@raishin/vanguard-frontier-agentic 1.1.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (715) hide show
  1. package/README.md +369 -322
  2. package/agents/AGENTS.md +263 -21
  3. package/agents/argocd/README.md +46 -0
  4. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/AGENT.md +55 -0
  5. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/claude-code.agent.md +35 -0
  6. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/codex.toml +29 -0
  7. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/copilot.agent.md +35 -0
  8. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/cursor.agent.md +35 -0
  9. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/gemini.agent.md +35 -0
  10. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/kiro-cli.agent.json +5 -0
  11. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/kiro-ide.agent.md +35 -0
  12. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/metadata.json +31 -0
  13. package/agents/argocd/argocd-gitops-review-agent/AGENT.md +55 -0
  14. package/agents/argocd/argocd-gitops-review-agent/harnesses/claude-code.agent.md +38 -0
  15. package/agents/argocd/argocd-gitops-review-agent/harnesses/codex.toml +32 -0
  16. package/agents/argocd/argocd-gitops-review-agent/harnesses/copilot.agent.md +38 -0
  17. package/agents/argocd/argocd-gitops-review-agent/harnesses/cursor.agent.md +38 -0
  18. package/agents/argocd/argocd-gitops-review-agent/harnesses/gemini.agent.md +38 -0
  19. package/agents/argocd/argocd-gitops-review-agent/harnesses/kiro-cli.agent.json +5 -0
  20. package/agents/argocd/argocd-gitops-review-agent/harnesses/kiro-ide.agent.md +38 -0
  21. package/agents/argocd/argocd-gitops-review-agent/metadata.json +30 -0
  22. package/agents/aws/aws-live-deployment-guarded-operator-agent/metadata.json +10 -1
  23. package/agents/aws/aws-live-ecs-rollout-guard-agent/metadata.json +10 -1
  24. package/agents/aws/aws-live-iac-change-guard-agent/metadata.json +10 -1
  25. package/agents/aws/aws-live-pipeline-approval-operator-agent/metadata.json +10 -1
  26. package/agents/aws/aws-live-serverless-release-guard-agent/metadata.json +10 -1
  27. package/agents/aws/aws-maestro-agent/AGENT.md +55 -0
  28. package/agents/aws/aws-maestro-agent/harnesses/claude-code.agent.md +38 -0
  29. package/agents/aws/aws-maestro-agent/harnesses/codex.toml +34 -0
  30. package/agents/aws/aws-maestro-agent/harnesses/copilot.agent.md +51 -0
  31. package/agents/aws/aws-maestro-agent/harnesses/cursor.agent.md +40 -0
  32. package/agents/aws/aws-maestro-agent/harnesses/gemini.agent.md +39 -0
  33. package/agents/aws/aws-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  34. package/agents/aws/aws-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
  35. package/agents/aws/aws-maestro-agent/metadata.json +37 -0
  36. package/agents/aws/aws-private-ca-issuer-review-agent/AGENT.md +53 -0
  37. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/claude-code.agent.md +36 -0
  38. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/codex.toml +27 -0
  39. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/copilot.agent.md +36 -0
  40. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/cursor.agent.md +36 -0
  41. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/gemini.agent.md +36 -0
  42. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/kiro-cli.agent.json +5 -0
  43. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/kiro-ide.agent.md +36 -0
  44. package/agents/aws/aws-private-ca-issuer-review-agent/metadata.json +37 -0
  45. package/agents/azure/AGENTS.md +26 -0
  46. package/agents/azure/README.md +45 -0
  47. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/AGENT.md +53 -0
  48. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/claude-code.agent.md +36 -0
  49. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/codex.toml +27 -0
  50. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/copilot.agent.md +36 -0
  51. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/cursor.agent.md +36 -0
  52. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/gemini.agent.md +36 -0
  53. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/kiro-cli.agent.json +5 -0
  54. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/kiro-ide.agent.md +36 -0
  55. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/metadata.json +36 -0
  56. package/agents/azure/azure-live-aks-rollout-guard-agent/AGENT.md +57 -0
  57. package/agents/azure/azure-live-aks-rollout-guard-agent/PERMISSIONS.md +56 -0
  58. package/agents/azure/azure-live-aks-rollout-guard-agent/PREFLIGHT.md +48 -0
  59. package/agents/azure/azure-live-aks-rollout-guard-agent/ROLLBACK.md +36 -0
  60. package/agents/azure/azure-live-aks-rollout-guard-agent/harnesses/claude-code.agent.md +40 -0
  61. package/agents/azure/azure-live-aks-rollout-guard-agent/harnesses/codex.toml +32 -0
  62. package/agents/azure/azure-live-aks-rollout-guard-agent/harnesses/copilot.agent.md +53 -0
  63. package/agents/azure/azure-live-aks-rollout-guard-agent/harnesses/cursor.agent.md +40 -0
  64. package/agents/azure/azure-live-aks-rollout-guard-agent/harnesses/gemini.agent.md +40 -0
  65. package/agents/azure/azure-live-aks-rollout-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  66. package/agents/azure/azure-live-aks-rollout-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  67. package/agents/azure/azure-live-aks-rollout-guard-agent/metadata.json +36 -0
  68. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/AGENT.md +57 -0
  69. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/PERMISSIONS.md +43 -0
  70. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/PREFLIGHT.md +50 -0
  71. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/ROLLBACK.md +46 -0
  72. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/harnesses/claude-code.agent.md +40 -0
  73. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/harnesses/codex.toml +32 -0
  74. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/harnesses/copilot.agent.md +53 -0
  75. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/harnesses/cursor.agent.md +40 -0
  76. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/harnesses/gemini.agent.md +40 -0
  77. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  78. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  79. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/metadata.json +35 -0
  80. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/AGENT.md +57 -0
  81. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/PERMISSIONS.md +88 -0
  82. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/PREFLIGHT.md +48 -0
  83. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/ROLLBACK.md +48 -0
  84. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/claude-code.agent.md +40 -0
  85. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/codex.toml +32 -0
  86. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/copilot.agent.md +53 -0
  87. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/cursor.agent.md +40 -0
  88. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/gemini.agent.md +40 -0
  89. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  90. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  91. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/metadata.json +36 -0
  92. package/agents/azure/azure-live-cost-budget-action-guard-agent/AGENT.md +57 -0
  93. package/agents/azure/azure-live-cost-budget-action-guard-agent/PERMISSIONS.md +93 -0
  94. package/agents/azure/azure-live-cost-budget-action-guard-agent/PREFLIGHT.md +44 -0
  95. package/agents/azure/azure-live-cost-budget-action-guard-agent/ROLLBACK.md +49 -0
  96. package/agents/azure/azure-live-cost-budget-action-guard-agent/harnesses/claude-code.agent.md +40 -0
  97. package/agents/azure/azure-live-cost-budget-action-guard-agent/harnesses/codex.toml +32 -0
  98. package/agents/azure/azure-live-cost-budget-action-guard-agent/harnesses/copilot.agent.md +53 -0
  99. package/agents/azure/azure-live-cost-budget-action-guard-agent/harnesses/cursor.agent.md +40 -0
  100. package/agents/azure/azure-live-cost-budget-action-guard-agent/harnesses/gemini.agent.md +40 -0
  101. package/agents/azure/azure-live-cost-budget-action-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  102. package/agents/azure/azure-live-cost-budget-action-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  103. package/agents/azure/azure-live-cost-budget-action-guard-agent/metadata.json +36 -0
  104. package/agents/azure/azure-live-entra-role-assignment-guard-agent/AGENT.md +59 -0
  105. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/claude-code.agent.md +42 -0
  106. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/codex.toml +34 -0
  107. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/copilot.agent.md +55 -0
  108. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/cursor.agent.md +44 -0
  109. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/gemini.agent.md +43 -0
  110. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  111. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  112. package/agents/azure/azure-live-entra-role-assignment-guard-agent/metadata.json +37 -0
  113. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/AGENT.md +57 -0
  114. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/PERMISSIONS.md +68 -0
  115. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/PREFLIGHT.md +46 -0
  116. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/ROLLBACK.md +44 -0
  117. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/harnesses/claude-code.agent.md +40 -0
  118. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/harnesses/codex.toml +32 -0
  119. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/harnesses/copilot.agent.md +53 -0
  120. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/harnesses/cursor.agent.md +40 -0
  121. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/harnesses/gemini.agent.md +40 -0
  122. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  123. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  124. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/metadata.json +36 -0
  125. package/agents/azure/azure-live-pim-jit-activation-guard-agent/AGENT.md +57 -0
  126. package/agents/azure/azure-live-pim-jit-activation-guard-agent/PERMISSIONS.md +59 -0
  127. package/agents/azure/azure-live-pim-jit-activation-guard-agent/PREFLIGHT.md +41 -0
  128. package/agents/azure/azure-live-pim-jit-activation-guard-agent/ROLLBACK.md +48 -0
  129. package/agents/azure/azure-live-pim-jit-activation-guard-agent/harnesses/claude-code.agent.md +40 -0
  130. package/agents/azure/azure-live-pim-jit-activation-guard-agent/harnesses/codex.toml +32 -0
  131. package/agents/azure/azure-live-pim-jit-activation-guard-agent/harnesses/copilot.agent.md +53 -0
  132. package/agents/azure/azure-live-pim-jit-activation-guard-agent/harnesses/cursor.agent.md +40 -0
  133. package/agents/azure/azure-live-pim-jit-activation-guard-agent/harnesses/gemini.agent.md +40 -0
  134. package/agents/azure/azure-live-pim-jit-activation-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  135. package/agents/azure/azure-live-pim-jit-activation-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  136. package/agents/azure/azure-live-pim-jit-activation-guard-agent/metadata.json +36 -0
  137. package/agents/azure/azure-maestro-agent/AGENT.md +56 -0
  138. package/agents/azure/azure-maestro-agent/harnesses/claude-code.agent.md +39 -0
  139. package/agents/azure/azure-maestro-agent/harnesses/codex.toml +14 -0
  140. package/agents/azure/azure-maestro-agent/harnesses/copilot.agent.md +52 -0
  141. package/agents/azure/azure-maestro-agent/harnesses/cursor.agent.md +41 -0
  142. package/agents/azure/azure-maestro-agent/harnesses/gemini.agent.md +40 -0
  143. package/agents/azure/azure-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  144. package/agents/azure/azure-maestro-agent/harnesses/kiro-ide.agent.md +39 -0
