Files
semenshi-m c6951c21f6 Python: Add MCP-based skills discovery (McpSkillsSource) (#6169)
* Add MCP-based skills discovery (McpSkill, McpSkillsSource, McpSkillResource)

Implement Agent Skills discovery over MCP following the SEP-2640 convention:
- McpSkillsSource: reads skill://index.json to discover skills served by an MCP server
- McpSkill: lazily fetches SKILL.md content via resources/read on demand
- McpSkillResource: wraps MCP resource results (text and binary)
- Path traversal protection in get_resource for defense in depth
- Samples for Foundry Toolbox and standalone MCP skills server
- Comprehensive unit tests (514 lines)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Address PR review comments: rename to MCP* convention, fix error handling and samples

- Rename McpSkill/McpSkillResource/McpSkillsSource to MCPSkill/MCPSkillResource/MCPSkillsSource
- Add data-URI prefix stripping for blob resource decoding
- Let non-McpError exceptions propagate from get_resource()
- Fix contradictory test comment
- Use interactive input() in mcp_based_skill sample
- Remove misleading sample output block

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Restore debug logging for McpError in get_resource()

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Use AzureCliCredential in Foundry toolbox skills sample for consistency

Replace DefaultAzureCredential with AzureCliCredential to match the
credential convention used in all other samples.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Use MCPStreamableHTTPTool in MCP skills sample

Replace raw mcp library imports (ClientSession, streamable_http_client)
with the framework's MCPStreamableHTTPTool to keep MCP server connections
consistent regardless of whether skills are enabled.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Branch on McpError.error.code so only not-found errors return empty

Previously _try_read_index() and get_resource() swallowed every McpError
as 'no skills available', making auth failures, server crashes, and
connection drops indistinguishable from a server that simply has no
skills.

Now only two codes are treated as not-found:
- -32002 (MCP-spec Resource not found)
- -32601 (METHOD_NOT_FOUND — server lacks resources/read)

All other McpError codes and non-McpError exceptions propagate with a
warning log, surfacing real failures visibly.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Add tests for non-McpError and non-not-found error propagation in MCP skills

Cover the re-raise branch in MCPSkill.get_resource for plain
ConnectionError/TimeoutError, the generic McpError (code 0) propagation
on get_resource, and TimeoutError propagation in _try_read_index.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Revert "Use MCPStreamableHTTPTool in MCP skills sample"

This reverts commit f31ed0ded9.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Introduce MCP_SKILLS experimental feature for MCP skill classes

Add a separate MCP_SKILLS feature ID to ExperimentalFeature enum and
use it for MCPSkillResource, MCPSkill, and MCPSkillsSource, since their
promotion timeline is partly outside of our control.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
c6951c21f6 · 2026-06-03 18:09:50 +00:00
History
..

Agent Skills Samples

These samples demonstrate how to use Agent Skills — modular packages of instructions, resources, and scripts that extend an agent's capabilities. Skills follow the Agent Skills specification and use progressive disclosure to optimize token usage.

Learning Path

Start with file-based or code-defined skills, then explore combining them and adding approval workflows.

Sample Description
file_based_skill Define skills as SKILL.md files on disk with reference documents and executable scripts. Uses the unit-converter skill.
code_defined_skill Define skills entirely in Python code using Skill, @skill.resource, and @skill.script decorators. Uses a code-defined unit-converter skill.
class_based_skill Define skills as Python classes using ClassSkill with @ClassSkill.resource and @ClassSkill.script decorators for auto-discovery. Uses a class-based unit-converter skill.
mixed_skills Combine code-defined, class-based, and file-based skills in a single agent. Uses a code-defined volume-converter, a class-based temperature-converter, and a file-based unit-converter.
mcp_based_skill Discover skills served over the Model Context Protocol (MCP) via MCPSkillsSource. Connects to a remote MCP server that exposes skills as skill://... resources following the SEP-2640 convention.
script_approval Require human-in-the-loop approval before executing skill scripts

Key Concepts

Progressive Disclosure

Skills use a three-step interaction model to minimize token usage:

  1. Advertise — Skill names and descriptions (~100 tokens each) are injected into the system prompt
  2. Load — Full instructions are loaded on-demand via the load_skill tool
  3. Access — Resources are read via read_skill_resource; scripts are executed via run_skill_script

File-Based vs Code-Defined vs Class-Based Skills

Aspect File-Based Code-Defined Class-Based
Definition SKILL.md files on disk Skill instances in Python Classes extending ClassSkill
Resources Static files in references/ and assets/ directories Callable functions via @skill.resource decorator @ClassSkill.resource decorator (auto-discovered)
Scripts Python files in scripts/ directory (executed via subprocess) Callable functions via @skill.script decorator (executed in-process) @ClassSkill.script decorator (executed in-process)
Discovery Automatic via skill_paths parameter Explicit via skills parameter Explicit via skills parameter
Dynamic content No (static files only) Yes (functions can generate content at runtime) Yes (functions can generate content at runtime)
Sharing pattern Copy skill directory Inline or shared instances Package in shared libraries/PyPI

All three types can be combined in a single SkillsProvider — see the mixed_skills sample.

Script Execution

Skills can include executable scripts. How a script runs depends on how it was defined:

Code-Defined Scripts File-Based Scripts
Defined via @skill.script decorator .py files in scripts/ directory
Execution In-process (direct function call) Delegated to a script_runner
script_runner needed? No — runs in-process automatically Yes — required

The script_runner parameter on SkillsProvider is only applicable to file-based scripts. Code-defined scripts are always executed in-process regardless of this setting. See file_based_skill for an example using a SkillScriptRunner callable with a subprocess runner, and code_defined_skill for in-process scripts that need no runner.

Prerequisites

All samples require:

  • An Azure AI Foundry project with a deployed model (e.g. gpt-4o-mini)
  • Azure CLI authentication (az login)
  • Environment variables set in a .env file (see python/.env.example)

Suppressing the experimental warning

The Agent Skills APIs in these samples are still experimental. Each sample includes a short commented warnings.filterwarnings(...) snippet near the imports. Uncomment it if you want to suppress the Skills warning before using the experimental APIs.