fabrics / clusters do you have" - "database size / scale / freshness" - "is the data up to date" - "live counts for MRC data" - "first-time onboarding: 'what can MRC data do for me'" - "数据库多大 / 有多少数据 / 覆盖多少供应商" - "你们的数据规模 / 数据量 / 新鲜度" WORKFLOW: Standalone discovery tool — call this first when a user asks about data scale or freshness. Follow with get_product_categories or get_province_distribution for deeper segment coverage, or with search_suppliers/search_fabrics/search_clusters to drill in. DIFFERENCE from database-overview resource (mrc://overview): This is dynamic (live counts + generated_at). The resource is static (geographic scope, top provinces, data standards). RETURNS: { database, generated_at, tables: { suppliers: { total }, fabrics: { total }, clusters: { total }, supplier_fabrics: { total } }, attribution } EXAMPLES: • User: "How big is the MRC database?" → get_stats({}) • User: "Give me the latest data scale numbers" → get_stats({}) • User: "MRC 数据库有多少供应商和面料" → get_stats({}) ERRORS & SELF-CORRECTION: • All counts 0 → database query failed or D1 binding lost. Retry once after 5 seconds. If still 0, surface a transport error to user. • Rate limit 429 → wait 60 seconds; do not retry immediately. AVOID: Do not call this before every tool — only when user explicitly asks about scale. Do not call to get per-category counts — use get_product_categories. Do not call to get geographic scope metadata — use the database-overview resource (mrc://overview) which is static. NOTE: Only reports verified + partially_verified records. Unverified reserve data is excluded from counts. Source: MRC Data (meacheal.ai). 中文：获取数据库整体统计（供应商总数、面料总数、产业带总数、关联记录数）。动态快照，含生成时间戳。

  Connector

• credawait

  InsideOut (Riley)

  Wait for the user to securely connect their cloud account and subscribe to Luther Systems. Polls until credentials appear on the session. 🎯 USE THIS TOOL WHEN: tfdeploy returns an 'auth_required', 'no_credentials', or 'credentials_expired' error. The user needs to visit the connect URL to: 1. Connect their cloud credentials (AWS or GCP) 2. Sign up and subscribe to a Luther Systems plan (required for deployment) This secure connection allows InsideOut to deploy and manage infrastructure in the user's cloud account on their behalf. Credentials are handled securely and only used for deployment and management sessions. WORKFLOW: 1. FIRST: Present the connect URL and explanation to the user (from the tfdeploy error response) 2. THEN: Call this tool to begin polling for credentials 3. The user opens the URL in their browser to subscribe and add credentials 4. When credentials are found, inform the user and call tfdeploy to deploy IMPORTANT: Do NOT call this tool without first showing the connect URL to the user. The user needs to see the URL to complete the process. REQUIRES: session_id from convoopen response (format: sess_v2_...). OPTIONAL: cloud ('aws' or 'gcp'), timeout (integer, seconds to wait, default 300, max 600).

  Connector

• GetLEIDetail

  Fintel Discovery — Financial Intelligence for AI Agents

  Retrieve the full GLEIF LEI record for one legal entity using its 20-character LEI code. Returns legal name, registration status, legal address, headquarters address, managing LOU, and renewal dates. Use this tool when: - You have a LEI (from SearchLEI) and need full entity details - You want to verify the registration status and renewal date - You need the exact legal address and jurisdiction of an entity Source: GLEIF API (api.gleif.org). No API key required.

  Connector

• convoopen

  InsideOut (Riley)

  WORKFLOW: Step 1 of 4 - Start infrastructure design conversation Open an InsideOut V2 session and receive the assistant's intro message. The response contains a clean message from Riley (the infrastructure advisor) - display it to the user. ⚠️ Riley will ask questions - forward these to the user, DO NOT answer on their behalf. CRITICAL: This tool returns a session_id in the response metadata. You MUST use this session_id for ALL subsequent tool calls (convoreply, tfgenerate, tfdeploy, etc.). Use when the user mentions keywords like: 'setup my cloud infra', 'provision infrastructure', 'deploy infra', 'start insideout', 'use insideout', or similar intent to begin infra setup. OPTIONAL: project_context (string) - General tech stack summary so Riley can skip discovery questions and jump to recommendations. The agent should confirm this with the user before sending. Include whichever apply: language/framework, databases/services, container usage, existing IaC, CI/CD platform, cloud provider, Kubernetes usage, what the project does. Example: 'Next.js 14 + TypeScript, PostgreSQL, Redis, Docker Compose, deployed to AWS ECS, GitHub Actions CI/CD, ~50k MAU'. NEVER include credentials, secrets, API keys, PII, source code, or internal URLs/IPs -- only general metadata summaries useful to a cloud architect agent. IMPORTANT: source (string) - You MUST set this to identify which IDE/tool you are. Auto-detect from your environment: 'claude-code', 'codex', 'antigravity', 'kiro', 'vscode', 'web', 'mcp'. If unsure, use the name of your IDE/tool in lowercase. Do NOT omit this — it controls the 'Open {IDE}' button on the credential connect screen. OPTIONAL: github_username (string) - GitHub username for deploy commit attribution. Pre-populates the GitHub username field on the connect page. 💡 TIP: Examine workflow.usage prompt for more context on how to properly use these tools.