  145. package/agents/azure/azure-maestro-agent/metadata.json +38 -0
  146. package/agents/backstage/README.md +36 -0
  147. package/agents/backstage/backstage-scaffolder-template-review-agent/AGENT.md +54 -0
  148. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/claude-code.agent.md +37 -0
  149. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/codex.toml +31 -0
  150. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/copilot.agent.md +37 -0
  151. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/cursor.agent.md +37 -0
  152. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/gemini.agent.md +37 -0
  153. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/kiro-cli.agent.json +5 -0
  154. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/kiro-ide.agent.md +37 -0
  155. package/agents/backstage/backstage-scaffolder-template-review-agent/metadata.json +30 -0
  156. package/agents/cert-manager/README.md +46 -0
  157. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/AGENT.md +55 -0
  158. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/claude-code.agent.md +35 -0
  159. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/codex.toml +29 -0
  160. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/copilot.agent.md +35 -0
  161. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/cursor.agent.md +35 -0
  162. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/gemini.agent.md +35 -0
  163. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/kiro-cli.agent.json +5 -0
  164. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/kiro-ide.agent.md +35 -0
  165. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/metadata.json +31 -0
  166. package/agents/cilium/README.md +46 -0
  167. package/agents/cilium/cilium-network-policy-review-agent/AGENT.md +55 -0
  168. package/agents/cilium/cilium-network-policy-review-agent/harnesses/claude-code.agent.md +38 -0
  169. package/agents/cilium/cilium-network-policy-review-agent/harnesses/codex.toml +32 -0
  170. package/agents/cilium/cilium-network-policy-review-agent/harnesses/copilot.agent.md +38 -0
  171. package/agents/cilium/cilium-network-policy-review-agent/harnesses/cursor.agent.md +38 -0
  172. package/agents/cilium/cilium-network-policy-review-agent/harnesses/gemini.agent.md +38 -0
  173. package/agents/cilium/cilium-network-policy-review-agent/harnesses/kiro-cli.agent.json +5 -0
  174. package/agents/cilium/cilium-network-policy-review-agent/harnesses/kiro-ide.agent.md +38 -0
  175. package/agents/cilium/cilium-network-policy-review-agent/metadata.json +37 -0
  176. package/agents/falco/README.md +36 -0
  177. package/agents/falco/falco-runtime-threat-rules-review-agent/AGENT.md +49 -0
  178. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/claude-code.agent.md +33 -0
  179. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/codex.toml +31 -0
  180. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/copilot.agent.md +33 -0
  181. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/cursor.agent.md +33 -0
  182. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/gemini.agent.md +33 -0
  183. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/kiro-cli.agent.json +5 -0
  184. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/kiro-ide.agent.md +33 -0
  185. package/agents/falco/falco-runtime-threat-rules-review-agent/metadata.json +31 -0
  186. package/agents/finops/AGENTS.md +36 -0
  187. package/agents/finops/README.md +27 -0
  188. package/agents/finops/finops-cloud-price-advisor-agent/AGENT.md +58 -0
  189. package/agents/finops/finops-cloud-price-advisor-agent/PERMISSIONS.md +112 -0
  190. package/agents/finops/finops-cloud-price-advisor-agent/harnesses/claude-code.agent.md +40 -0
  191. package/agents/finops/finops-cloud-price-advisor-agent/harnesses/codex.toml +33 -0
  192. package/agents/finops/finops-cloud-price-advisor-agent/harnesses/copilot.agent.md +53 -0
  193. package/agents/finops/finops-cloud-price-advisor-agent/harnesses/cursor.agent.md +40 -0
  194. package/agents/finops/finops-cloud-price-advisor-agent/harnesses/gemini.agent.md +40 -0
  195. package/agents/finops/finops-cloud-price-advisor-agent/harnesses/kiro-cli.agent.json +1 -0
  196. package/agents/finops/finops-cloud-price-advisor-agent/harnesses/kiro-ide.agent.md +40 -0
  197. package/agents/finops/finops-cloud-price-advisor-agent/metadata.json +38 -0
  198. package/agents/fluxcd/README.md +39 -0
  199. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/AGENT.md +55 -0
  200. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/claude-code.agent.md +38 -0
  201. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/codex.toml +32 -0
  202. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/copilot.agent.md +38 -0
  203. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/cursor.agent.md +38 -0
  204. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/gemini.agent.md +38 -0
  205. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/kiro-cli.agent.json +5 -0
  206. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/kiro-ide.agent.md +38 -0
  207. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/metadata.json +31 -0
  208. package/agents/istio/README.md +46 -0
  209. package/agents/istio/istio-ambient-mesh-review-agent/AGENT.md +55 -0
  210. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/claude-code.agent.md +38 -0
  211. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/codex.toml +32 -0
  212. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/copilot.agent.md +38 -0
  213. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/cursor.agent.md +38 -0
  214. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/gemini.agent.md +38 -0
  215. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/kiro-cli.agent.json +5 -0
  216. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/kiro-ide.agent.md +38 -0
  217. package/agents/istio/istio-ambient-mesh-review-agent/metadata.json +30 -0
  218. package/agents/kubernetes/README.md +143 -0
  219. package/agents/kubernetes/external-secrets-operator-review-agent/AGENT.md +49 -0
  220. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/claude-code.agent.md +33 -0
  221. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/codex.toml +31 -0
  222. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/copilot.agent.md +33 -0
  223. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/cursor.agent.md +33 -0
  224. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/gemini.agent.md +33 -0
  225. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/kiro-cli.agent.json +5 -0
  226. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/kiro-ide.agent.md +33 -0
  227. package/agents/kubernetes/external-secrets-operator-review-agent/metadata.json +31 -0
  228. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/AGENT.md +56 -0
  229. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/claude-code.agent.md +39 -0
  230. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/codex.toml +34 -0
  231. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/copilot.agent.md +39 -0
  232. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/cursor.agent.md +39 -0
  233. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/gemini.agent.md +39 -0
  234. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/kiro-cli.agent.json +5 -0
  235. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/kiro-ide.agent.md +39 -0
  236. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/metadata.json +31 -0
  237. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/AGENT.md +59 -0
  238. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/claude-code.agent.md +42 -0
  239. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/codex.toml +33 -0
  240. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/copilot.agent.md +42 -0
  241. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/cursor.agent.md +42 -0
  242. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/gemini.agent.md +42 -0
  243. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  244. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  245. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/metadata.json +36 -0
  246. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/AGENT.md +59 -0
  247. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/claude-code.agent.md +42 -0
  248. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/codex.toml +33 -0
  249. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/copilot.agent.md +42 -0
  250. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/cursor.agent.md +42 -0
  251. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/gemini.agent.md +42 -0
  252. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  253. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  254. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/metadata.json +36 -0
  255. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/AGENT.md +59 -0
  256. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/claude-code.agent.md +42 -0
  257. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/codex.toml +33 -0
  258. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/copilot.agent.md +42 -0
  259. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/cursor.agent.md +42 -0
  260. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/gemini.agent.md +42 -0
  261. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  262. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  263. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/metadata.json +36 -0
  264. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/AGENT.md +59 -0
  265. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/claude-code.agent.md +42 -0
  266. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/codex.toml +33 -0
  267. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/copilot.agent.md +42 -0
  268. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/cursor.agent.md +42 -0
  269. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/gemini.agent.md +42 -0
  270. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  271. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  272. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/metadata.json +36 -0
  273. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/AGENT.md +59 -0
  274. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/claude-code.agent.md +42 -0
  275. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/codex.toml +34 -0
  276. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/copilot.agent.md +55 -0
  277. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/cursor.agent.md +44 -0
  278. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/gemini.agent.md +43 -0
  279. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  280. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  281. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/metadata.json +36 -0
  282. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/AGENT.md +62 -0
  283. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/claude-code.agent.md +43 -0
  284. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/codex.toml +35 -0
  285. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/copilot.agent.md +43 -0
  286. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/cursor.agent.md +43 -0
  287. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/gemini.agent.md +43 -0
  288. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  289. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/kiro-ide.agent.md +43 -0
  290. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/metadata.json +37 -0
  291. package/agents/kubernetes/kubernetes-maestro-agent/AGENT.md +55 -0
  292. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/claude-code.agent.md +38 -0
  293. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/codex.toml +34 -0
  294. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/copilot.agent.md +38 -0
  295. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/cursor.agent.md +38 -0
