Shared Data and Context

To provide accurate and context-aware responses, the system shares specific metadata between the UI, the Supervisor, and the specialized Agents MCP server with the configured LLM provider.

UI Context

When a user interacts with the chat interface, the system automatically captures and shares the current UI context. This ensures that the AI Agent understands the user’s focus without requiring explicit mention of resources.

The shared context includes:

Cluster ID: The current cluster being viewed in the Rancher dashboard.
Namespace: The specific namespace context, if applicable.
Resource Metadata: Details about the current resource (for example, a specific Deployment, Node, or Fleet Bundle) shown in the UI.

This data is bundled with the user’s prompt by the Supervisor and routed to the appropriate specialized Agent and shared with the LLM provider.

Data Collection via MCP Tools

The Rancher Agent uses specialized tools, exposed through the Rancher MCP server, to retrieve real-time data from the environment. These tools act as the bridge between the AI’s reasoning and the actual state of your infrastructure.

The following list of actions defines the data collected from the Rancher Manager and downstream clusters:

Action Category Specific Actions

Action Category	Specific Actions
Kubernetes Resources	`getKubernetesResource`, `listKubernetesResources`, `getDeployment`
Cluster Analysis	`analyzeCluster`, `analyzeClusterMachines`, `getNodes`, `getProject`
Fleet & GitOps	`listGitRepos`, `getGitRepo`, `analyzeFleetResources`

Kubernetes Resources

getKubernetesResource, listKubernetesResources, getDeployment

Cluster Analysis

analyzeCluster, analyzeClusterMachines, getNodes, getProject

Fleet & GitOps

listGitRepos, getGitRepo, analyzeFleetResources

These actions fetch data from the environment and share the result with the LLM. Sensitive data retrieved through these calls may include:

Secrets and API keys
Usernames and groups
IP addresses and network configurations

Handling Sensitive Information

Data retrieved from downstream clusters, particularly pod logs and resource definitions, can contain sensitive information. The system manages this risk through a "secure-by-design" data sharing model:

The Agent never uses a "root" or "service" account. It performs every data collection task using the user’s own permission. This ensures the Agent can only "see" and "share" data that the user is already authorized to access via Rancher RBAC.
Data is fetched on-demand. The system does not maintain a secondary database of your cluster’s sensitive contents; it queries the Rancher and Kubernetes APIs only when a specific tool call is triggered by the Agent’s reasoning loop.