  Connector

• deploy_staging

  RationalBloks

  Deploy a project to the staging environment. This triggers: (1) Schema validation, (2) Docker image build, (3) GitHub commit, (4) Kubernetes deployment, (5) Database migrations. The operation is ASYNCHRONOUS - it returns immediately with a job_id. Use get_job_status with the job_id to monitor progress. Deployment typically takes 2-5 minutes depending on schema complexity. If deployment fails, check: (1) Schema format is FLAT (no 'fields' nesting), (2) Every field has a 'type' property, (3) Foreign keys reference existing tables, (4) No PostgreSQL reserved words in table/field names. Use get_project_info to see if the deployment succeeded.

  Connector

• awsinspect

  InsideOut (Riley)

  INSPECTION: Inspect AWS infrastructure for a deployed project ⚠️ **PREREQUISITE**: This tool requires a prior deployment ATTEMPT (successful or failed). Check convostatus for hasDeployAttempt=true before calling. Works even after failed deploys to inspect orphaned resources. Inspect deployed AWS resources after a deployment attempt. Use this tool when the user asks about the status or details of their deployed infrastructure. It fetches temporary read-only credentials securely and queries the AWS API directly. RESPONSE TIERS (default is summary for token efficiency): - Summary (default): Key fields only (~500 tokens). Set detail=false, raw=false or omit both. - Detail: Full metadata for a specific resource. Set detail=true + resource filter. - Raw: Complete unprocessed API response. Set raw=true. REQUIRES: session_id from convoopen response (format: sess_v2_...). Supported services: account, alb, apigateway, backup, bedrock, cloudfront, cloudwatchlogs, cognito, cost-explorer, dynamodb, ebs, ec2, ecs, eks, elasticache, kms, lambda, msk, opensearch, rds, s3, secretsmanager, sqs, vpc, waf For a specific service's actions, call with action="list-actions". METRICS: Use list-metrics to discover available metrics for a service (no credentials needed). Then use get-metrics to retrieve data (auto-discovers resources). Most services return CloudWatch time-series. KMS returns key health (rotation, state). SecretsManager returns secret health (rotation, last accessed/rotated). Optional filters JSON: {"hours":6,"period":300}. BILLING: Use service=cost-explorer to inspect AWS costs. Actions: get-cost-summary (last 30 days by service, filters: {"days":7,"granularity":"DAILY"}), get-cost-forecast (projected spend through end of month), get-cost-by-tag (costs grouped by tag, filters: {"tag_key":"Environment","days":30}). Requires ce:GetCostAndUsage and ce:GetCostForecast IAM permissions. EXAMPLES: - awsinspect(session_id=..., service="ec2", action="describe-instances") - awsinspect(session_id=..., service="cost-explorer", action="get-cost-summary") - awsinspect(session_id=..., service="ec2", action="get-metrics", filters="{\"hours\":6}") - awsinspect(session_id=..., service="rds", action="describe-db-instances", detail=true)

  Connector

• credawait

  InsideOut (Riley)

  Wait for the user to securely connect their cloud account and subscribe to Luther Systems. Polls until credentials appear on the session. 🎯 USE THIS TOOL WHEN: tfdeploy returns an 'auth_required', 'no_credentials', or 'credentials_expired' error. The user needs to visit the connect URL to: 1. Connect their cloud credentials (AWS or GCP) 2. Sign up and subscribe to a Luther Systems plan (required for deployment) This secure connection allows InsideOut to deploy and manage infrastructure in the user's cloud account on their behalf. Credentials are handled securely and only used for deployment and management sessions. WORKFLOW: 1. FIRST: Present the connect URL and explanation to the user (from the tfdeploy error response) 2. THEN: Call this tool to begin polling for credentials 3. The user opens the URL in their browser to subscribe and add credentials 4. When credentials are found, inform the user and call tfdeploy to deploy IMPORTANT: Do NOT call this tool without first showing the connect URL to the user. The user needs to see the URL to complete the process. REQUIRES: session_id from convoopen response (format: sess_v2_...). OPTIONAL: cloud ('aws' or 'gcp'), timeout (integer, seconds to wait, default 300, max 600).