  296. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/gemini.agent.md +38 -0
  297. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  298. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
  299. package/agents/kubernetes/kubernetes-maestro-agent/metadata.json +40 -0
  300. package/agents/kubernetes/kubernetes-pod-spec-review-agent/AGENT.md +54 -0
  301. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/claude-code.agent.md +37 -0
  302. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/codex.toml +27 -0
  303. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/copilot.agent.md +37 -0
  304. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/cursor.agent.md +37 -0
  305. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/gemini.agent.md +37 -0
  306. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/kiro-cli.agent.json +5 -0
  307. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/kiro-ide.agent.md +37 -0
  308. package/agents/kubernetes/kubernetes-pod-spec-review-agent/metadata.json +38 -0
  309. package/agents/kubernetes/kubernetes-psa-review-agent/AGENT.md +55 -0
  310. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/claude-code.agent.md +36 -0
  311. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/codex.toml +29 -0
  312. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/copilot.agent.md +36 -0
  313. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/cursor.agent.md +36 -0
  314. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/gemini.agent.md +36 -0
  315. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/kiro-cli.agent.json +5 -0
  316. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/kiro-ide.agent.md +36 -0
  317. package/agents/kubernetes/kubernetes-psa-review-agent/metadata.json +37 -0
  318. package/agents/kubernetes/kubernetes-rbac-review-agent/AGENT.md +55 -0
  319. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/claude-code.agent.md +38 -0
  320. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/codex.toml +32 -0
  321. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/copilot.agent.md +51 -0
  322. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/cursor.agent.md +40 -0
  323. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/gemini.agent.md +39 -0
  324. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/kiro-cli.agent.json +5 -0
  325. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/kiro-ide.agent.md +38 -0
  326. package/agents/kubernetes/kubernetes-rbac-review-agent/metadata.json +36 -0
  327. package/agents/kubernetes/kubernetes-workload-identity-review-agent/AGENT.md +55 -0
  328. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/claude-code.agent.md +37 -0
  329. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/codex.toml +29 -0
  330. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/copilot.agent.md +37 -0
  331. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/cursor.agent.md +37 -0
  332. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/gemini.agent.md +37 -0
  333. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/kiro-cli.agent.json +5 -0
  334. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/kiro-ide.agent.md +37 -0
  335. package/agents/kubernetes/kubernetes-workload-identity-review-agent/metadata.json +37 -0
  336. package/agents/kyverno/README.md +46 -0
  337. package/agents/kyverno/kyverno-policy-review-agent/AGENT.md +55 -0
  338. package/agents/kyverno/kyverno-policy-review-agent/harnesses/claude-code.agent.md +38 -0
  339. package/agents/kyverno/kyverno-policy-review-agent/harnesses/codex.toml +32 -0
  340. package/agents/kyverno/kyverno-policy-review-agent/harnesses/copilot.agent.md +38 -0
  341. package/agents/kyverno/kyverno-policy-review-agent/harnesses/cursor.agent.md +38 -0
  342. package/agents/kyverno/kyverno-policy-review-agent/harnesses/gemini.agent.md +38 -0
  343. package/agents/kyverno/kyverno-policy-review-agent/harnesses/kiro-cli.agent.json +5 -0
  344. package/agents/kyverno/kyverno-policy-review-agent/harnesses/kiro-ide.agent.md +38 -0
  345. package/agents/kyverno/kyverno-policy-review-agent/metadata.json +30 -0
  346. package/agents/oci/AGENTS.md +28 -0
  347. package/agents/oci/README.md +45 -0
  348. package/agents/oci/oci-certificates-issuer-review-agent/AGENT.md +53 -0
  349. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/claude-code.agent.md +36 -0
  350. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/codex.toml +27 -0
  351. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/copilot.agent.md +36 -0
  352. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/cursor.agent.md +36 -0
  353. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/gemini.agent.md +36 -0
  354. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/kiro-cli.agent.json +5 -0
  355. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/kiro-ide.agent.md +36 -0
  356. package/agents/oci/oci-certificates-issuer-review-agent/metadata.json +36 -0
  357. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/AGENT.md +57 -0
  358. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/PERMISSIONS.md +56 -0
  359. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/PREFLIGHT.md +48 -0
  360. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/ROLLBACK.md +50 -0
  361. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/harnesses/claude-code.agent.md +40 -0
  362. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/harnesses/codex.toml +32 -0
  363. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/harnesses/copilot.agent.md +53 -0
  364. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/harnesses/cursor.agent.md +40 -0
  365. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/harnesses/gemini.agent.md +40 -0
  366. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  367. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  368. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/metadata.json +36 -0
  369. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/AGENT.md +57 -0
  370. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/PERMISSIONS.md +77 -0
  371. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/PREFLIGHT.md +54 -0
  372. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/ROLLBACK.md +53 -0
  373. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/harnesses/claude-code.agent.md +40 -0
  374. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/harnesses/codex.toml +32 -0
  375. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/harnesses/copilot.agent.md +53 -0
  376. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/harnesses/cursor.agent.md +40 -0
  377. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/harnesses/gemini.agent.md +40 -0
  378. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  379. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  380. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/metadata.json +36 -0
  381. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/AGENT.md +57 -0
  382. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/PERMISSIONS.md +87 -0
  383. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/PREFLIGHT.md +49 -0
  384. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/ROLLBACK.md +44 -0
  385. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/harnesses/claude-code.agent.md +40 -0
  386. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/harnesses/codex.toml +32 -0
  387. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/harnesses/copilot.agent.md +53 -0
  388. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/harnesses/cursor.agent.md +40 -0
  389. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/harnesses/gemini.agent.md +40 -0
  390. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  391. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  392. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/metadata.json +36 -0
  393. package/agents/oci/oci-live-network-security-rule-guard-agent/AGENT.md +59 -0
  394. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/claude-code.agent.md +42 -0
  395. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/codex.toml +34 -0
  396. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/copilot.agent.md +55 -0
  397. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/cursor.agent.md +44 -0
  398. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/gemini.agent.md +43 -0
  399. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  400. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  401. package/agents/oci/oci-live-network-security-rule-guard-agent/metadata.json +37 -0
  402. package/agents/oci/oci-live-oke-rollout-guard-agent/AGENT.md +57 -0
  403. package/agents/oci/oci-live-oke-rollout-guard-agent/PERMISSIONS.md +92 -0
  404. package/agents/oci/oci-live-oke-rollout-guard-agent/PREFLIGHT.md +49 -0
  405. package/agents/oci/oci-live-oke-rollout-guard-agent/ROLLBACK.md +47 -0
  406. package/agents/oci/oci-live-oke-rollout-guard-agent/harnesses/claude-code.agent.md +40 -0
  407. package/agents/oci/oci-live-oke-rollout-guard-agent/harnesses/codex.toml +32 -0
  408. package/agents/oci/oci-live-oke-rollout-guard-agent/harnesses/copilot.agent.md +53 -0
  409. package/agents/oci/oci-live-oke-rollout-guard-agent/harnesses/cursor.agent.md +40 -0
  410. package/agents/oci/oci-live-oke-rollout-guard-agent/harnesses/gemini.agent.md +40 -0
  411. package/agents/oci/oci-live-oke-rollout-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  412. package/agents/oci/oci-live-oke-rollout-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  413. package/agents/oci/oci-live-oke-rollout-guard-agent/metadata.json +36 -0
  414. package/agents/oci/oci-live-resource-manager-stack-guard-agent/AGENT.md +57 -0
  415. package/agents/oci/oci-live-resource-manager-stack-guard-agent/PERMISSIONS.md +80 -0
  416. package/agents/oci/oci-live-resource-manager-stack-guard-agent/PREFLIGHT.md +51 -0
  417. package/agents/oci/oci-live-resource-manager-stack-guard-agent/ROLLBACK.md +45 -0
  418. package/agents/oci/oci-live-resource-manager-stack-guard-agent/harnesses/claude-code.agent.md +40 -0
  419. package/agents/oci/oci-live-resource-manager-stack-guard-agent/harnesses/codex.toml +32 -0
  420. package/agents/oci/oci-live-resource-manager-stack-guard-agent/harnesses/copilot.agent.md +53 -0
  421. package/agents/oci/oci-live-resource-manager-stack-guard-agent/harnesses/cursor.agent.md +40 -0
  422. package/agents/oci/oci-live-resource-manager-stack-guard-agent/harnesses/gemini.agent.md +40 -0
  423. package/agents/oci/oci-live-resource-manager-stack-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  424. package/agents/oci/oci-live-resource-manager-stack-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  425. package/agents/oci/oci-live-resource-manager-stack-guard-agent/metadata.json +36 -0
  426. package/agents/oci/oci-live-vault-key-destruction-guard-agent/AGENT.md +57 -0
  427. package/agents/oci/oci-live-vault-key-destruction-guard-agent/PERMISSIONS.md +57 -0
  428. package/agents/oci/oci-live-vault-key-destruction-guard-agent/PREFLIGHT.md +53 -0
  429. package/agents/oci/oci-live-vault-key-destruction-guard-agent/ROLLBACK.md +49 -0
  430. package/agents/oci/oci-live-vault-key-destruction-guard-agent/harnesses/claude-code.agent.md +40 -0
  431. package/agents/oci/oci-live-vault-key-destruction-guard-agent/harnesses/codex.toml +32 -0
  432. package/agents/oci/oci-live-vault-key-destruction-guard-agent/harnesses/copilot.agent.md +53 -0
  433. package/agents/oci/oci-live-vault-key-destruction-guard-agent/harnesses/cursor.agent.md +40 -0
  434. package/agents/oci/oci-live-vault-key-destruction-guard-agent/harnesses/gemini.agent.md +40 -0
  435. package/agents/oci/oci-live-vault-key-destruction-guard-agent/harnesses/kiro-cli.agent.json +1 -0
  436. package/agents/oci/oci-live-vault-key-destruction-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  437. package/agents/oci/oci-live-vault-key-destruction-guard-agent/metadata.json +36 -0
  438. package/agents/oci/oci-maestro-agent/AGENT.md +58 -0
