@raishin/vanguard-frontier-agentic 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (442) hide show
  1. package/README.md +231 -113
  2. package/agents/AGENTS.md +263 -21
  3. package/agents/argocd/README.md +46 -0
  4. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/AGENT.md +55 -0
  5. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/claude-code.agent.md +35 -0
  6. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/codex.toml +29 -0
  7. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/copilot.agent.md +35 -0
  8. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/cursor.agent.md +35 -0
  9. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/gemini.agent.md +35 -0
  10. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/kiro-cli.agent.json +5 -0
  11. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/kiro-ide.agent.md +35 -0
  12. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/metadata.json +31 -0
  13. package/agents/argocd/argocd-gitops-review-agent/AGENT.md +55 -0
  14. package/agents/argocd/argocd-gitops-review-agent/harnesses/claude-code.agent.md +38 -0
  15. package/agents/argocd/argocd-gitops-review-agent/harnesses/codex.toml +32 -0
  16. package/agents/argocd/argocd-gitops-review-agent/harnesses/copilot.agent.md +38 -0
  17. package/agents/argocd/argocd-gitops-review-agent/harnesses/cursor.agent.md +38 -0
  18. package/agents/argocd/argocd-gitops-review-agent/harnesses/gemini.agent.md +38 -0
  19. package/agents/argocd/argocd-gitops-review-agent/harnesses/kiro-cli.agent.json +5 -0
  20. package/agents/argocd/argocd-gitops-review-agent/harnesses/kiro-ide.agent.md +38 -0
  21. package/agents/argocd/argocd-gitops-review-agent/metadata.json +30 -0
  22. package/agents/aws/aws-live-deployment-guarded-operator-agent/metadata.json +10 -1
  23. package/agents/aws/aws-live-ecs-rollout-guard-agent/metadata.json +10 -1
  24. package/agents/aws/aws-live-iac-change-guard-agent/metadata.json +10 -1
  25. package/agents/aws/aws-live-pipeline-approval-operator-agent/metadata.json +10 -1
  26. package/agents/aws/aws-live-serverless-release-guard-agent/metadata.json +10 -1
  27. package/agents/aws/aws-private-ca-issuer-review-agent/AGENT.md +53 -0
  28. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/claude-code.agent.md +36 -0
  29. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/codex.toml +27 -0
  30. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/copilot.agent.md +36 -0
  31. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/cursor.agent.md +36 -0
  32. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/gemini.agent.md +36 -0
  33. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/kiro-cli.agent.json +5 -0
  34. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/kiro-ide.agent.md +36 -0
  35. package/agents/aws/aws-private-ca-issuer-review-agent/metadata.json +37 -0
  36. package/agents/azure/README.md +45 -0
  37. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/AGENT.md +53 -0
  38. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/claude-code.agent.md +36 -0
  39. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/codex.toml +27 -0
  40. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/copilot.agent.md +36 -0
  41. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/cursor.agent.md +36 -0
  42. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/gemini.agent.md +36 -0
  43. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/kiro-cli.agent.json +5 -0
  44. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/kiro-ide.agent.md +36 -0
  45. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/metadata.json +36 -0
  46. package/agents/azure/azure-live-aks-rollout-guard-agent/metadata.json +10 -1
  47. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/metadata.json +10 -1
  48. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/metadata.json +10 -1
  49. package/agents/azure/azure-live-cost-budget-action-guard-agent/metadata.json +10 -1
  50. package/agents/azure/azure-live-entra-role-assignment-guard-agent/AGENT.md +59 -0
  51. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/claude-code.agent.md +42 -0
  52. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/codex.toml +34 -0
  53. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/copilot.agent.md +55 -0
  54. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/cursor.agent.md +44 -0
  55. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/gemini.agent.md +43 -0
  56. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  57. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  58. package/agents/azure/azure-live-entra-role-assignment-guard-agent/metadata.json +37 -0
  59. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/metadata.json +10 -1
  60. package/agents/azure/azure-live-pim-jit-activation-guard-agent/metadata.json +11 -2
  61. package/agents/backstage/README.md +36 -0
  62. package/agents/backstage/backstage-scaffolder-template-review-agent/AGENT.md +54 -0
  63. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/claude-code.agent.md +37 -0
  64. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/codex.toml +31 -0
  65. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/copilot.agent.md +37 -0
  66. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/cursor.agent.md +37 -0
  67. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/gemini.agent.md +37 -0
  68. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/kiro-cli.agent.json +5 -0
  69. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/kiro-ide.agent.md +37 -0
  70. package/agents/backstage/backstage-scaffolder-template-review-agent/metadata.json +30 -0
  71. package/agents/cert-manager/README.md +46 -0
  72. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/AGENT.md +55 -0
  73. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/claude-code.agent.md +35 -0
  74. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/codex.toml +29 -0
  75. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/copilot.agent.md +35 -0
  76. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/cursor.agent.md +35 -0
  77. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/gemini.agent.md +35 -0
  78. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/kiro-cli.agent.json +5 -0
  79. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/kiro-ide.agent.md +35 -0
  80. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/metadata.json +31 -0
  81. package/agents/cilium/README.md +46 -0
  82. package/agents/cilium/cilium-network-policy-review-agent/AGENT.md +55 -0
  83. package/agents/cilium/cilium-network-policy-review-agent/harnesses/claude-code.agent.md +38 -0
  84. package/agents/cilium/cilium-network-policy-review-agent/harnesses/codex.toml +32 -0
  85. package/agents/cilium/cilium-network-policy-review-agent/harnesses/copilot.agent.md +38 -0
  86. package/agents/cilium/cilium-network-policy-review-agent/harnesses/cursor.agent.md +38 -0
  87. package/agents/cilium/cilium-network-policy-review-agent/harnesses/gemini.agent.md +38 -0
  88. package/agents/cilium/cilium-network-policy-review-agent/harnesses/kiro-cli.agent.json +5 -0
  89. package/agents/cilium/cilium-network-policy-review-agent/harnesses/kiro-ide.agent.md +38 -0
  90. package/agents/cilium/cilium-network-policy-review-agent/metadata.json +37 -0
  91. package/agents/falco/README.md +36 -0
  92. package/agents/falco/falco-runtime-threat-rules-review-agent/AGENT.md +49 -0
  93. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/claude-code.agent.md +33 -0
  94. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/codex.toml +31 -0
  95. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/copilot.agent.md +33 -0
  96. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/cursor.agent.md +33 -0
  97. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/gemini.agent.md +33 -0
  98. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/kiro-cli.agent.json +5 -0
  99. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/kiro-ide.agent.md +33 -0
  100. package/agents/falco/falco-runtime-threat-rules-review-agent/metadata.json +31 -0
  101. package/agents/finops/README.md +27 -0
  102. package/agents/finops/finops-cloud-price-advisor-agent/metadata.json +10 -1
  103. package/agents/fluxcd/README.md +39 -0
  104. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/AGENT.md +55 -0
  105. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/claude-code.agent.md +38 -0
  106. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/codex.toml +32 -0
  107. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/copilot.agent.md +38 -0
  108. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/cursor.agent.md +38 -0
  109. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/gemini.agent.md +38 -0
  110. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/kiro-cli.agent.json +5 -0
  111. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/kiro-ide.agent.md +38 -0
  112. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/metadata.json +31 -0
  113. package/agents/istio/README.md +46 -0
  114. package/agents/istio/istio-ambient-mesh-review-agent/AGENT.md +55 -0
  115. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/claude-code.agent.md +38 -0
  116. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/codex.toml +32 -0
  117. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/copilot.agent.md +38 -0
  118. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/cursor.agent.md +38 -0
  119. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/gemini.agent.md +38 -0
  120. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/kiro-cli.agent.json +5 -0
  121. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/kiro-ide.agent.md +38 -0
  122. package/agents/istio/istio-ambient-mesh-review-agent/metadata.json +30 -0
  123. package/agents/kubernetes/README.md +143 -0
  124. package/agents/kubernetes/external-secrets-operator-review-agent/AGENT.md +49 -0
  125. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/claude-code.agent.md +33 -0
  126. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/codex.toml +31 -0
  127. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/copilot.agent.md +33 -0
  128. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/cursor.agent.md +33 -0
  129. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/gemini.agent.md +33 -0
  130. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/kiro-cli.agent.json +5 -0
  131. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/kiro-ide.agent.md +33 -0
  132. package/agents/kubernetes/external-secrets-operator-review-agent/metadata.json +31 -0
  133. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/AGENT.md +56 -0
  134. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/claude-code.agent.md +39 -0
  135. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/codex.toml +34 -0
  136. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/copilot.agent.md +39 -0
  137. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/cursor.agent.md +39 -0
  138. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/gemini.agent.md +39 -0
  139. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/kiro-cli.agent.json +5 -0
  140. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/kiro-ide.agent.md +39 -0
  141. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/metadata.json +31 -0
  142. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/AGENT.md +59 -0
  143. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/claude-code.agent.md +42 -0
  144. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/codex.toml +33 -0
  145. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/copilot.agent.md +42 -0
  146. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/cursor.agent.md +42 -0
  147. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/gemini.agent.md +42 -0
  148. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  149. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  150. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/metadata.json +36 -0