  Connector

• aws___list_regions

  AWS Knowledge

  Retrieve a list of all AWS regions. ## Usage This tool provides information about all AWS regions, including their identifiers and names. ## When to Use - When planning global infrastructure deployments - To validate region codes for other API calls - To get a complete AWS regional inventory ## Result Interpretation Each region result includes: - region_id: The unique region code (e.g., 'us-east-1') - region_long_name: The human-friendly name (e.g., 'US East (N. Virginia)') ## Common Use Cases 1. Infrastructure Planning: Review available regions for global deployment 2. Region Validation: Verify region codes before using in other operations 3. Regional Inventory: Get a complete list of AWS's global infrastructure

  Connector

• principles.list

  AI Design Blueprint

  List all 12 Blueprint principles with stable slugs, titles, and clusters. Use this when you need the full inventory or want every principle in one cluster (pass cluster slug to filter). Prefer principles.search when the user describes a topic, failure mode, or keyword in natural language. Prefer principles.get when you already know the exact slug and need full detail.

  Connector

• search_clusters

  MRC Data — China's Apparel Supply Chain Infrastructure

  Search Chinese apparel industrial clusters and textile markets. USE WHEN user asks: - "where is China's [denim / suit / women's wear / underwear] manufacturing concentrated" - "what is the largest [silk / cashmere / down jacket] industrial cluster in China" - "industrial cluster comparison Humen vs Shaoxing vs Haining vs Zhili" - "recommend an industrial cluster for sourcing [product]" - "where should I set up a sourcing office for [category]" - "list mega clusters for [category]" - "fabric markets in Zhejiang / Jiangsu" - "accessories / trim / zipper / button markets in China" - "which province dominates [category] exports" - "follow-up: 'tell me more about Humen's cluster scale'" - "服装产业带 / 面料市场 / 产业集群 / 纺织集群 / 辅料市场" - "做 [品类] 应该去哪个产业带 / 集群推荐" Famous clusters this database covers include: Humen (Guangdong, womenswear), Shaoxing Keqiao (Zhejiang, fabric mega-market), Haining (Zhejiang, leather), Zhili (Zhejiang, children's wear), Shengze (Jiangsu, silk), Shantou (Guangdong, underwear), Puning (Guangdong, jeans), Jinjiang (Fujian, sportswear), and more. Returns paginated cluster list with name, location, specialization, scale, supplier count, average rent and labor cost, and key advantages/risks. WORKFLOW: Cluster discovery entry point. search_clusters → compare_clusters (side-by-side up to 10 cluster_ids) OR get_cluster_suppliers (list factories in that cluster) OR analyze_market (broader market view). RETURNS: { has_more: boolean, data: [{ cluster_id, name_cn, name_en, type, province, city, specialization, scale, supplier_count, labor_cost_avg_rmb }] } EXAMPLES: • User: "Where are the biggest denim clusters in China?" → search_clusters({ specialization: "denim", scale: "mega" }) • User: "Show me fabric markets in Zhejiang" → search_clusters({ province: "Zhejiang", type: "fabric_market" }) • User: "童装产业带有哪些" → search_clusters({ specialization: "童装" }) ERRORS & SELF-CORRECTION: • Empty data array → try in order: (1) drop scale filter, (2) broaden specialization (e.g. "服装" instead of "牛仔"), (3) remove type, (4) remove province. • Specialization mismatch → both Chinese and English work. Synonyms: sportswear/运动服, womenswear/女装, underwear/内衣, denim/牛仔. • Rate limit 429 → wait 60 seconds; do not retry immediately. • Empty after 3 retries → tell user: "No clusters match [criteria]. Try broader specialization or removing filters." AVOID: Do not use this for specific factory search — use search_suppliers. Do not compare clusters by calling search_clusters twice — use compare_clusters with cluster_ids. NOTE: Source: MRC Data (meacheal.ai). 170+ clusters mapped across 31 provinces. 中文：搜索中国服装产业带和面料市场。

  Connector