  439. package/agents/oci/oci-maestro-agent/harnesses/claude-code.agent.md +41 -0
  440. package/agents/oci/oci-maestro-agent/harnesses/codex.toml +14 -0
  441. package/agents/oci/oci-maestro-agent/harnesses/copilot.agent.md +54 -0
  442. package/agents/oci/oci-maestro-agent/harnesses/cursor.agent.md +43 -0
  443. package/agents/oci/oci-maestro-agent/harnesses/gemini.agent.md +42 -0
  444. package/agents/oci/oci-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  445. package/agents/oci/oci-maestro-agent/harnesses/kiro-ide.agent.md +41 -0
  446. package/agents/oci/oci-maestro-agent/metadata.json +37 -0
  447. package/agents/opentelemetry/README.md +37 -0
  448. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/AGENT.md +55 -0
  449. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/claude-code.agent.md +38 -0
  450. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/codex.toml +32 -0
  451. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/copilot.agent.md +38 -0
  452. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/cursor.agent.md +38 -0
  453. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/gemini.agent.md +38 -0
  454. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/kiro-cli.agent.json +5 -0
  455. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/kiro-ide.agent.md +38 -0
  456. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/metadata.json +37 -0
  457. package/agents/prometheus/README.md +36 -0
  458. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/AGENT.md +48 -0
  459. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/claude-code.agent.md +32 -0
  460. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/codex.toml +31 -0
  461. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/copilot.agent.md +32 -0
  462. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/cursor.agent.md +32 -0
  463. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/gemini.agent.md +32 -0
  464. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/kiro-cli.agent.json +5 -0
  465. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/kiro-ide.agent.md +32 -0
  466. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/metadata.json +31 -0
  467. package/agents/sigstore/README.md +38 -0
  468. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/AGENT.md +55 -0
  469. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/claude-code.agent.md +35 -0
  470. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/codex.toml +29 -0
  471. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/copilot.agent.md +35 -0
  472. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/cursor.agent.md +35 -0
  473. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/gemini.agent.md +35 -0
  474. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/kiro-cli.agent.json +5 -0
  475. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/kiro-ide.agent.md +35 -0
  476. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/metadata.json +31 -0
  477. package/agents/terraform/README.md +29 -0
  478. package/agents/terraform/terraform-maestro-agent/AGENT.md +58 -0
  479. package/agents/terraform/terraform-maestro-agent/harnesses/claude-code.agent.md +41 -0
  480. package/agents/terraform/terraform-maestro-agent/harnesses/codex.toml +14 -0
  481. package/agents/terraform/terraform-maestro-agent/harnesses/copilot.agent.md +54 -0
  482. package/agents/terraform/terraform-maestro-agent/harnesses/cursor.agent.md +43 -0
  483. package/agents/terraform/terraform-maestro-agent/harnesses/gemini.agent.md +42 -0
  484. package/agents/terraform/terraform-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  485. package/agents/terraform/terraform-maestro-agent/harnesses/kiro-ide.agent.md +41 -0
  486. package/agents/terraform/terraform-maestro-agent/metadata.json +38 -0
  487. package/agents/terraform/terraform-reviewer/harnesses/claude-code.agent.md +29 -0
  488. package/agents/terraform/terraform-reviewer/harnesses/codex.toml +29 -0
  489. package/agents/terraform/terraform-reviewer/harnesses/copilot.agent.md +42 -0
  490. package/agents/terraform/terraform-reviewer/harnesses/cursor.agent.md +31 -0
  491. package/agents/terraform/terraform-reviewer/harnesses/gemini.agent.md +30 -0
  492. package/agents/terraform/terraform-reviewer/harnesses/kiro-cli.agent.json +5 -0
  493. package/agents/terraform/terraform-reviewer/harnesses/kiro-ide.agent.md +29 -0
  494. package/agents/terraform/terraform-reviewer/metadata.json +10 -1
  495. package/agents/velero/README.md +41 -0
  496. package/assets/logos/vanguard-frontier-agentic-logo.png +0 -0
  497. package/catalog/agents.json +1347 -27
  498. package/catalog/install-roles.json +455 -0
  499. package/catalog/skill-manifest.json +1358 -62
  500. package/catalog/skills.json +1231 -25
  501. package/package.json +11 -1
  502. package/scripts/export-marketplace-agents.mjs +129 -10
  503. package/scripts/gen_azure_live_guards.py +1424 -0
  504. package/scripts/gen_oci_live_guards.py +1510 -0
  505. package/scripts/update-catalog-new-agents.py +88 -0
  506. package/skills/argocd/README.md +30 -0
  507. package/skills/argocd/argo-rollouts-progressive-delivery-review/SKILL.md +40 -0
  508. package/skills/argocd/argo-rollouts-progressive-delivery-review/metadata.json +22 -0
  509. package/skills/argocd/argo-rollouts-progressive-delivery-review/references/workflow-and-output.md +248 -0
  510. package/skills/argocd/argocd-gitops-review/SKILL.md +43 -0
  511. package/skills/argocd/argocd-gitops-review/metadata.json +30 -0
  512. package/skills/argocd/argocd-gitops-review/references/mcp-and-evidence.md +53 -0
  513. package/skills/argocd/argocd-gitops-review/references/official-sources.md +32 -0
  514. package/skills/argocd/argocd-gitops-review/references/workflow-and-output.md +120 -0
  515. package/skills/aws/README.md +3 -1
  516. package/skills/aws/aws-maestro/SKILL.md +47 -0
  517. package/skills/aws/aws-maestro/metadata.json +28 -0
  518. package/skills/aws/aws-maestro/references/official-sources.md +24 -0
  519. package/skills/aws/aws-maestro/references/safety-checklist.md +42 -0
  520. package/skills/aws/aws-maestro/references/workflow-and-output.md +129 -0
  521. package/skills/aws/aws-private-ca-issuer-review/SKILL.md +39 -0
  522. package/skills/aws/aws-private-ca-issuer-review/metadata.json +21 -0
  523. package/skills/aws/aws-private-ca-issuer-review/references/official-sources.md +22 -0
  524. package/skills/aws/aws-private-ca-issuer-review/references/safety-checklist.md +30 -0
  525. package/skills/aws/aws-private-ca-issuer-review/references/workflow-and-output.md +214 -0
  526. package/skills/azure/README.md +3 -1
  527. package/skills/azure/azure-keyvault-certificate-issuer-review/SKILL.md +37 -0
  528. package/skills/azure/azure-keyvault-certificate-issuer-review/metadata.json +20 -0
  529. package/skills/azure/azure-keyvault-certificate-issuer-review/references/workflow-and-output.md +190 -0
  530. package/skills/azure/azure-live-aks-rollout-guard/SKILL.md +49 -0
  531. package/skills/azure/azure-live-aks-rollout-guard/metadata.json +27 -0
  532. package/skills/azure/azure-live-aks-rollout-guard/references/official-sources.md +19 -0
  533. package/skills/azure/azure-live-aks-rollout-guard/references/permission-model.md +54 -0
  534. package/skills/azure/azure-live-aks-rollout-guard/references/preflight-commands.md +55 -0
  535. package/skills/azure/azure-live-aks-rollout-guard/references/rollback-playbook.md +38 -0
  536. package/skills/azure/azure-live-app-service-slot-swap-guard/SKILL.md +49 -0
  537. package/skills/azure/azure-live-app-service-slot-swap-guard/metadata.json +26 -0
  538. package/skills/azure/azure-live-app-service-slot-swap-guard/references/official-sources.md +12 -0
  539. package/skills/azure/azure-live-app-service-slot-swap-guard/references/permission-model.md +40 -0
  540. package/skills/azure/azure-live-app-service-slot-swap-guard/references/preflight-commands.md +46 -0
  541. package/skills/azure/azure-live-app-service-slot-swap-guard/references/rollback-playbook.md +46 -0
  542. package/skills/azure/azure-live-arm-deployment-stack-guard/SKILL.md +49 -0
  543. package/skills/azure/azure-live-arm-deployment-stack-guard/metadata.json +27 -0
  544. package/skills/azure/azure-live-arm-deployment-stack-guard/references/official-sources.md +17 -0
  545. package/skills/azure/azure-live-arm-deployment-stack-guard/references/permission-model.md +68 -0
  546. package/skills/azure/azure-live-arm-deployment-stack-guard/references/preflight-commands.md +55 -0
  547. package/skills/azure/azure-live-arm-deployment-stack-guard/references/rollback-playbook.md +53 -0
  548. package/skills/azure/azure-live-cost-budget-action-guard/SKILL.md +49 -0
  549. package/skills/azure/azure-live-cost-budget-action-guard/metadata.json +27 -0
  550. package/skills/azure/azure-live-cost-budget-action-guard/references/official-sources.md +17 -0
  551. package/skills/azure/azure-live-cost-budget-action-guard/references/permission-model.md +66 -0
  552. package/skills/azure/azure-live-cost-budget-action-guard/references/preflight-commands.md +48 -0
  553. package/skills/azure/azure-live-cost-budget-action-guard/references/rollback-playbook.md +40 -0
  554. package/skills/azure/azure-live-entra-role-assignment-guard/SKILL.md +56 -0
  555. package/skills/azure/azure-live-entra-role-assignment-guard/metadata.json +28 -0
  556. package/skills/azure/azure-live-entra-role-assignment-guard/references/official-sources.md +21 -0
  557. package/skills/azure/azure-live-entra-role-assignment-guard/references/permission-model.md +70 -0
  558. package/skills/azure/azure-live-entra-role-assignment-guard/references/preflight-commands.md +69 -0
  559. package/skills/azure/azure-live-entra-role-assignment-guard/references/rollback-playbook.md +51 -0
  560. package/skills/azure/azure-live-keyvault-rotation-purge-guard/SKILL.md +49 -0
  561. package/skills/azure/azure-live-keyvault-rotation-purge-guard/metadata.json +27 -0
  562. package/skills/azure/azure-live-keyvault-rotation-purge-guard/references/official-sources.md +13 -0
  563. package/skills/azure/azure-live-keyvault-rotation-purge-guard/references/permission-model.md +64 -0
  564. package/skills/azure/azure-live-keyvault-rotation-purge-guard/references/preflight-commands.md +48 -0
  565. package/skills/azure/azure-live-keyvault-rotation-purge-guard/references/rollback-playbook.md +44 -0
  566. package/skills/azure/azure-live-pim-jit-activation-guard/SKILL.md +49 -0
  567. package/skills/azure/azure-live-pim-jit-activation-guard/metadata.json +27 -0
  568. package/skills/azure/azure-live-pim-jit-activation-guard/references/official-sources.md +13 -0
  569. package/skills/azure/azure-live-pim-jit-activation-guard/references/permission-model.md +56 -0
  570. package/skills/azure/azure-live-pim-jit-activation-guard/references/preflight-commands.md +46 -0
  571. package/skills/azure/azure-live-pim-jit-activation-guard/references/rollback-playbook.md +45 -0
  572. package/skills/azure/azure-maestro/SKILL.md +140 -0
  573. package/skills/azure/azure-maestro/metadata.json +28 -0
  574. package/skills/backstage/backstage-scaffolder-template-review/SKILL.md +39 -0
  575. package/skills/backstage/backstage-scaffolder-template-review/metadata.json +21 -0
  576. package/skills/backstage/backstage-scaffolder-template-review/references/workflow-and-output.md +179 -0
  577. package/skills/cert-manager/cert-manager-issuer-trust-review/SKILL.md +40 -0
  578. package/skills/cert-manager/cert-manager-issuer-trust-review/metadata.json +22 -0
  579. package/skills/cert-manager/cert-manager-issuer-trust-review/references/workflow-and-output.md +222 -0
  580. package/skills/cilium/README.md +30 -0
  581. package/skills/cilium/cilium-network-policy-review/SKILL.md +43 -0
  582. package/skills/cilium/cilium-network-policy-review/metadata.json +30 -0
  583. package/skills/cilium/cilium-network-policy-review/references/mcp-and-evidence.md +52 -0