  151. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/AGENT.md +59 -0
  152. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/claude-code.agent.md +42 -0
  153. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/codex.toml +33 -0
  154. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/copilot.agent.md +42 -0
  155. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/cursor.agent.md +42 -0
  156. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/gemini.agent.md +42 -0
  157. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  158. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  159. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/metadata.json +36 -0
  160. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/AGENT.md +59 -0
  161. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/claude-code.agent.md +42 -0
  162. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/codex.toml +33 -0
  163. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/copilot.agent.md +42 -0
  164. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/cursor.agent.md +42 -0
  165. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/gemini.agent.md +42 -0
  166. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  167. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  168. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/metadata.json +36 -0
  169. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/AGENT.md +59 -0
  170. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/claude-code.agent.md +42 -0
  171. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/codex.toml +33 -0
  172. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/copilot.agent.md +42 -0
  173. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/cursor.agent.md +42 -0
  174. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/gemini.agent.md +42 -0
  175. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  176. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  177. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/metadata.json +36 -0
  178. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/AGENT.md +59 -0
  179. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/claude-code.agent.md +42 -0
  180. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/codex.toml +34 -0
  181. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/copilot.agent.md +55 -0
  182. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/cursor.agent.md +44 -0
  183. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/gemini.agent.md +43 -0
  184. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  185. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  186. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/metadata.json +36 -0
  187. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/AGENT.md +62 -0
  188. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/claude-code.agent.md +43 -0
  189. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/codex.toml +35 -0
  190. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/copilot.agent.md +43 -0
  191. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/cursor.agent.md +43 -0
  192. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/gemini.agent.md +43 -0
  193. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  194. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/kiro-ide.agent.md +43 -0
  195. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/metadata.json +37 -0
  196. package/agents/kubernetes/kubernetes-maestro-agent/AGENT.md +55 -0
  197. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/claude-code.agent.md +38 -0
  198. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/codex.toml +34 -0
  199. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/copilot.agent.md +38 -0
  200. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/cursor.agent.md +38 -0
  201. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/gemini.agent.md +38 -0
  202. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  203. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
  204. package/agents/kubernetes/kubernetes-maestro-agent/metadata.json +40 -0
  205. package/agents/kubernetes/kubernetes-pod-spec-review-agent/AGENT.md +54 -0
  206. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/claude-code.agent.md +37 -0
  207. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/codex.toml +27 -0
  208. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/copilot.agent.md +37 -0
  209. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/cursor.agent.md +37 -0
  210. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/gemini.agent.md +37 -0
  211. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/kiro-cli.agent.json +5 -0
  212. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/kiro-ide.agent.md +37 -0
  213. package/agents/kubernetes/kubernetes-pod-spec-review-agent/metadata.json +38 -0
  214. package/agents/kubernetes/kubernetes-psa-review-agent/AGENT.md +55 -0
  215. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/claude-code.agent.md +36 -0
  216. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/codex.toml +29 -0
  217. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/copilot.agent.md +36 -0
  218. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/cursor.agent.md +36 -0
  219. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/gemini.agent.md +36 -0
  220. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/kiro-cli.agent.json +5 -0
  221. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/kiro-ide.agent.md +36 -0
  222. package/agents/kubernetes/kubernetes-psa-review-agent/metadata.json +37 -0
  223. package/agents/kubernetes/kubernetes-rbac-review-agent/AGENT.md +55 -0
  224. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/claude-code.agent.md +38 -0
  225. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/codex.toml +32 -0
  226. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/copilot.agent.md +51 -0
  227. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/cursor.agent.md +40 -0
  228. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/gemini.agent.md +39 -0
  229. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/kiro-cli.agent.json +5 -0
  230. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/kiro-ide.agent.md +38 -0
  231. package/agents/kubernetes/kubernetes-rbac-review-agent/metadata.json +36 -0
  232. package/agents/kubernetes/kubernetes-workload-identity-review-agent/AGENT.md +55 -0
  233. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/claude-code.agent.md +37 -0
  234. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/codex.toml +29 -0
  235. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/copilot.agent.md +37 -0
  236. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/cursor.agent.md +37 -0
  237. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/gemini.agent.md +37 -0
  238. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/kiro-cli.agent.json +5 -0
  239. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/kiro-ide.agent.md +37 -0
  240. package/agents/kubernetes/kubernetes-workload-identity-review-agent/metadata.json +37 -0
  241. package/agents/kyverno/README.md +46 -0
  242. package/agents/kyverno/kyverno-policy-review-agent/AGENT.md +55 -0
  243. package/agents/kyverno/kyverno-policy-review-agent/harnesses/claude-code.agent.md +38 -0
  244. package/agents/kyverno/kyverno-policy-review-agent/harnesses/codex.toml +32 -0
  245. package/agents/kyverno/kyverno-policy-review-agent/harnesses/copilot.agent.md +38 -0
  246. package/agents/kyverno/kyverno-policy-review-agent/harnesses/cursor.agent.md +38 -0
  247. package/agents/kyverno/kyverno-policy-review-agent/harnesses/gemini.agent.md +38 -0
  248. package/agents/kyverno/kyverno-policy-review-agent/harnesses/kiro-cli.agent.json +5 -0
  249. package/agents/kyverno/kyverno-policy-review-agent/harnesses/kiro-ide.agent.md +38 -0
  250. package/agents/kyverno/kyverno-policy-review-agent/metadata.json +30 -0
  251. package/agents/oci/README.md +45 -0
  252. package/agents/oci/oci-certificates-issuer-review-agent/AGENT.md +53 -0
  253. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/claude-code.agent.md +36 -0
  254. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/codex.toml +27 -0
  255. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/copilot.agent.md +36 -0
  256. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/cursor.agent.md +36 -0
  257. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/gemini.agent.md +36 -0
  258. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/kiro-cli.agent.json +5 -0
  259. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/kiro-ide.agent.md +36 -0
  260. package/agents/oci/oci-certificates-issuer-review-agent/metadata.json +36 -0
  261. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/metadata.json +11 -2
  262. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/metadata.json +11 -2
  263. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/metadata.json +10 -1
  264. package/agents/oci/oci-live-network-security-rule-guard-agent/AGENT.md +59 -0
  265. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/claude-code.agent.md +42 -0
  266. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/codex.toml +34 -0
  267. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/copilot.agent.md +55 -0
  268. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/cursor.agent.md +44 -0
  269. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/gemini.agent.md +43 -0
  270. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  271. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  272. package/agents/oci/oci-live-network-security-rule-guard-agent/metadata.json +37 -0
  273. package/agents/oci/oci-live-oke-rollout-guard-agent/metadata.json +11 -2
  274. package/agents/oci/oci-live-resource-manager-stack-guard-agent/metadata.json +10 -1
  275. package/agents/oci/oci-live-vault-key-destruction-guard-agent/metadata.json +10 -1
  276. package/agents/opentelemetry/README.md +37 -0
  277. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/AGENT.md +55 -0
  278. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/claude-code.agent.md +38 -0
  279. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/codex.toml +32 -0
  280. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/copilot.agent.md +38 -0
  281. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/cursor.agent.md +38 -0
  282. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/gemini.agent.md +38 -0
  283. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/kiro-cli.agent.json +5 -0
  284. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/kiro-ide.agent.md +38 -0
  285. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/metadata.json +37 -0
  286. package/agents/prometheus/README.md +36 -0
  287. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/AGENT.md +48 -0
  288. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/claude-code.agent.md +32 -0
  289. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/codex.toml +31 -0
  290. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/copilot.agent.md +32 -0
  291. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/cursor.agent.md +32 -0
  292. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/gemini.agent.md +32 -0
  293. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/kiro-cli.agent.json +5 -0
  294. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/kiro-ide.agent.md +32 -0
  295. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/metadata.json +31 -0
  296. package/agents/sigstore/README.md +38 -0
  297. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/AGENT.md +55 -0
  298. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/claude-code.agent.md +35 -0
  299. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/codex.toml +29 -0
  300. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/copilot.agent.md +35 -0
