diff --git a/requirements-agent.txt b/requirements-agent.txt
index 3bffd96b..e4a47636 100644
--- a/requirements-agent.txt
+++ b/requirements-agent.txt
@@ -1379,9 +1379,9 @@ jiter==0.15.0 \
     --hash=sha256:f3d37768fce7f88dd2a8c6091f2325dea27d30d30d5c6e7a1c0f0af77723b708 \
     --hash=sha256:fa248c9eb220197d363f688818dac2fd4b2f0cd7d843ca7105d652034823427d
     # via openai
-joserfc==1.6.7 \
-    --hash=sha256:6999fe89457069ecacd8cc797c88a805f83054dd883333fa0409f74b46479fd7 \
-    --hash=sha256:9e51e4a64840aa1734a058258e80a4480e2ff2d5686e480e7c92c954a92fbe05
+joserfc==1.6.8 \
+    --hash=sha256:22fb31a69094a5e6f44632002a9df2c30c941fc6c8ce1b037e92c03de954cf9f \
+    --hash=sha256:878620c553a6ebdd76ccdc356782fee3f735f21a356d079a546b42a4670ace5f
     # via authlib
 jsonschema==4.26.0 \
     --hash=sha256:0c26707e2efad8aa1bfc5b7ce170f3fccc2e4918ff85989ba9ffa9facb2be326 \
diff --git a/src/lightspeed_agent/core/skills/pagination-handling/SKILL.md b/src/lightspeed_agent/core/skills/pagination-handling/SKILL.md
index a3f17be0..d4f9aafc 100644
--- a/src/lightspeed_agent/core/skills/pagination-handling/SKILL.md
+++ b/src/lightspeed_agent/core/skills/pagination-handling/SKILL.md
@@ -29,7 +29,31 @@ then let the user decide whether they need more.
 **When to skip the offer** (user already specified scope):
 - "Show me the top 3 CVEs on host X" → use limit=3, no follow-up needed
 - "Get the first page of vulnerabilities" → use limit=100 offset=0, no follow-up needed
-- "How many critical CVEs affect host X?" → fetch all pages silently to count
+- "How many [resources]?" → use the efficient counting technique below
+
+### Efficient Counting [PREFERRED]
+
+When the user asks "how many [resources]?" (total count questions), do NOT fetch all
+pages to count. Instead, call the relevant MCP tool with `limit=1` and `offset=0` and
+read the total from the response metadata — one API call, no data transfer:
+
+- **Vulnerability tools** (JSON:API responses): total is at `meta.total_items`
+- **Inventory tools**: total is at `total`
+- **Advisor, Content Sources, Image Builder, RHSM tools**: total is at `meta.count`
+
+Pass the user's filters as normal tool arguments alongside `limit=1`.
+
+**Examples:**
+- "How many CVEs?" → call `vulnerability__get_cves` with `limit=1`, report `meta.total_items`
+- "How many critical CVEs?" → call `vulnerability__get_cves` with `limit=1, severity=Critical`,
+  report `meta.total_items`
+- "How many hosts?" → call `inventory__list_hosts` with `limit=1`, report `total`
+- "How many hosts running RHEL 9?" → call `inventory__list_hosts` with
+  `limit=1, operating_system=RHEL 9`, report `total`
+- "How many advisor rules?" → call `advisor__get_active_rules` with `limit=1`,
+  report `meta.count`
+- "How many blueprints?" → call `image-builder__get_blueprints` with `limit=1`,
+  report `meta.count`
 
 **Exception — remediatable CVE queries**: When the user asks for remediatable CVEs on a
 specific system, fetch all pages automatically. Remediatable CVEs can appear on any page,