  584. package/skills/cilium/cilium-network-policy-review/references/official-sources.md +30 -0
  585. package/skills/cilium/cilium-network-policy-review/references/workflow-and-output.md +130 -0
  586. package/skills/falco/falco-runtime-threat-rules-review/SKILL.md +37 -0
  587. package/skills/falco/falco-runtime-threat-rules-review/metadata.json +22 -0
  588. package/skills/falco/falco-runtime-threat-rules-review/references/workflow-and-output.md +249 -0
  589. package/skills/finops/README.md +30 -0
  590. package/skills/finops/finops-cloud-price-advisor/SKILL.md +60 -0
  591. package/skills/finops/finops-cloud-price-advisor/metadata.json +26 -0
  592. package/skills/finops/finops-cloud-price-advisor/references/currency-handling.md +100 -0
  593. package/skills/finops/finops-cloud-price-advisor/references/estimation-workflow.md +145 -0
  594. package/skills/finops/finops-cloud-price-advisor/references/official-sources.md +64 -0
  595. package/skills/finops/finops-cloud-price-advisor/references/pricing-apis.md +271 -0
  596. package/skills/fluxcd/fluxcd-kustomization-helmrelease-review/SKILL.md +40 -0
  597. package/skills/fluxcd/fluxcd-kustomization-helmrelease-review/metadata.json +22 -0
  598. package/skills/fluxcd/fluxcd-kustomization-helmrelease-review/references/workflow-and-output.md +243 -0
  599. package/skills/istio/README.md +28 -0
  600. package/skills/istio/istio-ambient-mesh-review/SKILL.md +43 -0
  601. package/skills/istio/istio-ambient-mesh-review/metadata.json +30 -0
  602. package/skills/istio/istio-ambient-mesh-review/references/mcp-and-evidence.md +59 -0
  603. package/skills/istio/istio-ambient-mesh-review/references/official-sources.md +32 -0
  604. package/skills/istio/istio-ambient-mesh-review/references/workflow-and-output.md +128 -0
  605. package/skills/kubernetes/README.md +30 -0
  606. package/skills/kubernetes/external-secrets-operator-review/SKILL.md +37 -0
  607. package/skills/kubernetes/external-secrets-operator-review/metadata.json +22 -0
  608. package/skills/kubernetes/external-secrets-operator-review/references/workflow-and-output.md +280 -0
  609. package/skills/kubernetes/kubecost-chargeback-allocation-review/SKILL.md +40 -0
  610. package/skills/kubernetes/kubecost-chargeback-allocation-review/metadata.json +22 -0
  611. package/skills/kubernetes/kubecost-chargeback-allocation-review/references/workflow-and-output.md +215 -0
  612. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/SKILL.md +57 -0
  613. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/metadata.json +27 -0
  614. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/official-sources.md +18 -0
  615. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/permission-model.md +78 -0
  616. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/preflight-commands.md +81 -0
  617. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/rollback-playbook.md +61 -0
  618. package/skills/kubernetes/kubernetes-maestro/SKILL.md +45 -0
  619. package/skills/kubernetes/kubernetes-maestro/metadata.json +24 -0
  620. package/skills/kubernetes/kubernetes-maestro/references/safety-checklist.md +78 -0
  621. package/skills/kubernetes/kubernetes-maestro/references/workflow-and-output.md +206 -0
  622. package/skills/kubernetes/kubernetes-pod-security-admission-review/SKILL.md +43 -0
  623. package/skills/kubernetes/kubernetes-pod-security-admission-review/metadata.json +28 -0
  624. package/skills/kubernetes/kubernetes-pod-security-admission-review/references/mcp-and-evidence.md +49 -0
  625. package/skills/kubernetes/kubernetes-pod-security-admission-review/references/official-sources.md +26 -0
  626. package/skills/kubernetes/kubernetes-pod-security-admission-review/references/workflow-and-output.md +129 -0
  627. package/skills/kubernetes/kubernetes-pod-spec-review/SKILL.md +38 -0
  628. package/skills/kubernetes/kubernetes-pod-spec-review/metadata.json +22 -0
  629. package/skills/kubernetes/kubernetes-pod-spec-review/references/workflow-and-output.md +229 -0
  630. package/skills/kubernetes/kubernetes-rbac-review/SKILL.md +38 -0
  631. package/skills/kubernetes/kubernetes-rbac-review/metadata.json +27 -0
  632. package/skills/kubernetes/kubernetes-rbac-review/references/mcp-and-evidence.md +34 -0
  633. package/skills/kubernetes/kubernetes-rbac-review/references/official-sources.md +22 -0
  634. package/skills/kubernetes/kubernetes-rbac-review/references/workflow-and-output.md +44 -0
  635. package/skills/kubernetes/kubernetes-workload-identity-review/SKILL.md +43 -0
  636. package/skills/kubernetes/kubernetes-workload-identity-review/metadata.json +29 -0
  637. package/skills/kubernetes/kubernetes-workload-identity-review/references/mcp-and-evidence.md +57 -0
  638. package/skills/kubernetes/kubernetes-workload-identity-review/references/official-sources.md +47 -0
  639. package/skills/kubernetes/kubernetes-workload-identity-review/references/workflow-and-output.md +166 -0
  640. package/skills/kyverno/README.md +30 -0
  641. package/skills/kyverno/kyverno-policy-review/SKILL.md +43 -0
  642. package/skills/kyverno/kyverno-policy-review/metadata.json +30 -0
  643. package/skills/kyverno/kyverno-policy-review/references/mcp-and-evidence.md +49 -0
  644. package/skills/kyverno/kyverno-policy-review/references/official-sources.md +31 -0
  645. package/skills/kyverno/kyverno-policy-review/references/workflow-and-output.md +106 -0
  646. package/skills/oci/README.md +63 -0
  647. package/skills/oci/oci-certificates-issuer-review/SKILL.md +37 -0
  648. package/skills/oci/oci-certificates-issuer-review/metadata.json +20 -0
  649. package/skills/oci/oci-certificates-issuer-review/references/workflow-and-output.md +207 -0
  650. package/skills/oci/oci-live-autonomous-db-lifecycle-guard/SKILL.md +49 -0
  651. package/skills/oci/oci-live-autonomous-db-lifecycle-guard/metadata.json +27 -0
  652. package/skills/oci/oci-live-autonomous-db-lifecycle-guard/references/official-sources.md +13 -0
  653. package/skills/oci/oci-live-autonomous-db-lifecycle-guard/references/permission-model.md +49 -0
  654. package/skills/oci/oci-live-autonomous-db-lifecycle-guard/references/preflight-commands.md +58 -0
  655. package/skills/oci/oci-live-autonomous-db-lifecycle-guard/references/rollback-playbook.md +44 -0
  656. package/skills/oci/oci-live-cost-budget-runaway-guard/SKILL.md +49 -0
  657. package/skills/oci/oci-live-cost-budget-runaway-guard/metadata.json +27 -0
  658. package/skills/oci/oci-live-cost-budget-runaway-guard/references/official-sources.md +17 -0
  659. package/skills/oci/oci-live-cost-budget-runaway-guard/references/permission-model.md +59 -0
  660. package/skills/oci/oci-live-cost-budget-runaway-guard/references/preflight-commands.md +42 -0
  661. package/skills/oci/oci-live-cost-budget-runaway-guard/references/rollback-playbook.md +44 -0
  662. package/skills/oci/oci-live-iam-policy-compartment-guard/SKILL.md +49 -0
  663. package/skills/oci/oci-live-iam-policy-compartment-guard/metadata.json +27 -0
  664. package/skills/oci/oci-live-iam-policy-compartment-guard/references/official-sources.md +13 -0
  665. package/skills/oci/oci-live-iam-policy-compartment-guard/references/permission-model.md +71 -0
  666. package/skills/oci/oci-live-iam-policy-compartment-guard/references/preflight-commands.md +49 -0
  667. package/skills/oci/oci-live-iam-policy-compartment-guard/references/rollback-playbook.md +62 -0
  668. package/skills/oci/oci-live-network-security-rule-guard/SKILL.md +57 -0
  669. package/skills/oci/oci-live-network-security-rule-guard/metadata.json +28 -0
  670. package/skills/oci/oci-live-network-security-rule-guard/references/official-sources.md +21 -0
  671. package/skills/oci/oci-live-network-security-rule-guard/references/permission-model.md +65 -0
  672. package/skills/oci/oci-live-network-security-rule-guard/references/preflight-commands.md +69 -0
  673. package/skills/oci/oci-live-network-security-rule-guard/references/rollback-playbook.md +79 -0
  674. package/skills/oci/oci-live-oke-rollout-guard/SKILL.md +49 -0
  675. package/skills/oci/oci-live-oke-rollout-guard/metadata.json +27 -0
  676. package/skills/oci/oci-live-oke-rollout-guard/references/official-sources.md +18 -0
  677. package/skills/oci/oci-live-oke-rollout-guard/references/permission-model.md +80 -0
  678. package/skills/oci/oci-live-oke-rollout-guard/references/preflight-commands.md +55 -0
  679. package/skills/oci/oci-live-oke-rollout-guard/references/rollback-playbook.md +45 -0
  680. package/skills/oci/oci-live-resource-manager-stack-guard/SKILL.md +49 -0
  681. package/skills/oci/oci-live-resource-manager-stack-guard/metadata.json +27 -0
  682. package/skills/oci/oci-live-resource-manager-stack-guard/references/official-sources.md +12 -0
  683. package/skills/oci/oci-live-resource-manager-stack-guard/references/permission-model.md +70 -0
  684. package/skills/oci/oci-live-resource-manager-stack-guard/references/preflight-commands.md +57 -0
  685. package/skills/oci/oci-live-resource-manager-stack-guard/references/rollback-playbook.md +51 -0
  686. package/skills/oci/oci-live-vault-key-destruction-guard/SKILL.md +49 -0
  687. package/skills/oci/oci-live-vault-key-destruction-guard/metadata.json +27 -0
  688. package/skills/oci/oci-live-vault-key-destruction-guard/references/official-sources.md +13 -0
  689. package/skills/oci/oci-live-vault-key-destruction-guard/references/permission-model.md +55 -0
  690. package/skills/oci/oci-live-vault-key-destruction-guard/references/preflight-commands.md +62 -0
  691. package/skills/oci/oci-live-vault-key-destruction-guard/references/rollback-playbook.md +55 -0
  692. package/skills/oci/oci-maestro/SKILL.md +163 -0
  693. package/skills/oci/oci-maestro/metadata.json +27 -0
  694. package/skills/opentelemetry/README.md +31 -0
  695. package/skills/opentelemetry/opentelemetry-collector-config-review/SKILL.md +44 -0
  696. package/skills/opentelemetry/opentelemetry-collector-config-review/metadata.json +30 -0
  697. package/skills/opentelemetry/opentelemetry-collector-config-review/references/mcp-and-evidence.md +49 -0
  698. package/skills/opentelemetry/opentelemetry-collector-config-review/references/official-sources.md +31 -0
  699. package/skills/opentelemetry/opentelemetry-collector-config-review/references/workflow-and-output.md +155 -0
  700. package/skills/prometheus/prometheus-alerting-cardinality-review/SKILL.md +38 -0
  701. package/skills/prometheus/prometheus-alerting-cardinality-review/metadata.json +22 -0
  702. package/skills/prometheus/prometheus-alerting-cardinality-review/references/workflow-and-output.md +221 -0
  703. package/skills/sigstore/sigstore-cosign-supply-chain-review/SKILL.md +39 -0
  704. package/skills/sigstore/sigstore-cosign-supply-chain-review/metadata.json +22 -0
  705. package/skills/sigstore/sigstore-cosign-supply-chain-review/references/workflow-and-output.md +196 -0
  706. package/skills/terraform/README.md +29 -0
  707. package/skills/terraform/terraform-maestro/SKILL.md +123 -0
  708. package/skills/terraform/terraform-maestro/metadata.json +30 -0
  709. package/skills/terraform/terraform-maestro/references/official-sources.md +59 -0
  710. package/skills/terraform/terraform-maestro/references/safety-checklist.md +53 -0
  711. package/skills/terraform/terraform-maestro/references/workflow-and-output.md +108 -0
  712. package/skills/velero/velero-backup-restore-guard/SKILL.md +41 -0
  713. package/skills/velero/velero-backup-restore-guard/metadata.json +21 -0
  714. package/skills/velero/velero-backup-restore-guard/references/safety-checklist.md +40 -0
  715. package/skills/velero/velero-backup-restore-guard/references/workflow-and-output.md +202 -0
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/AGENT.md ADDED
@@ -0,0 +1,57 @@
1
+ ---
2
+ metadata:
3
+ author: "github: Raishin"
4
+ version: "0.1.0"
5
+ ---
6
+
7
+ # Azure Live ARM Deployment Stack Guard
8
+
9
+ > Agent for `azure-live-arm-deployment-stack-guard`. Guard ARM template and Deployment Stack changes with what-if evidence, denySettings review, and explicit approval before execute.