  301. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/cursor.agent.md +35 -0
  302. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/gemini.agent.md +35 -0
  303. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/kiro-cli.agent.json +5 -0
  304. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/kiro-ide.agent.md +35 -0
  305. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/metadata.json +31 -0
  306. package/agents/terraform/README.md +29 -0
  307. package/agents/terraform/terraform-reviewer/harnesses/claude-code.agent.md +29 -0
  308. package/agents/terraform/terraform-reviewer/harnesses/codex.toml +29 -0
  309. package/agents/terraform/terraform-reviewer/harnesses/copilot.agent.md +42 -0
  310. package/agents/terraform/terraform-reviewer/harnesses/cursor.agent.md +31 -0
  311. package/agents/terraform/terraform-reviewer/harnesses/gemini.agent.md +30 -0
  312. package/agents/terraform/terraform-reviewer/harnesses/kiro-cli.agent.json +5 -0
  313. package/agents/terraform/terraform-reviewer/harnesses/kiro-ide.agent.md +29 -0
  314. package/agents/terraform/terraform-reviewer/metadata.json +10 -1
  315. package/agents/velero/README.md +41 -0
  316. package/assets/logos/vanguard-frontier-agentic-logo.png +0 -0
  317. package/catalog/agents.json +1452 -634
  318. package/catalog/install-roles.json +455 -0
  319. package/catalog/skill-manifest.json +757 -3
  320. package/catalog/skills.json +1298 -528
  321. package/package.json +11 -1
  322. package/scripts/export-marketplace-agents.mjs +100 -9
  323. package/scripts/update-catalog-new-agents.py +88 -0
  324. package/skills/argocd/README.md +30 -0
  325. package/skills/argocd/argo-rollouts-progressive-delivery-review/SKILL.md +40 -0
  326. package/skills/argocd/argo-rollouts-progressive-delivery-review/metadata.json +22 -0
  327. package/skills/argocd/argo-rollouts-progressive-delivery-review/references/workflow-and-output.md +248 -0
  328. package/skills/argocd/argocd-gitops-review/SKILL.md +43 -0
  329. package/skills/argocd/argocd-gitops-review/metadata.json +30 -0
  330. package/skills/argocd/argocd-gitops-review/references/mcp-and-evidence.md +53 -0
  331. package/skills/argocd/argocd-gitops-review/references/official-sources.md +32 -0
  332. package/skills/argocd/argocd-gitops-review/references/workflow-and-output.md +120 -0
  333. package/skills/aws/README.md +3 -1
  334. package/skills/aws/aws-maestro/references/workflow-and-output.md +2 -0
  335. package/skills/aws/aws-private-ca-issuer-review/SKILL.md +39 -0
  336. package/skills/aws/aws-private-ca-issuer-review/metadata.json +21 -0
  337. package/skills/aws/aws-private-ca-issuer-review/references/official-sources.md +22 -0
  338. package/skills/aws/aws-private-ca-issuer-review/references/safety-checklist.md +30 -0
  339. package/skills/aws/aws-private-ca-issuer-review/references/workflow-and-output.md +214 -0
  340. package/skills/azure/README.md +3 -1
  341. package/skills/azure/azure-keyvault-certificate-issuer-review/SKILL.md +37 -0
  342. package/skills/azure/azure-keyvault-certificate-issuer-review/metadata.json +20 -0
  343. package/skills/azure/azure-keyvault-certificate-issuer-review/references/workflow-and-output.md +190 -0
  344. package/skills/azure/azure-live-entra-role-assignment-guard/SKILL.md +56 -0
  345. package/skills/azure/azure-live-entra-role-assignment-guard/metadata.json +28 -0
  346. package/skills/azure/azure-live-entra-role-assignment-guard/references/official-sources.md +21 -0
  347. package/skills/azure/azure-live-entra-role-assignment-guard/references/permission-model.md +70 -0
  348. package/skills/azure/azure-live-entra-role-assignment-guard/references/preflight-commands.md +69 -0
  349. package/skills/azure/azure-live-entra-role-assignment-guard/references/rollback-playbook.md +51 -0
  350. package/skills/backstage/backstage-scaffolder-template-review/SKILL.md +39 -0
  351. package/skills/backstage/backstage-scaffolder-template-review/metadata.json +21 -0
  352. package/skills/backstage/backstage-scaffolder-template-review/references/workflow-and-output.md +179 -0
  353. package/skills/cert-manager/cert-manager-issuer-trust-review/SKILL.md +40 -0
  354. package/skills/cert-manager/cert-manager-issuer-trust-review/metadata.json +22 -0
  355. package/skills/cert-manager/cert-manager-issuer-trust-review/references/workflow-and-output.md +222 -0
  356. package/skills/cilium/README.md +30 -0
  357. package/skills/cilium/cilium-network-policy-review/SKILL.md +43 -0
  358. package/skills/cilium/cilium-network-policy-review/metadata.json +30 -0
  359. package/skills/cilium/cilium-network-policy-review/references/mcp-and-evidence.md +52 -0
  360. package/skills/cilium/cilium-network-policy-review/references/official-sources.md +30 -0
  361. package/skills/cilium/cilium-network-policy-review/references/workflow-and-output.md +130 -0
  362. package/skills/falco/falco-runtime-threat-rules-review/SKILL.md +37 -0
  363. package/skills/falco/falco-runtime-threat-rules-review/metadata.json +22 -0
  364. package/skills/falco/falco-runtime-threat-rules-review/references/workflow-and-output.md +249 -0
  365. package/skills/finops/README.md +30 -0
  366. package/skills/fluxcd/fluxcd-kustomization-helmrelease-review/SKILL.md +40 -0
  367. package/skills/fluxcd/fluxcd-kustomization-helmrelease-review/metadata.json +22 -0
  368. package/skills/fluxcd/fluxcd-kustomization-helmrelease-review/references/workflow-and-output.md +243 -0
  369. package/skills/istio/README.md +28 -0
  370. package/skills/istio/istio-ambient-mesh-review/SKILL.md +43 -0
  371. package/skills/istio/istio-ambient-mesh-review/metadata.json +30 -0
  372. package/skills/istio/istio-ambient-mesh-review/references/mcp-and-evidence.md +59 -0
  373. package/skills/istio/istio-ambient-mesh-review/references/official-sources.md +32 -0
  374. package/skills/istio/istio-ambient-mesh-review/references/workflow-and-output.md +128 -0
  375. package/skills/kubernetes/README.md +30 -0
  376. package/skills/kubernetes/external-secrets-operator-review/SKILL.md +37 -0
  377. package/skills/kubernetes/external-secrets-operator-review/metadata.json +22 -0
  378. package/skills/kubernetes/external-secrets-operator-review/references/workflow-and-output.md +280 -0
  379. package/skills/kubernetes/kubecost-chargeback-allocation-review/SKILL.md +40 -0
  380. package/skills/kubernetes/kubecost-chargeback-allocation-review/metadata.json +22 -0
  381. package/skills/kubernetes/kubecost-chargeback-allocation-review/references/workflow-and-output.md +215 -0
  382. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/SKILL.md +57 -0
  383. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/metadata.json +27 -0
  384. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/official-sources.md +18 -0
  385. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/permission-model.md +78 -0
  386. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/preflight-commands.md +81 -0
  387. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/rollback-playbook.md +61 -0
  388. package/skills/kubernetes/kubernetes-maestro/SKILL.md +45 -0
  389. package/skills/kubernetes/kubernetes-maestro/metadata.json +24 -0
  390. package/skills/kubernetes/kubernetes-maestro/references/safety-checklist.md +78 -0
  391. package/skills/kubernetes/kubernetes-maestro/references/workflow-and-output.md +206 -0
  392. package/skills/kubernetes/kubernetes-pod-security-admission-review/SKILL.md +43 -0
  393. package/skills/kubernetes/kubernetes-pod-security-admission-review/metadata.json +28 -0
  394. package/skills/kubernetes/kubernetes-pod-security-admission-review/references/mcp-and-evidence.md +49 -0
  395. package/skills/kubernetes/kubernetes-pod-security-admission-review/references/official-sources.md +26 -0
  396. package/skills/kubernetes/kubernetes-pod-security-admission-review/references/workflow-and-output.md +129 -0
  397. package/skills/kubernetes/kubernetes-pod-spec-review/SKILL.md +38 -0
  398. package/skills/kubernetes/kubernetes-pod-spec-review/metadata.json +22 -0
  399. package/skills/kubernetes/kubernetes-pod-spec-review/references/workflow-and-output.md +229 -0
  400. package/skills/kubernetes/kubernetes-rbac-review/SKILL.md +38 -0
  401. package/skills/kubernetes/kubernetes-rbac-review/metadata.json +27 -0
  402. package/skills/kubernetes/kubernetes-rbac-review/references/mcp-and-evidence.md +34 -0
  403. package/skills/kubernetes/kubernetes-rbac-review/references/official-sources.md +22 -0
  404. package/skills/kubernetes/kubernetes-rbac-review/references/workflow-and-output.md +44 -0
  405. package/skills/kubernetes/kubernetes-workload-identity-review/SKILL.md +43 -0
  406. package/skills/kubernetes/kubernetes-workload-identity-review/metadata.json +29 -0
  407. package/skills/kubernetes/kubernetes-workload-identity-review/references/mcp-and-evidence.md +57 -0
  408. package/skills/kubernetes/kubernetes-workload-identity-review/references/official-sources.md +47 -0
  409. package/skills/kubernetes/kubernetes-workload-identity-review/references/workflow-and-output.md +166 -0
  410. package/skills/kyverno/README.md +30 -0
  411. package/skills/kyverno/kyverno-policy-review/SKILL.md +43 -0
  412. package/skills/kyverno/kyverno-policy-review/metadata.json +30 -0
  413. package/skills/kyverno/kyverno-policy-review/references/mcp-and-evidence.md +49 -0
  414. package/skills/kyverno/kyverno-policy-review/references/official-sources.md +31 -0
  415. package/skills/kyverno/kyverno-policy-review/references/workflow-and-output.md +106 -0
  416. package/skills/oci/README.md +63 -0
  417. package/skills/oci/oci-certificates-issuer-review/SKILL.md +37 -0
  418. package/skills/oci/oci-certificates-issuer-review/metadata.json +20 -0
  419. package/skills/oci/oci-certificates-issuer-review/references/workflow-and-output.md +207 -0
  420. package/skills/oci/oci-live-network-security-rule-guard/SKILL.md +57 -0
  421. package/skills/oci/oci-live-network-security-rule-guard/metadata.json +28 -0
  422. package/skills/oci/oci-live-network-security-rule-guard/references/official-sources.md +21 -0
  423. package/skills/oci/oci-live-network-security-rule-guard/references/permission-model.md +65 -0
  424. package/skills/oci/oci-live-network-security-rule-guard/references/preflight-commands.md +69 -0
  425. package/skills/oci/oci-live-network-security-rule-guard/references/rollback-playbook.md +79 -0
  426. package/skills/opentelemetry/README.md +31 -0
  427. package/skills/opentelemetry/opentelemetry-collector-config-review/SKILL.md +44 -0
  428. package/skills/opentelemetry/opentelemetry-collector-config-review/metadata.json +30 -0
  429. package/skills/opentelemetry/opentelemetry-collector-config-review/references/mcp-and-evidence.md +49 -0
  430. package/skills/opentelemetry/opentelemetry-collector-config-review/references/official-sources.md +31 -0
  431. package/skills/opentelemetry/opentelemetry-collector-config-review/references/workflow-and-output.md +155 -0
  432. package/skills/prometheus/prometheus-alerting-cardinality-review/SKILL.md +38 -0
  433. package/skills/prometheus/prometheus-alerting-cardinality-review/metadata.json +22 -0
  434. package/skills/prometheus/prometheus-alerting-cardinality-review/references/workflow-and-output.md +221 -0
  435. package/skills/sigstore/sigstore-cosign-supply-chain-review/SKILL.md +39 -0
  436. package/skills/sigstore/sigstore-cosign-supply-chain-review/metadata.json +22 -0
  437. package/skills/sigstore/sigstore-cosign-supply-chain-review/references/workflow-and-output.md +196 -0
  438. package/skills/terraform/README.md +29 -0
  439. package/skills/velero/velero-backup-restore-guard/SKILL.md +41 -0
  440. package/skills/velero/velero-backup-restore-guard/metadata.json +21 -0
  441. package/skills/velero/velero-backup-restore-guard/references/safety-checklist.md +40 -0
  442. package/skills/velero/velero-backup-restore-guard/references/workflow-and-output.md +202 -0
package/README.md CHANGED
@@ -1,13 +1,17 @@
1
1
  # Vanguard Frontier Agentic
2
2
 