10
+
11
+ ## Harness Variants
12
+
13
+ - `harnesses/codex.toml` — Codex native agent configuration.
14
+ - `harnesses/copilot.agent.md` — GitHub Copilot / VS Code custom agent definition.
15
+ - `harnesses/claude-code.agent.md` — Claude Code Markdown-family adapter.
16
+ - `harnesses/cursor.agent.md` — Cursor Markdown-family adapter.
17
+ - `harnesses/gemini.agent.md` — Gemini CLI Markdown-family adapter.
18
+ - `harnesses/kiro-ide.agent.md` — Kiro IDE Markdown-family adapter.
19
+ - `harnesses/kiro-cli.agent.json` — Kiro CLI JSON adapter.
20
+
21
+ ## Canonical Contract
22
+
23
+ # Azure Live ARM Deployment Stack Guard
24
+
25
+ Use this canonical agent only for `azure-live-arm-deployment-stack-guard` work.
26
+
27
+ ## Required Skill
28
+
29
+ Before answering, read and follow:
30
+
31
+ - `skills/azure/azure-live-arm-deployment-stack-guard/SKILL.md`
32
+
33
+ Load files under `skills/azure/azure-live-arm-deployment-stack-guard/references/` only when the task needs that reference. Do not dump reference text into the response.
34
+
35
+ ## Focus
36
+
37
+ Guard ARM/Bicep and Deployment Stack changes with `--what-if` evidence, `denySettings` audit, and explicit approval before any ARM execute.
38
+
39
+ ## Operating Rules
40
+
41
+ - Load and follow the bound Azure skill first; do not drift into generic cloud advice.
42
+ - This role is for repos or sessions that may be connected to live Azure credentials, CLI profiles, or real environments.
43
+ - Before any live Azure mutation, confirm subscription, resource group, active principal, exact target resource, expected impact, and explicit human approval.
44
+ - Prefer what-if, dry-run, preview, describe, status, plan, and rollback evidence before mutation.
45
+ - If the target, approval state, or rollback posture is ambiguous, stop and say so.
46
+ - Keep outputs short: target, approval status, evidence, action, rollback, verification, open risks.
47
+ - Never ask for secrets, credentials, access tokens, private keys, or raw environment dumps unless already sanitized and required.
48
+
49
+ ## Response Shape
50
+
51
+ 1. Target subscription, resource group, and active principal (az account show evidence)
52
+ 2. What-if diff output or deployment preview evidence
53
+ 3. denySettings posture and existing denyAssignments on target scope
54
+ 4. Approval status and change justification
55
+ 5. Proposed or executed ARM/Stack action
56
+ 6. Rollback posture (previous template ref or detach plan)
57
+ 7. Post-deploy verification steps and open risks
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/PERMISSIONS.md ADDED
@@ -0,0 +1,88 @@
1
+ # Permissions: Azure Live ARM Deployment Stack Guard
2
+
3
+ # Least-privilege RBAC guidance
4
+
5
+ ## Identity model preference
6
+
7
+ 1. PIM-eligible Contributor scoped to **target resource group only** — activated JIT for deploy windows
8
+ 2. Service principal with scoped Contributor for CI/CD pipelines — no standing access
9
+ 3. Do not use subscription-level Owner or Contributor for routine deployments
10
+
11
+ ## Required Microsoft.* actions
12
+
13
+ What-if and Deployment Stacks share the same permission boundary. There is no read-only what-if role;
14
+ the operator must hold write permissions on the resources being deployed.
15
+
16
+ ```json
17
+ {
18
+ "Name": "ARM Deployment Stack Guard",
19
+ "IsCustom": true,
20
+ "Description": "Minimum rights for guarded ARM what-if and Deployment Stack changes in one target resource group. Stack deletion is EXCLUDED — it requires a separate PIM-elevated role.",
21
+ "Actions": [
22
+ "Microsoft.Resources/deployments/read",
23
+ "Microsoft.Resources/deployments/write",
24
+ "Microsoft.Resources/deployments/whatIf/action",
25
+ "Microsoft.Resources/deploymentStacks/read",
26
+ "Microsoft.Resources/deploymentStacks/write",
27
+ "Microsoft.Resources/subscriptions/resourceGroups/read"
28
+ ],
29
+ "NotActions": [
30
+ "Microsoft.Resources/deploymentStacks/delete"
31
+ ],
32
+ "DataActions": [],
33
+ "NotDataActions": [],
34
+ "AssignableScopes": [
35
+ "/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<TARGET_RG>"
36
+ ]
37
+ }
38
+ ```
39
+
40
+ `deploymentStacks/delete` is in `NotActions` above. Stack deletion requires a **separate
41
+ PIM-eligible role** (see below) activated only for confirmed decommission windows.
42
+
43
+ ### PIM-elevated delete role (activate only for planned decommission)
44
+
45
+ ```json
46
+ {
47
+ "Name": "ARM Deployment Stack Delete (PIM)",
48
+ "IsCustom": true,
49
+ "Description": "Stack deletion only. Must be PIM-activated with approval and time-bound to a decommission window.",
50
+ "Actions": [
51
+ "Microsoft.Resources/deploymentStacks/read",
52
+ "Microsoft.Resources/deploymentStacks/delete"
53
+ ],
54
+ "NotActions": [],
55
+ "AssignableScopes": [
56
+ "/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<TARGET_RG>"
57
+ ]
58
+ }
59
+ ```
60
+
61
+ Assign this role as **PIM-eligible** (not permanent active). Require manager approval
62
+ and a maximum 2-hour activation window. Never combine with `deploymentStacks/write` in
63
+ the same PIM activation unless you are replacing a stack.
64
+
65
+ For each resource type touched by the template, add the matching write action, e.g.
66
+ `Microsoft.Compute/virtualMachines/write` for VMs. This is unavoidable — what-if requires it.
67
+
68
+ ## Deployment Stacks denySettings
69
+
70
+ Recommended default for production stacks:
71
+
72
+ ```bash
73
+ az deployment-stack group create \
74
+ --deny-settings-mode denyDelete \
75
+ --deny-settings-apply-to-child-scopes \
76
+ ...
77
+ ```
78
+
79
+ `denyDelete` generates a platform-enforced `denyAssignment` on all managed resources.
80
+ `denyWriteAndDelete` is stricter — use for compliance-mandated immutable resources.
81
+
82
+ ## Do not assign
83
+
84
+ - `Owner` at subscription scope
85
+ - `Contributor` at management-group scope
86
+ - Broad `Microsoft.Resources/*` wildcards
87
+ - `Microsoft.Authorization/roleAssignments/write` (privilege escalation risk)
88
+
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/PREFLIGHT.md ADDED
@@ -0,0 +1,48 @@
1
+ # ARM Deployment Stack — Preflight Commands
2
+
3
+ Run all of these before executing any live ARM or Deployment Stack change.
4
+
5
+ ## 1. Confirm identity and active subscription
6
+
7
+ ```bash
8
+ az account show --query "{sub:id, tenant:tenantId, user:user.name, env:environmentName}"
9
+ ```
10
+
11
+ ## 2. What-if on ARM / Bicep template
12
+
13
+ ```bash
14
+ az deployment group what-if \
15
+ --resource-group <TARGET_RG> \
16
+ --template-file main.bicep \
17
+ --parameters @params.prod.json \
18
+ --result-format FullResourcePayloads
19
+ ```
20
+
21
+ Stop if what-if shows unexpected deletions or replacements. Deletions require separate approval.
22
+
23
+ ## 3. Inspect current Deployment Stack state
24
+
25
+ ```bash
26
+ az deployment-stack group show \
27
+ --name <STACK_NAME> \
28
+ --resource-group <TARGET_RG> \
29
+ --query "{state:provisioningState, denySettings:denySettings, resourceCount:length(resources)}"
30
+ ```
31
+
32
+ ## 4. Review deny assignments on target scope
33
+
34
+ ```bash
35
+ az role assignment list \
36
+ --resource-group <TARGET_RG> \
37
+ --include-deny \
38
+ --query "[?type=='Microsoft.Authorization/denyAssignments'].{name:name,actions:denyAssignmentPermissions[0].actions}"
39
+ ```
40
+
41
+ ## 5. Validate template syntax
42
+
43
+ ```bash
44
+ az deployment group validate \
45
+ --resource-group <TARGET_RG> \
46
+ --template-file main.bicep \
47
+ --parameters @params.prod.json
48
+ ```
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/ROLLBACK.md ADDED
@@ -0,0 +1,48 @@
1
+ # ARM Deployment Stack — Rollback Playbook
2
+
3
+ ## Option 1: Re-deploy previous known-good template (incremental)
4
+
5
+ ```bash
6
+ az deployment group create \
7
+ --resource-group <TARGET_RG> \
8
+ --template-file main.prev.bicep \
9
+ --parameters @params.prod.prev.json \
10
+ --mode Incremental \
11
+ --name "rollback-$(date +%Y%m%dT%H%M%S)"
12
+ ```
13
+
14
+ ## Option 2: Detach stack management without deleting resources
15
+
16
+ ```bash
17
+ az deployment-stack group delete \
18
+ --name <STACK_NAME> \
19
+ --resource-group <TARGET_RG> \
20
+ --action-on-unmanage detachAll \
21
+ --yes
22
+ ```
23
+
24
+ Use when the stack definition is wrong but the deployed resources are still healthy.
25
+
26
+ ## Option 3: Full stack deletion (nuclear — bypass denySettings first)
27
+
28
+ ```bash
29
+ # REQUIRES: denySettings override or prior denyDelete removal
30
+ az deployment-stack group delete \
31
+ --name <STACK_NAME> \
32
+ --resource-group <TARGET_RG> \
33
+ --action-on-unmanage deleteAll \
34
+ --bypass-stack-out-of-sync-error \
35
+ --yes
36
+ ```
37
+
38
+ WARNING: If `denySettings.mode = denyDelete`, this command fails by design.
39
+ That failure is correct behavior — escalate to a Principal with deny-assignment write rights.
40
+
41
+ ## Verify
42
+
43
+ ```bash
44
+ az deployment group show \
45
+ --resource-group <TARGET_RG> \
46
+ --name <DEPLOYMENT_NAME> \
47
+ --query "{state:properties.provisioningState, timestamp:properties.timestamp}"
48
+ ```
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/claude-code.agent.md ADDED
@@ -0,0 +1,40 @@
1
+ ---
2
+ name: "Azure Live ARM Deployment Stack Guard"
3
+ description: "Guard ARM template and Deployment Stack changes with what-if evidence, denySettings review, and explicit approval before execute."
4
+ ---
5
+
6
+ # Azure Live ARM Deployment Stack Guard
7
+
8
+ Use this canonical agent only for `azure-live-arm-deployment-stack-guard` work.
9
+
10
+ ## Required Skill
11
+
12
+ Before answering, read and follow:
13
+
14
+ - `skills/azure/azure-live-arm-deployment-stack-guard/SKILL.md`
15
+
16
+ Load files under `skills/azure/azure-live-arm-deployment-stack-guard/references/` only when the task needs that reference. Do not dump reference text into the response.
17
+
18
+ ## Focus
19
+
20
+ Guard ARM/Bicep and Deployment Stack changes with `--what-if` evidence, `denySettings` audit, and explicit approval before any ARM execute.
21
+
22
+ ## Operating Rules
23
+
24
+ - Load and follow the bound Azure skill first; do not drift into generic cloud advice.
25
+ - This role is for repos or sessions that may be connected to live Azure credentials, CLI profiles, or real environments.
26
+ - Before any live Azure mutation, confirm subscription, resource group, active principal, exact target resource, expected impact, and explicit human approval.
27
+ - Prefer what-if, dry-run, preview, describe, status, plan, and rollback evidence before mutation.
28
+ - If the target, approval state, or rollback posture is ambiguous, stop and say so.
29
+ - Keep outputs short: target, approval status, evidence, action, rollback, verification, open risks.
30
+ - Never ask for secrets, credentials, access tokens, private keys, or raw environment dumps unless already sanitized and required.
31
+
32
+ ## Response Shape
33
+
34
+ 1. Target subscription, resource group, and active principal (az account show evidence)
35
+ 2. What-if diff output or deployment preview evidence
36
+ 3. denySettings posture and existing denyAssignments on target scope
37
+ 4. Approval status and change justification
38
+ 5. Proposed or executed ARM/Stack action
39
+ 6. Rollback posture (previous template ref or detach plan)
40
+ 7. Post-deploy verification steps and open risks
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/codex.toml ADDED
@@ -0,0 +1,32 @@
1
+ name = "azure-live-arm-deployment-stack-guard_agent"
2
+ description = "Specialized subagent for azure-live-arm-deployment-stack-guard. Guard ARM template and Deployment Stack changes with what-if evidence, denySettings review, and explicit approval before execute."
3
+ model = "gpt-5.4"
4
+ model_reasoning_effort = "high"
5
+ sandbox_mode = "workspace-write"
6
+
7
+ developer_instructions = """
8
+ Load and follow the bound `azure-live-arm-deployment-stack-guard` skill first. This agent exists only for that guarded live-Azure role; do not drift into generic cloud advice.
9
+
10
+ Token discipline:
11
+ - Read only SKILL.md first; load references only when the task requires them.
12
+ - Keep answers compact: target, approval status, evidence, action, rollback, verification, open risks.
13
+ - Do not paste long docs, raw tool inventories, raw credential output, or full environment dumps.
14
+
15
+ Role focus: Guard ARM/Bicep and Deployment Stack changes with `--what-if` evidence, `denySettings` audit, and explicit approval before any ARM execute.
16
+
17
+ Safety contract:
18
+ - Load and follow the bound Azure skill first; do not drift into generic cloud advice.
19
+ - This role is for repos or sessions that may be connected to live Azure credentials, CLI profiles, or real environments.
20
+ - Before any live Azure mutation, confirm subscription, resource group, active principal, exact target, expected impact, and explicit human approval.
21
+ - Prefer what-if, dry-run, preview, describe, status, plan, and rollback evidence before mutation.
22
+ - If approval, identity, target, or rollback posture is ambiguous, stop and explain the blocker.
23
+ - Never ask for secrets, credentials, access tokens, account numbers, private keys, or raw environment dumps unless already sanitized and required.
24
+ - Label facts as live evidence, user-provided sanitized evidence, documentation-based, or inference.
25
+ """
26
+
27
+ [[skills.config]]
28
+ path = "skills/azure/azure-live-arm-deployment-stack-guard/SKILL.md"
29
+ enabled = true
30
+
31
+ [metadata]
32
+ author = "github: Raishin"
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/copilot.agent.md ADDED
@@ -0,0 +1,53 @@
1
+ ---
2
+ description: "Guard ARM template and Deployment Stack changes with what-if evidence, denySettings review, and explicit approval before execute."
3
+ name: "Azure Live ARM Deployment Stack Guard"
4
+ tools:
5
+ - "read"
6
+ - "search"
7
+ - "search/codebase"
8
+ - "web/githubRepo"
9
+ - "web/fetch"
10
+ - "read/problems"
11
+ - "execute/runInTerminal"
12
+ - "execute/getTerminalOutput"
13
+ - "read/terminalLastCommand"
14
+ - "read/terminalSelection"
15
+ disable-model-invocation: false
16
+ user-invocable: true
17
+ ---
18
+
19
+ # Azure Live ARM Deployment Stack Guard
20
+
21
+ Use this canonical agent only for `azure-live-arm-deployment-stack-guard` work.
22
+
23
+ ## Required Skill
24
+
25
+ Before answering, read and follow:
26
+
27
+ - `skills/azure/azure-live-arm-deployment-stack-guard/SKILL.md`
28
+
29
+ Load files under `skills/azure/azure-live-arm-deployment-stack-guard/references/` only when the task needs that reference. Do not dump reference text into the response.
30
+
31
+ ## Focus
32
+
33
+ Guard ARM/Bicep and Deployment Stack changes with `--what-if` evidence, `denySettings` audit, and explicit approval before any ARM execute.
34
+
35
+ ## Operating Rules
36
+
37
+ - Load and follow the bound Azure skill first; do not drift into generic cloud advice.
38
+ - This role is for repos or sessions that may be connected to live Azure credentials, CLI profiles, or real environments.
39
+ - Before any live Azure mutation, confirm subscription, resource group, active principal, exact target resource, expected impact, and explicit human approval.
40
+ - Prefer what-if, dry-run, preview, describe, status, plan, and rollback evidence before mutation.
41
+ - If the target, approval state, or rollback posture is ambiguous, stop and say so.
42
+ - Keep outputs short: target, approval status, evidence, action, rollback, verification, open risks.
43
+ - Never ask for secrets, credentials, access tokens, private keys, or raw environment dumps unless already sanitized and required.
44
+
45
+ ## Response Shape
46
+
47
+ 1. Target subscription, resource group, and active principal (az account show evidence)
48
+ 2. What-if diff output or deployment preview evidence
49
+ 3. denySettings posture and existing denyAssignments on target scope
50
+ 4. Approval status and change justification
51
+ 5. Proposed or executed ARM/Stack action
52
+ 6. Rollback posture (previous template ref or detach plan)
53
+ 7. Post-deploy verification steps and open risks
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/cursor.agent.md ADDED
@@ -0,0 +1,40 @@
1
+ ---
2
+ name: "Azure Live ARM Deployment Stack Guard"
3
+ description: "Guard ARM template and Deployment Stack changes with what-if evidence, denySettings review, and explicit approval before execute."
4
+ ---
5
+
6
+ # Azure Live ARM Deployment Stack Guard
7
+
8
+ Use this canonical agent only for `azure-live-arm-deployment-stack-guard` work.
9
+
10
+ ## Required Skill
11
+
12
+ Before answering, read and follow:
13
+
14
+ - `skills/azure/azure-live-arm-deployment-stack-guard/SKILL.md`
15
+
16
+ Load files under `skills/azure/azure-live-arm-deployment-stack-guard/references/` only when the task needs that reference. Do not dump reference text into the response.
17
+
18
+ ## Focus
19
+
20
+ Guard ARM/Bicep and Deployment Stack changes with `--what-if` evidence, `denySettings` audit, and explicit approval before any ARM execute.
21
+
22
+ ## Operating Rules
23
+
24
+ - Load and follow the bound Azure skill first; do not drift into generic cloud advice.
25
+ - This role is for repos or sessions that may be connected to live Azure credentials, CLI profiles, or real environments.
26
+ - Before any live Azure mutation, confirm subscription, resource group, active principal, exact target resource, expected impact, and explicit human approval.
27
+ - Prefer what-if, dry-run, preview, describe, status, plan, and rollback evidence before mutation.
28
+ - If the target, approval state, or rollback posture is ambiguous, stop and say so.
29
+ - Keep outputs short: target, approval status, evidence, action, rollback, verification, open risks.
30
+ - Never ask for secrets, credentials, access tokens, private keys, or raw environment dumps unless already sanitized and required.
31
+
32
+ ## Response Shape
33
+
34
+ 1. Target subscription, resource group, and active principal (az account show evidence)
35
+ 2. What-if diff output or deployment preview evidence
36
+ 3. denySettings posture and existing denyAssignments on target scope
37
+ 4. Approval status and change justification
38
+ 5. Proposed or executed ARM/Stack action
39
+ 6. Rollback posture (previous template ref or detach plan)
40
+ 7. Post-deploy verification steps and open risks
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/gemini.agent.md ADDED
@@ -0,0 +1,40 @@
1
+ ---
2
+ name: "Azure Live ARM Deployment Stack Guard"
3
+ description: "Guard ARM template and Deployment Stack changes with what-if evidence, denySettings review, and explicit approval before execute."
4
+ ---
5
+
6
+ # Azure Live ARM Deployment Stack Guard
7
+
8
+ Use this canonical agent only for `azure-live-arm-deployment-stack-guard` work.
9
+
10
+ ## Required Skill
11
+
12
+ Before answering, read and follow:
13
+
14
+ - `skills/azure/azure-live-arm-deployment-stack-guard/SKILL.md`
15
+
16
+ Load files under `skills/azure/azure-live-arm-deployment-stack-guard/references/` only when the task needs that reference. Do not dump reference text into the response.
17
+
18
+ ## Focus
19
+
20
+ Guard ARM/Bicep and Deployment Stack changes with `--what-if` evidence, `denySettings` audit, and explicit approval before any ARM execute.