3
3
  <div align="center">
4
+
5
+ <!-- 🖼️ PROJECT LOGO — created and ready to display -->
6
+ <img src="assets/logos/vanguard-frontier-agentic-logo.png" alt="Vanguard Frontier Agentic" width="220" />
7
+
4
8
  <p><strong>A curated marketplace for cloud and zero-trust AI workflows.</strong></p>
5
9
 
6
10
  <p>
7
11
  <a href="#get-started">Get Started</a> &nbsp;·&nbsp;
12
+ <a href="#install-reference">Install Reference</a> &nbsp;·&nbsp;
8
13
  <a href="#skills">Skills</a> &nbsp;·&nbsp;
9
14
  <a href="#agents">Agents</a> &nbsp;·&nbsp;
10
- <a href="#cli-commands">Commands</a> &nbsp;·&nbsp;
11
15
  <a href="https://github.com/Raishin/vanguard-frontier-agentic/issues">Issues</a> &nbsp;·&nbsp;
12
16
  <a href="#faq">FAQ</a> &nbsp;·&nbsp;
13
17
  <a href="#feedback">Feedback</a>
@@ -35,89 +39,74 @@ Kubernetes, Terraform, cloud security, and compliance-heavy architecture.
35
39
  [Kiro](https://kiro.dev/) &nbsp;·&nbsp;
36
40
  *and any other coding agent.*
37
41
 