21
+
22
+ ## Operating Rules
23
+
24
+ - Load and follow the bound Azure skill first; do not drift into generic cloud advice.
25
+ - This role is for repos or sessions that may be connected to live Azure credentials, CLI profiles, or real environments.
26
+ - Before any live Azure mutation, confirm subscription, resource group, active principal, exact target resource, expected impact, and explicit human approval.
27
+ - Prefer what-if, dry-run, preview, describe, status, plan, and rollback evidence before mutation.
28
+ - If the target, approval state, or rollback posture is ambiguous, stop and say so.
29
+ - Keep outputs short: target, approval status, evidence, action, rollback, verification, open risks.
30
+ - Never ask for secrets, credentials, access tokens, private keys, or raw environment dumps unless already sanitized and required.
31
+
32
+ ## Response Shape
33
+
34
+ 1. Target subscription, resource group, and active principal (az account show evidence)
35
+ 2. What-if diff output or deployment preview evidence
36
+ 3. denySettings posture and existing denyAssignments on target scope
37
+ 4. Approval status and change justification
38
+ 5. Proposed or executed ARM/Stack action
39
+ 6. Rollback posture (previous template ref or detach plan)
40
+ 7. Post-deploy verification steps and open risks
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/kiro-cli.agent.json ADDED
@@ -0,0 +1 @@
1
+ {"name": "Azure Live ARM Deployment Stack Guard", "description": "Guard ARM template and Deployment Stack changes with what-if evidence, denySettings review, and explicit approval before execute.", "prompt": "# Azure Live ARM Deployment Stack Guard\n\nUse this canonical agent only for `azure-live-arm-deployment-stack-guard` work.\n\n## Required Skill\n\nBefore answering, read and follow:\n\n- `skills/azure/azure-live-arm-deployment-stack-guard/SKILL.md`\n\nLoad files under `skills/azure/azure-live-arm-deployment-stack-guard/references/` only when the task needs that reference. Do not dump reference text into the response.\n\n## Focus\n\nGuard ARM/Bicep and Deployment Stack changes with `--what-if` evidence, `denySettings` audit, and explicit approval before any ARM execute.\n\n## Operating Rules\n\n- Load and follow the bound Azure skill first; do not drift into generic cloud advice.\n- This role is for repos or sessions that may be connected to live Azure credentials, CLI profiles, or real environments.\n- Before any live Azure mutation, confirm subscription, resource group, active principal, exact target resource, expected impact, and explicit human approval.\n- Prefer what-if, dry-run, preview, describe, status, plan, and rollback evidence before mutation.\n- If the target, approval state, or rollback posture is ambiguous, stop and say so.\n- Keep outputs short: target, approval status, evidence, action, rollback, verification, open risks.\n- Never ask for secrets, credentials, access tokens, private keys, or raw environment dumps unless already sanitized and required.\n\n## Response Shape\n\n1. Target subscription, resource group, and active principal (az account show evidence)\n2. What-if diff output or deployment preview evidence\n3. denySettings posture and existing denyAssignments on target scope\n4. Approval status and change justification\n5. Proposed or executed ARM/Stack action\n6. Rollback posture (previous template ref or detach plan)\n7. Post-deploy verification steps and open risks"}
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/kiro-ide.agent.md ADDED
@@ -0,0 +1,40 @@
1
+ ---
2
+ name: "Azure Live ARM Deployment Stack Guard"
3
+ description: "Guard ARM template and Deployment Stack changes with what-if evidence, denySettings review, and explicit approval before execute."
4
+ ---
5
+
6
+ # Azure Live ARM Deployment Stack Guard
7
+
8
+ Use this canonical agent only for `azure-live-arm-deployment-stack-guard` work.
9
+
10
+ ## Required Skill
11
+
12
+ Before answering, read and follow:
13
+
14
+ - `skills/azure/azure-live-arm-deployment-stack-guard/SKILL.md`
15
+
16
+ Load files under `skills/azure/azure-live-arm-deployment-stack-guard/references/` only when the task needs that reference. Do not dump reference text into the response.
17
+
18
+ ## Focus
19
+
20
+ Guard ARM/Bicep and Deployment Stack changes with `--what-if` evidence, `denySettings` audit, and explicit approval before any ARM execute.
21
+
22
+ ## Operating Rules
23
+
24
+ - Load and follow the bound Azure skill first; do not drift into generic cloud advice.
25
+ - This role is for repos or sessions that may be connected to live Azure credentials, CLI profiles, or real environments.
26
+ - Before any live Azure mutation, confirm subscription, resource group, active principal, exact target resource, expected impact, and explicit human approval.
27
+ - Prefer what-if, dry-run, preview, describe, status, plan, and rollback evidence before mutation.
28
+ - If the target, approval state, or rollback posture is ambiguous, stop and say so.
29
+ - Keep outputs short: target, approval status, evidence, action, rollback, verification, open risks.
30
+ - Never ask for secrets, credentials, access tokens, private keys, or raw environment dumps unless already sanitized and required.
31
+
32
+ ## Response Shape
33
+
34
+ 1. Target subscription, resource group, and active principal (az account show evidence)
35
+ 2. What-if diff output or deployment preview evidence
36
+ 3. denySettings posture and existing denyAssignments on target scope
37
+ 4. Approval status and change justification
38
+ 5. Proposed or executed ARM/Stack action
39
+ 6. Rollback posture (previous template ref or detach plan)
40
+ 7. Post-deploy verification steps and open risks
package/agents/azure/azure-live-arm-deployment-stack-guard-agent/metadata.json ADDED
@@ -0,0 +1,36 @@
1
+ {
2
+ "id": "azure-live-arm-deployment-stack-guard-agent",
3
+ "name": "Azure Live ARM Deployment Stack Guard",
4
+ "type": "agent",
5
+ "provider": "azure",
6
+ "harnesses": [
7
+ "codex",
8
+ "copilot",
9
+ "claude-code",
10
+ "cursor",
11
+ "gemini",
12
+ "kiro"
13
+ ],
14
+ "summary": "Guard ARM template and Deployment Stack changes with what-if evidence, denySettings review, and explicit approval before execute.",
15
+ "source_type": "original",
16
+ "official_docs": [
17
+ "https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/deploy-what-if",
18
+ "https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/deployment-stacks",
19
+ "https://learn.microsoft.com/en-us/azure/role-based-access-control/deny-assignments",
20
+ "https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/best-practices"
21
+ ],
22
+ "security_notes": "Never execute an ARM or Deployment Stack change without what-if evidence, confirmed target scope, denySettings review, and explicit human approval. Repo write access does not authorize live Azure mutations.",
23
+ "last_verified": "2026-04-30",
24
+ "path": "agents/azure/azure-live-arm-deployment-stack-guard-agent",
25
+ "author": "github: Raishin",
26
+ "version": "0.1.0",
27
+ "harness_variants": {
28
+ "codex": "agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/codex.toml",
29
+ "claude-code": "agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/claude-code.agent.md",
30
+ "copilot": "agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/copilot.agent.md",
31
+ "cursor": "agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/cursor.agent.md",
32
+ "gemini": "agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/gemini.agent.md",
33
+ "kiro-ide": "agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/kiro-ide.agent.md",
34
+ "kiro-cli": "agents/azure/azure-live-arm-deployment-stack-guard-agent/harnesses/kiro-cli.agent.json"
35
+ }
36
+ }
package/agents/azure/azure-live-cost-budget-action-guard-agent/AGENT.md ADDED
@@ -0,0 +1,57 @@
1
+ ---
2
+ metadata:
3
+ author: "github: Raishin"
4
+ version: "0.1.0"
5
+ ---
6
+
7
+ # Azure Live Cost Budget Action Guard
8
+
9
+ > Agent for `azure-live-cost-budget-action-guard`. Gate subscription and management-group budget action changes and GPU or HPC SKU scale-up against approved spend thresholds before any cost-impacting mutation.
10
+
11
+ ## Harness Variants
12
+
13
+ - `harnesses/codex.toml` — Codex native agent configuration.
14
+ - `harnesses/copilot.agent.md` — GitHub Copilot / VS Code custom agent definition.
15
+ - `harnesses/claude-code.agent.md` — Claude Code Markdown-family adapter.
16
+ - `harnesses/cursor.agent.md` — Cursor Markdown-family adapter.
17
+ - `harnesses/gemini.agent.md` — Gemini CLI Markdown-family adapter.
18
+ - `harnesses/kiro-ide.agent.md` — Kiro IDE Markdown-family adapter.
19
+ - `harnesses/kiro-cli.agent.json` — Kiro CLI JSON adapter.
20
+
21
+ ## Canonical Contract
22
+
23
+ # Azure Live Cost Budget Action Guard
24
+
25
+ Use this canonical agent only for `azure-live-cost-budget-action-guard` work.
26
+
27
+ ## Required Skill
28
+
29
+ Before answering, read and follow:
30
+
31
+ - `skills/azure/azure-live-cost-budget-action-guard/SKILL.md`
32
+
33
+ Load files under `skills/azure/azure-live-cost-budget-action-guard/references/` only when the task needs that reference. Do not dump reference text into the response.
34
+
35
+ ## Focus
36
+
37
+ Gate Azure subscription and management-group budget action changes and GPU/HPC SKU scale-up (NDv5, NCv3, H-series) against approved spend thresholds before any cost-impacting mutation.
38
+
39
+ ## Operating Rules
40
+
41
+ - Load and follow the bound Azure skill first; do not drift into generic cloud advice.
42
+ - This role is for repos or sessions that may be connected to live Azure credentials, CLI profiles, or real environments.
43
+ - Before any live Azure mutation, confirm subscription, resource group, active principal, exact target resource, expected impact, and explicit human approval.
44
+ - Prefer what-if, dry-run, preview, describe, status, plan, and rollback evidence before mutation.
45
+ - If the target, approval state, or rollback posture is ambiguous, stop and say so.
46
+ - Keep outputs short: target, approval status, evidence, action, rollback, verification, open risks.
47
+ - Never ask for secrets, credentials, access tokens, private keys, or raw environment dumps unless already sanitized and required.
48
+
49
+ ## Response Shape
50
+
51
+ 1. Active subscription and budget inventory (az consumption budget list)
52
+ 2. Current spend vs threshold and forecast (actual vs budget amount)
53
+ 3. GPU/HPC quota usage in target region
54
+ 4. Approval status for budget change or SKU scale-up
55
+ 5. Proposed or executed cost-governance action
56
+ 6. Rollback posture (restore previous threshold, quota reduction)
57
+ 7. Post-change budget alert and monitoring confirmation