38
- > 📦 **npm status (verified 2026-04-30):** `@raishin/vanguard-frontier-agentic`
39
- > is **not yet published** on the public npm registry. Install from GitHub today — see [Get Started](#get-started).
42
+ > 📦 **Available on npm:** `@raishin/vanguard-frontier-agentic` is published on the public npm registry.
40
43
 
41
44
  ---
42
45
 
43
- ## Get Started
46
+ ## 🚀 Get Started
44
47
 
45
- **Prerequisites:** [Node.js](https://nodejs.org/) 18+ (for the exporter CLI).
46
-
47
- ### 1. Install from GitHub
48
+ **Prerequisite:** [Node.js](https://nodejs.org/) 18+
48
49
 
49
50
  ```bash
50
- npm install github:Raishin/vanguard-frontier-agentic
51
- ```
52
-
53
- ### 2. Open your coding agent
54
-
55
- Launch [Claude Code](https://docs.anthropic.com/en/docs/claude-code), [Gemini CLI](https://github.com/google-gemini/gemini-cli), [Codex](https://github.com/openai/codex), or any coding agent you prefer.
56
-
57
- ### 3. Export agents into your repository
51
+ # 1️⃣ Install the package
52
+ npm install @raishin/vanguard-frontier-agentic@latest
58
53
 
59
- List available agent IDs:
54
+ # 2️⃣ Export agents for your job role into your repo
55
+ npx vfa-export-agents --platform claude-code --role cloud-security-engineer --repo .
60
56
 
61
- ```bash
62
- npx vfa-export-agents --list
57
+ # 3️⃣ Open your coding agent and reference the exported agent
58
+ # "Use kubernetes-rbac-review-agent to audit this RBAC change."
63
59
  ```
64
60
 
65
- Export an agent to your preferred platform:
66
-
67
- ```bash
68
- # Claude Code
69
- npx vfa-export-agents --platform claude-code --agents azure-live-aks-rollout-guard-agent --repo /path/to/your-repo
70
-
71
- # GitHub Copilot
72
- npx vfa-export-agents --platform copilot --agents azure-live-aks-rollout-guard-agent --repo /path/to/your-repo
73
-
74
- # Kiro (writes both IDE + CLI adapters)
75
- npx vfa-export-agents --platform kiro --agents azure-live-aks-rollout-guard-agent --repo /path/to/your-repo
76
-
77
- # Export everything for a platform
78
- npx vfa-export-agents --platform codex --all --repo /path/to/your-repo
79
- ```
80
-
81
- ### 4. Use the skill or agent
82
-
83
- Inside your coding agent session, reference the skill directly or let the exported agent guide you:
84
-
85
- ```text
86
- Use the azure-live-aks-rollout-guard skill to audit my deployment rollout before I proceed.
87
- ```
61
+ **🗺️ Not sure which role or agent you need?** Jump to the [Install Reference](#install-reference) for the full map.
88
62
 
89
63
  ---
90
64
 
91
- ## Skills
65
+ ## 🧠 Skills
92
66
 
93
- **107 skills** across AWS, Azure, OCI, security, Kubernetes, Terraform, and more.
67
+ **138 skills** across AWS, Azure, OCI, Kubernetes, CNCF ecosystem, Terraform, and more.
94
68
 
95
- | Domain | Count | What they cover |
96
- |--------|------:|----------------|
97
- | AWS | 42 | IAM, EKS, ECS, Lambda, RDS, S3, Cost, DevOps, Bedrock, Security, Live Guards |
98
- | Azure | 30 | AKS, App Service, ARM/Bicep, Key Vault, PIM, Cost, Entra ID, CosmosDB, Live Guards |
99
- | OCI | 35 | ADB, OKE, IAM, Vault, Resource Manager, Cost, Networking, Live Guards |
100
- | FinOps | 1 | Cross-cloud live price advisor (AWS + Azure + OCI pricing APIs) |
69
+ | Domain | Count | What they cover |
70
+ | ------------------ | ----: | ------------------------------------------------------------------------------------------------- |
71
+ | 🟧 AWS | 43 | IAM, EKS, ECS, Lambda, RDS, S3, Cost, DevOps, Bedrock, Security, Live Guards |
72
+ | 🟦 Azure | 32 | AKS, App Service, ARM/Bicep, Key Vault, PIM, Cost, Entra ID, CosmosDB, Live Guards |
73
+ | 🟥 OCI | 37 | ADB, OKE, IAM, Vault, Resource Manager, Cost, Networking, Live Guards |
74
+ | ☸️ Kubernetes | 5 | RBAC review, workload identity, PSA, live RBAC/admission/mesh/network/ArgoCD guards, maestro |
75
+ | 🛡️ Kyverno | 1 | ClusterPolicy/Policy, PolicyException, failureAction, background scan |
76
+ | 🔄 Argo CD | 1 | AppProject blast-radius, sync impersonation, RollingSync, sync-window |
77
+ | 🕸️ Istio | 1 | Ambient mesh, ztunnel L4 vs waypoint L7, PeerAuthentication, mTLS posture |
78
+ | 🐝 Cilium | 1 | CiliumNetworkPolicy, ClusterMesh trust, 169.254.169.254 egress, WireGuard encryption |
79
+ | 📡 OpenTelemetry | 1 | Collector pipeline, memory_limiter, receiver exposure, exporter cardinality, credential handling |
80
+ | 🟩 Terraform | 1 | IaC review and plan safety |
101
81
 
102
- ### Live Guard skills (high-risk cloud mutations)
82
+ ### 🛡️ Live Guard skills stop before you break prod
103
83
 
104
- Six live-guard skills per cloud enforce approval gates and rollback posture for irreversible operations:
84
+ Live-guard skills enforce approval gates and rollback posture for irreversible operations:
105
85
 
106
- **Azure (6):**
86
+ **🟦 Azure (7):**
107
87
  - `azure-live-aks-rollout-guard` — PDB audit, rollout pause/undo, post-rollout health
108
88
  - `azure-live-arm-deployment-stack-guard` — what-if evidence, denySettings, PIM-gated delete
109
89
  - `azure-live-app-service-slot-swap-guard` — sticky-setting audit, traffic shifting, swap-back path
110
90
  - `azure-live-keyvault-rotation-purge-guard` — rotation policy, soft-delete/purge-protection, PIM gate
111
91
  - `azure-live-pim-jit-activation-guard` — eligible assignment audit, MFA gate, JIT revocation
112
92
  - `azure-live-cost-budget-action-guard` — budget mutation, GPU SKU policy, quota read-only
93
+ - `azure-live-entra-role-assignment-guard` — permanent role assignment scope/principal audit, PIM-preference enforcement, Guest principal blocking
113
94
 
114
- **OCI (6):**
95
+ **🟥 OCI (7):**
115
96
  - `oci-live-autonomous-db-lifecycle-guard` — ADB scale/stop/clone/terminate with tag enforcement
116
97
  - `oci-live-oke-rollout-guard` — DevOps pipeline approval, PDB audit, rollout pause/undo
117
98
  - `oci-live-resource-manager-stack-guard` — plan-before-apply, drift detection, job-lock enforcement
118
99
  - `oci-live-vault-key-destruction-guard` — rotation vs. destruction separation, 7–30 day deletion window
119
100
  - `oci-live-iam-policy-compartment-guard` — MFA break-glass, dual-approval for tenancy-root changes
120
101
  - `oci-live-cost-budget-runaway-guard` — 3-tier budget management, GPU shape gate, ONS alert routing
102
+ - `oci-live-network-security-rule-guard` — Security List/NSG rule capture, 0.0.0.0/0 detection, DB-subnet criticality, Path Analyzer gate
103
+
104
+ **☸️ Kubernetes (5):**
105
+ - `kubernetes-live-rbac-mutation-guard` — escalate/bind/impersonate verb detection, wildcard blocking, pre-mutation state capture, rollback via YAML backup
106
+ - `kubernetes-live-admission-policy-guard` — Kyverno/VAP mutation blast-radius, failureAction enforcement, PolicyException scope validation
107
+ - `kubernetes-live-mesh-policy-guard` — Istio AuthorizationPolicy/PeerAuthentication traffic impact, PERMISSIVE→STRICT migration gating
108
+ - `kubernetes-live-network-policy-guard` — CiliumNetworkPolicy/NetworkPolicy connectivity impact, metadata service egress blocking
109
+ - `kubernetes-live-argocd-sync-guard` — AppProject blast-radius, sync impersonation identity review, sync-window change gating
121
110
 
122
111
  ### Sample skills
123
112
 
@@ -130,31 +119,42 @@ Rule of thumb: if the asset teaches **how to do a repeatable task**, it is a ski
130
119
 
131
120
  ---
132
121
 
133
- ## Agents
122
+ ## 🤖 Agents
134
123
 
135
- **107 agents** matching the skill catalog — each agent ships 7 harness adapters and a hardened permission model.
124
+ **141 agents** matching the skill catalog — each agent ships 7 harness adapters and a hardened permission model.
136
125
 
137
- | Provider | Count | Specialisations |
138
- |----------|------:|----------------|
139
- | AWS | 42 | advisory, execution, live-guard operators |
140
- | Azure | 30 | advisory, live-guard operators |
141
- | OCI | 33 | advisory, live-guard operators |
142
- | Multi-cloud | 1 | FinOps Cloud Price Advisor |
143
- | Terraform | 1 | IaC review |
126
+ | Provider | Count | Specialisations |
127
+ | ------------------ | ----: | ----------------------------------------------------------------------------------- |
128
+ | 🟧 AWS | 43 | advisory, execution, live-guard operators |
129
+ | 🟦 Azure | 32 | advisory, live-guard operators |
130
+ | 🟥 OCI | 35 | advisory, live-guard operators |
131
+ | ☸️ Kubernetes | 9 | RBAC review, workload identity, PSA, 4 live-guard operators, maestro router |
132
+ | 🛡️ Kyverno | 1 | Admission policy review |
133
+ | 🔄 Argo CD | 1 | GitOps review |
134
+ | 🕸️ Istio | 1 | Ambient mesh review |
135
+ | 🐝 Cilium | 1 | Network policy review |
136
+ | 📡 OpenTelemetry | 1 | Collector config review |
137
+ | 💰 Multi-cloud | 1 | FinOps Cloud Price Advisor |
138
+ | 🟩 Terraform | 2 | IaC review, maestro |
144
139
 
145
140
  Every agent ships:
146
- - `AGENT.md` — harness-neutral contract with guarded response shape
147
- - `PERMISSIONS.md` — provider-native least-privilege RBAC / OCI IAM policies
148
- - `metadata.json`schema-validated catalog entry
149
- - 7 harness adapters — claude-code, codex, copilot, cursor, gemini, kiro-ide, kiro-cli
141
+ - 📄 `AGENT.md` — harness-neutral contract with guarded response shape
142
+ - 🗂️ `metadata.json` — schema-validated catalog entry
143
+ - 🔌 7 harness adapters claude-code, codex, copilot, cursor, gemini, kiro-ide, kiro-cli
150
144
 
151
145
  ```text
152
146
  agents/
153
- ├── aws/ (42 agents)
154
- ├── azure/ (30 agents)
155
- ├── finops/ (1 agent — cross-cloud price advisor)
156
- ├── oci/ (33 agents)
157
- └── terraform/ (1 agent)
147
+ ├── aws/ (43 agents)
148
+ ├── azure/ (32 agents)
149
+ ├── argocd/ (1 agent — GitOps review)
150
+ ├── cilium/ (1 agent — network policy review)
151
+ ├── finops/ (1 agent — cross-cloud price advisor)
152
+ ├── istio/ (1 agent — ambient mesh review)
153
+ ├── kubernetes/ (13 agents — RBAC, workload identity, PSA, pod-spec, ESO, Kubecost, live-guards, maestro)
154
+ ├── kyverno/ (1 agent — admission policy review)
155
+ ├── oci/ (35 agents)
156
+ ├── opentelemetry/ (1 agent — collector config review)
157
+ └── terraform/ (2 agents)
158
158
  ```
159
159
 
160
160
  Example:
@@ -165,32 +165,148 @@ Use an agent when you need a **role with judgment**, not just a checklist.
165
165
 
166
166
  ---
167
167
 
168
- ## CLI Commands
168
+ ## 📦 Install Reference
169
169
 
170
- The `vfa-export-agents` CLI ships with this package.
170
+ Everything you can install, and exactly how to install it. One section, no hunting.
171
171
 
172
- | Command | What it does |
173
- |---------|-------------|
174
- | `vfa-export-agents --list` | List all available agent IDs |
175
- | `vfa-export-agents --platform <p> --agents <id> --repo <path>` | Export one agent to a platform |
176
- | `vfa-export-agents --platform <p> --all --repo <path>` | Export all agents for a platform |
177
- | `vfa-export-agents --platform <p> --all --repo <path> --force` | Overwrite existing exported files |
172
+ ### 🧭 How to pick what to install
178
173
 
179
- <details>
180
- <summary>Supported platforms and destination paths</summary>
174
+ ```
175
+ 🙋 I know my job function → use --role
176
+ 🎯 I know the specific agent I want → use --agents
177
+ ☁️ I work on one cloud provider only → add --provider to either of the above
178
+ 💥 I want everything for a platform → use --all
179
+ 🔍 I don't know what exists yet → use --list or --list-roles first
180
+ ```
181
181
 
182
- | Platform flag | Destination in consumer repo |
183
- |---------------|------------------------------|
184
- | `codex` | `.codex/agents/` |
185
- | `claude-code` | `.claude/agents/` |
186
- | `copilot` | `.github/agents/` |
187
- | `cursor` | `.cursor/agents/` |
188
- | `gemini` | `.gemini/agents/` |
189
- | `kiro` | `.kiro/agents/` |
182
+ ---
190
183
 
191
- </details>
184
+ ### 🏷️ Argument reference
192
185
 
193
- **Important:** the exporter installs custom agent files only — not repo-level guidance layers (`AGENTS.md`, `CLAUDE.md`, `.github/copilot-instructions.md`, etc.). See [`docs/normalized-platform-matrix.md`](docs/normalized-platform-matrix.md) for the distinction.
186
+ | Argument | Values | Required | Description |
187
+ | -------------- | ----------------------------------------------------- | --------------------------------------- | ---------------------------------------------------- |
188
+ | `--platform` | see table below | ✅ yes (except `--list`, `--list-roles`) | Target AI harness |
189
+ | `--role` | see role table below | pick one ↓ | Install all agents for a job role |
190
+ | `--agents` | comma-separated agent IDs | pick one ↓ | Install specific agents by ID |
191
+ | `--all` | — | pick one ↓ | Install every agent for the platform |
192
+ | `--provider` | `aws` `azure` `oci` `kubernetes` `terraform` `finops` `kyverno` `argocd` `istio` `cilium` `opentelemetry` | ➕ optional | Narrow `--role` results to one provider |
193
+ | `--repo` | path | ➕ optional | Target repo root (defaults to current directory) |
194
+ | `--force` | — | ➕ optional | Overwrite files that already exist |
195
+ | `--list` | — | 🔍 standalone | Print all agent IDs, providers, and names; then exit |
196
+ | `--list-roles` | — | 🔍 standalone | Print role IDs with agent counts; then exit |
197
+
198
+ ---
199
+
200
+ ### 🖥️ Platform reference
201
+
202
+ Each platform writes agent files to a different folder in your repo.
203
+
204
+ | `--platform` value | AI harness | Installs into |
205
+ | ------------------ | -------------------------------- | ----------------- |
206
+ | `claude-code` | 🤖 Claude Code (Anthropic) | `.claude/agents/` |
207
+ | `codex` | ⚡ Codex CLI (OpenAI) | `.codex/agents/` |
208
+ | `copilot` | 🐙 GitHub Copilot / VS Code | `.github/agents/` |
209
+ | `cursor` | 🖱️ Cursor | `.cursor/agents/` |
210
+ | `gemini` | ♊ Gemini CLI (Google) | `.gemini/agents/` |
211
+ | `kiro` | 🔮 Kiro — both IDE + CLI adapters | `.kiro/agents/` |
212
+ | `kiro-ide` | 🔮 Kiro IDE only | `.kiro/agents/` |
213
+ | `kiro-cli` | 🔮 Kiro CLI only | `.kiro/agents/` |
214
+
215
+ > ℹ️ The exporter installs agent files only. It does not write repo-level guidance files (`CLAUDE.md`, `AGENTS.md`, `.github/copilot-instructions.md`, etc.). See [`docs/normalized-platform-matrix.md`](docs/normalized-platform-matrix.md).
216
+
217
+ ---
218
+
219
+ ### 👤 Role reference
220
+
221
+ A role installs the curated set of agents a practitioner in that job function needs, across all cloud providers. Roles overlap intentionally — one agent may appear in multiple roles.
222
+
223
+ | `--role` value | 👤 Who it is for | 🔢 Agents | ☁️ What it covers |
224
+ | -------------------------------------------- | ------------------------------------------------------------------------ | -------: | ----------------------------------------------------------------------------------------------------------------------------------------- |
225
+ | `cloud-security-engineer` | 🔐 Security engineers, compliance teams, IAM owners | 26 | IAM/RBAC review, secrets lifecycle, identity governance, live guards for access and key mutations — AWS · Azure · OCI · Kubernetes |
226
+ | `cloud-platform-engineer` | 🏗️ Infrastructure/SRE, IaC owners, Kubernetes platform teams | 25 | IaC safety review, container platform operators, networking, landing zones, live deployment guards — AWS · Azure · OCI · Terraform |
227
+ | `cloud-dba` | 🗄️ Database administrators, data platform engineers | 13 | RDS/Aurora, DynamoDB, CosmosDB, OCI Autonomous/Exadata/MySQL HeatWave, replication, live DB lifecycle guards |
228
+ | `cloud-finops-analyst` | 💰 FinOps leads, cost governance teams | 9 | Cost optimization governors, anomaly watch, budget runaway guards, capacity planning — AWS · Azure · OCI |
229
+ | `cloud-solutions-architect` | 🏛️ Cloud architects, migration leads, AI/generative engineers | 20 | Solution architecture, migration cutover, resilience/BCDR, event-driven design, multi-cloud, AI/generative — AWS · Azure · OCI |
230
+ | `cloud-devops-engineer` | 🚀 CI/CD engineers, release managers, SRE ops | 25 | CI/CD, pipeline approval gates, live rollout guards, deployment hotfix operators, serverless readiness, observability — AWS · Azure · OCI |
231
+ | `kubernetes-admission-security-engineer` | 🛡️ Platform security, policy engineers, admission control owners | 6 | Kyverno policy review, K8s workload identity, PSA profiles, live admission-policy guard, live RBAC guard |
232
+ | `kubernetes-network-engineer` | 🐝 Network engineers, platform SREs, zero-trust mesh owners | 5 | Cilium/NetworkPolicy review, Istio ambient mesh review, live network-policy and mesh-policy guards |
233
+ | `kubernetes-application-platform-engineer` | 🔄 Platform engineers, GitOps owners, ArgoCD operators | 3 | Argo CD GitOps review, live ArgoCD sync guard, kubernetes-maestro router |
234
+ | `kubernetes-runtime-security-engineer` | 🔍 Runtime security, observability, and threat detection engineers | 6 | Falco threat rules, Sigstore supply chain, K8s workload identity, RBAC review, pod-spec review, live RBAC guard |
235
+ | `kubernetes-pki-engineer` | 🔐 PKI/cert lifecycle engineers, secrets management owners | 6 | cert-manager Issuer/ClusterIssuer, CertificateRequestPolicy gap, ESO scope, AWS Private CA, Azure KV cert, OCI Certificates |
236
+ | `kubernetes-observability-engineer` | 📊 SRE observability engineers, FinOps cost analysts | 4 | Prometheus alerting/cardinality, OTEL Collector pipeline, Kubecost chargeback/allocation, maestro router |
237
+ | `kubernetes-supply-chain-security-engineer` | 🔏 Supply chain security engineers, DevSecOps practitioners | 7 | Sigstore/Cosign, Falco runtime rules, Kyverno admission policy, PSA hardening, pod-spec review, live admission guard |
238
+ | `kubernetes-developer-platform-engineer` | 🎭 IDP/platform engineers, GitOps owners, developer experience leads | 6 | Backstage Scaffolder templates, Argo CD, Argo Rollouts progressive delivery, FluxCD Kustomization/HelmRelease, maestro router |
239
+ | `kubernetes-disaster-recovery-engineer` | 💾 SRE disaster recovery engineers, backup and restore owners | 2 | Velero live-guarded restore operations with pre-restore checklist, maestro router |
240
+
241
+ ```bash
242
+ # 🔍 See exactly which roles exist and how many agents each has
243
+ npx vfa-export-agents --list-roles
244
+
245
+ # 📦 Install a cloud role
246
+ npx vfa-export-agents --platform claude-code --role cloud-security-engineer --repo .
247
+
248
+ # ☁️ Install a cloud role but only for one provider
249
+ npx vfa-export-agents --platform claude-code --role cloud-security-engineer --provider azure --repo .
250
+
251
+ # ☸️ Install a Kubernetes specialist role
252
+ npx vfa-export-agents --platform claude-code --role kubernetes-admission-security-engineer --repo .
253
+ npx vfa-export-agents --platform claude-code --role kubernetes-network-engineer --repo .
254
+ ```
255
+
256
+ ---
257
+
258
+ ### ☁️ Provider reference
259
+
260
+ Use `--provider` with `--role` to narrow the install to one cloud.
261
+
262
+ | `--provider` value | Domain | 🔢 Agents in catalog |
263
+ | ------------------- | ---------------------------------------- | ------------------: |
264
+ | `aws` | 🟧 Amazon Web Services | 44 |
265
+ | `azure` | 🟦 Microsoft Azure | 33 |
266
+ | `oci` | 🟥 Oracle Cloud Infrastructure | 36 |
267
+ | `kubernetes` | ☸️ Kubernetes (cross-cloud) | 13 |
268
+ | `kyverno` | 🛡️ Kyverno (admission policy) | 1 |
269
+ | `argocd` | 🔄 Argo CD + Argo Rollouts (GitOps) | 2 |
270
+ | `istio` | 🕸️ Istio (service mesh) | 1 |
271
+ | `cilium` | 🐝 Cilium (network policy) | 1 |
272
+ | `opentelemetry` | 📡 OpenTelemetry (observability) | 1 |
273
+ | `terraform` | 🟩 Terraform (cross-cloud) | 2 |
274
+ | `multi-cloud` | 💰 FinOps / multi-cloud | 1 |
275
+ | `prometheus` | 📊 Prometheus (alerting + cardinality) | 1 |
276
+ | `falco` | 🦅 Falco (runtime threat detection) | 1 |
277
+ | `sigstore` | 🔏 Sigstore / Cosign (supply chain) | 1 |
278
+ | `cert-manager` | 🔐 cert-manager (PKI / cert lifecycle) | 1 |
279
+ | `fluxcd` | 🔄 FluxCD (GitOps) | 1 |
280
+ | `backstage` | 🎭 Backstage (IDP / developer platform) | 1 |
281
+ | `velero` | 💾 Velero (backup + restore) | 0 |
282
+
283
+ ```bash
284
+ # 🟥 Install every OCI agent for a cloud-platform-engineer (OCI-only team)
285
+ npx vfa-export-agents --platform codex --role cloud-platform-engineer --provider oci --repo .
286
+
287
+ # 🟦 Install every Azure agent for a cloud-devops-engineer
288
+ npx vfa-export-agents --platform copilot --role cloud-devops-engineer --provider azure --repo .
289
+ ```
290
+
291
+ ---
292
+
293
+ ### 🎯 Common install scenarios
294
+
295
+ | 🙋 I want to… | Command |
296
+ | ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- |
297
+ | 🔍 See what agents exist | `npx vfa-export-agents --list` |
298
+ | 🔍 See what roles exist | `npx vfa-export-agents --list-roles` |
299
+ | 👤 Install for my job role (Claude Code) | `npx vfa-export-agents --platform claude-code --role <role> --repo .` |
300
+ | ☁️ Install for my job role, one cloud only | `npx vfa-export-agents --platform claude-code --role <role> --provider aws --repo .` |
301
+ | ☸️ Install K8s admission security role | `npx vfa-export-agents --platform claude-code --role kubernetes-admission-security-engineer --repo .` |
302
+ | 🐝 Install K8s network engineering role | `npx vfa-export-agents --platform claude-code --role kubernetes-network-engineer --repo .` |
303
+ | 🧭 Install the Kubernetes maestro router only | `npx vfa-export-agents --platform claude-code --agents kubernetes-maestro-agent --repo .` |
304
+ | 🎯 Install one specific agent | `npx vfa-export-agents --platform claude-code --agents kubernetes-rbac-review-agent --repo .` |
305
+ | 🎯 Install two specific agents | `npx vfa-export-agents --platform claude-code --agents agent-id-1,agent-id-2 --repo .` |
306
+ | 💥 Install everything for Codex | `npx vfa-export-agents --platform codex --all --repo .` |
307
+ | 🔄 Re-install and overwrite existing files | `npx vfa-export-agents --platform claude-code --role <role> --repo . --force` |
308
+ | 📂 Install into a different repo path | `npx vfa-export-agents --platform gemini --role <role> --repo /path/to/other-repo` |
309
+ | 🏭 Enforce via CI/CD pipeline | See [`docs/ci-cd-enforcement-pattern.md`](docs/ci-cd-enforcement-pattern.md) |
194
310
 
195
311
  ---
196
312
 
@@ -294,8 +410,10 @@ QSAs, legal counsel, or official standards.
294
410
  It is a **control-aware engineering toolbox**. The assets should help teams
295
411
  design and collect evidence for common security expectations across frameworks.
296
412
 
297
- | Framework / standard | What it pushes us to remember | Repo design implication |
298
- | --------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------- |
413
+ Every live-guard and review agent produces a **structured verdict response** (`verdict`, `evidence_level`, `blockers`, `safe_next_actions`, `open_questions`) that maps directly to SOC 2 CC6.1, PCI DSS Req 7, NIS2 Article 21, NIST CSF PR.AC-4, and ISO 27001 A.9.1.1 — no post-processing required. See [`docs/evidence-output-spec.md`](docs/evidence-output-spec.md) for the full control mapping and evidence retention guidance.
414
+
415
+ | Framework / standard | What it pushes us to remember | Repo design implication |
416
+ | -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------- |
299
417
  | 🔵 **SOC 2 Type 2** | Controls must operate over a period of time, especially around security, availability, confidentiality, processing integrity, and privacy trust service criteria. | Workflows should leave evidence trails, not just one-time fixes. |
300
418
  | 💳 **PCI DSS** | Cardholder data environments need scoped controls, secure configuration, access control, monitoring, vulnerability management, and testing. | Workflows should reduce scope, avoid broad access, and flag payment-data risk. |
301
419
  | 🇪🇺 **NIS2** | EU cybersecurity rules emphasize governance, risk management, incident reporting, supply-chain security, and management accountability. | Workflows should make ownership, reporting, and supplier/cloud dependencies explicit. |
@@ -312,8 +430,8 @@ probably mean **NIS2** or they are mixing two different things.
312
430
 
313
431
  Use these principles when creating or reviewing assets:
314
432
 
315
- | Principle | What good looks like |
316
- | --------------------------- | ------------------------------------------------------------------------------------- |
433
+ | Principle | What good looks like |
434
+ | -------------------------- | ------------------------------------------------------------------------------------- |
317
435
  | 👤 Identity-first | Humans, workloads, agents, and CI/CD jobs have explicit identities. |
318
436
  | 🔐 Least privilege | Permissions are narrow, justified, and reviewable. |
319
437
  | 🧱 Segmented blast radius | Network, account, project, subscription, tenancy, and data boundaries are deliberate. |
@@ -327,17 +445,17 @@ Use these principles when creating or reviewing assets:
327
445
 
328
446
  ## 🧭 Quick map
329
447
 
330
- | Folder | What lives here | Easy memory hook |
331
- | -------------------------- | ------------------------------------------------ | -------------------------------------- |
332
- | [`skills/`](skills/) | Reusable workflows grouped by provider or domain | 🧠 "How do I do this task?" |
333
- | [`agents/`](agents/) | Expert roles grouped by provider or domain | 🤖 "Who should review this?" |
334
- | [`rules/`](rules/) | Harness-specific instructions | 📏 "What behavior is always expected?" |
335
- | [`mcp/`](mcp/) | MCP server references and trust notes | 🔌 "What can this connect to?" |
336
- | [`catalog/`](catalog/) | JSON indexes for marketplace discovery | 🗂️ "What assets exist?" |
337
- | [`schemas/`](schemas/) | Metadata validation contracts | ✅ "What fields are required?" |
338
- | [`templates/`](templates/) | Starter templates for new assets | 🧱 "How do I add one?" |
339
- | [`docs/`](docs/) | Quality rules, taxonomy, and marketplace notes | 📚 "How should this repo work?" |
340
- | [`assets/`](assets/) | Logos and visual assets | 🎨 "What images can docs use?" |
448
+ | Folder | What lives here | Easy memory hook |
449
+ | -------------------------- | ----------------------------------------------------------------------------- | ------------------------------------- |
450
+ | [`skills/`](skills/) | Reusable workflows grouped by provider or domain | 🧠 "How do I do this task?" |
451
+ | [`agents/`](agents/) | Expert roles grouped by provider or domain | 🤖 "Who should review this?" |
452
+ | [`rules/`](rules/) | Harness-specific instructions | 📏 "What behavior is always expected?" |
453
+ | [`mcp/`](mcp/) | MCP server references and trust notes | 🔌 "What can this connect to?" |
454
+ | [`catalog/`](catalog/) | JSON indexes for marketplace discovery | 🗂️ "What assets exist?" |
455
+ | [`schemas/`](schemas/) | Metadata validation contracts | ✅ "What fields are required?" |
456
+ | [`templates/`](templates/) | Starter templates for new assets | 🧱 "How do I add one?" |
457
+ | [`docs/`](docs/) | Quality rules, taxonomy, compliance evidence spec, CI/CD enforcement patterns | 📚 "How should this repo work?" |
458
+ | [`assets/`](assets/) | Logos and visual assets | 🎨 "What images can docs use?" |
341
459
 
342
460
  ---
343
461
 
@@ -447,11 +565,11 @@ harder to trust.
447
565
 
448
566
  Use SemVer: `MAJOR.MINOR.PATCH`.
449
567
 
450
- | Version bump | Use when | Example |
451
- | ------------ | -------- | ------- |
452
- | 🩹 `PATCH` | Typos, metadata corrections, manifest refresh | `0.1.0` → `0.1.1` |
453
- | ✨ `MINOR` | New skills, agents, provider folders, optional metadata | `0.1.0` → `0.2.0` |
454
- | 💥 `MAJOR` | Removed/renamed IDs, moved paths, breaking schema changes | `1.4.2` → `2.0.0` |
568
+ | Version bump | Use when | Example |
569
+ | ------------ | --------------------------------------------------------- | ----------------- |
570
+ | 🩹 `PATCH` | Typos, metadata corrections, manifest refresh | `0.1.0` → `0.1.1` |
571
+ | ✨ `MINOR` | New skills, agents, provider folders, optional metadata | `0.1.0` → `0.2.0` |
572
+ | 💥 `MAJOR` | Removed/renamed IDs, moved paths, breaking schema changes | `1.4.2` → `2.0.0` |
455
573
 
456
574
  Read the full policy in [`docs/release-versioning.md`](docs/release-versioning.md).
457
575
 
@@ -531,8 +649,8 @@ See:
531
649
  ---
532
650
 
533
651
  ```text
534
- Skills = workflows 🧠 107 across AWS · Azure · OCI · FinOps
535
- Agents = expert roles 🤖 107 with 7 harness adapters each
652
+ Skills = workflows 🧠 138 across AWS · Azure · OCI · Kubernetes · CNCF · Terraform
653
+ Agents = expert roles 🤖 141 with 7 harness adapters each
536
654
  Rules = always-on 📏 harness-specific operating guidance
537
655
  MCP = real connections 🔌 AWS · Azure · Oracle official servers
538
656
  Catalog = searchable index 🗂️ machine-readable, hash-verified