@raishin/vanguard-frontier-agentic 1.6.0 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (441) hide show
  1. package/README.md +49 -11
  2. package/agents/AGENTS.md +83 -0
  3. package/agents/README.md +10 -0
  4. package/agents/contabo/README.md +174 -0
  5. package/agents/contabo/contabo-capacity-planner-agent/AGENT.md +49 -0
  6. package/agents/contabo/contabo-capacity-planner-agent/harnesses/claude-code.agent.md +36 -0
  7. package/agents/contabo/contabo-capacity-planner-agent/harnesses/codex.toml +33 -0
  8. package/agents/contabo/contabo-capacity-planner-agent/harnesses/copilot.agent.md +36 -0
  9. package/agents/contabo/contabo-capacity-planner-agent/harnesses/cursor.agent.md +36 -0
  10. package/agents/contabo/contabo-capacity-planner-agent/harnesses/gemini.agent.md +36 -0
  11. package/agents/contabo/contabo-capacity-planner-agent/harnesses/kiro-cli.agent.json +6 -0
  12. package/agents/contabo/contabo-capacity-planner-agent/harnesses/kiro-ide.agent.md +36 -0
  13. package/agents/contabo/contabo-capacity-planner-agent/metadata.json +27 -0
  14. package/agents/contabo/contabo-cost-optimization-analyst-agent/AGENT.md +50 -0
  15. package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/claude-code.agent.md +37 -0
  16. package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/codex.toml +33 -0
  17. package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/copilot.agent.md +37 -0
  18. package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/cursor.agent.md +37 -0
  19. package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/gemini.agent.md +37 -0
  20. package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/kiro-cli.agent.json +6 -0
  21. package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/kiro-ide.agent.md +37 -0
  22. package/agents/contabo/contabo-cost-optimization-analyst-agent/metadata.json +27 -0
  23. package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/AGENT.md +53 -0
  24. package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/claude-code.agent.md +40 -0
  25. package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/codex.toml +34 -0
  26. package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/copilot.agent.md +40 -0
  27. package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/cursor.agent.md +40 -0
  28. package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/gemini.agent.md +40 -0
  29. package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/kiro-cli.agent.json +6 -0
  30. package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  31. package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/metadata.json +26 -0
  32. package/agents/contabo/contabo-live-storage-operations-guard-agent/AGENT.md +54 -0
  33. package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/claude-code.agent.md +38 -0
  34. package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/codex.toml +34 -0
  35. package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/copilot.agent.md +38 -0
  36. package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/cursor.agent.md +38 -0
  37. package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/gemini.agent.md +38 -0
  38. package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/kiro-cli.agent.json +6 -0
  39. package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/kiro-ide.agent.md +38 -0
  40. package/agents/contabo/contabo-live-storage-operations-guard-agent/metadata.json +26 -0
  41. package/agents/contabo/contabo-maestro-agent/AGENT.md +49 -0
  42. package/agents/contabo/contabo-maestro-agent/harnesses/claude-code.agent.md +37 -0
  43. package/agents/contabo/contabo-maestro-agent/harnesses/codex.toml +33 -0
  44. package/agents/contabo/contabo-maestro-agent/harnesses/copilot.agent.md +37 -0
  45. package/agents/contabo/contabo-maestro-agent/harnesses/cursor.agent.md +37 -0
  46. package/agents/contabo/contabo-maestro-agent/harnesses/gemini.agent.md +37 -0
  47. package/agents/contabo/contabo-maestro-agent/harnesses/kiro-cli.agent.json +6 -0
  48. package/agents/contabo/contabo-maestro-agent/harnesses/kiro-ide.agent.md +37 -0
  49. package/agents/contabo/contabo-maestro-agent/metadata.json +26 -0
  50. package/agents/contabo/contabo-security-hardening-agent/AGENT.md +49 -0
  51. package/agents/contabo/contabo-security-hardening-agent/harnesses/claude-code.agent.md +37 -0
  52. package/agents/contabo/contabo-security-hardening-agent/harnesses/codex.toml +34 -0
  53. package/agents/contabo/contabo-security-hardening-agent/harnesses/copilot.agent.md +37 -0
  54. package/agents/contabo/contabo-security-hardening-agent/harnesses/cursor.agent.md +37 -0
  55. package/agents/contabo/contabo-security-hardening-agent/harnesses/gemini.agent.md +37 -0
  56. package/agents/contabo/contabo-security-hardening-agent/harnesses/kiro-cli.agent.json +6 -0
  57. package/agents/contabo/contabo-security-hardening-agent/harnesses/kiro-ide.agent.md +37 -0
  58. package/agents/contabo/contabo-security-hardening-agent/metadata.json +26 -0
  59. package/agents/hetzner/README.md +156 -0
  60. package/agents/hetzner/hetzner-capacity-planner-agent/AGENT.md +50 -0
  61. package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/claude-code.agent.md +38 -0
  62. package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/codex.toml +33 -0
  63. package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/copilot.agent.md +38 -0
  64. package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/cursor.agent.md +38 -0
  65. package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/gemini.agent.md +38 -0
  66. package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/kiro-cli.agent.json +6 -0
  67. package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/kiro-ide.agent.md +38 -0
  68. package/agents/hetzner/hetzner-capacity-planner-agent/metadata.json +27 -0
  69. package/agents/hetzner/hetzner-cost-optimization-analyst-agent/AGENT.md +50 -0
  70. package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/claude-code.agent.md +38 -0
  71. package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/codex.toml +33 -0
  72. package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/copilot.agent.md +38 -0
  73. package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/cursor.agent.md +38 -0
  74. package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/gemini.agent.md +38 -0
  75. package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/kiro-cli.agent.json +6 -0
  76. package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/kiro-ide.agent.md +38 -0
  77. package/agents/hetzner/hetzner-cost-optimization-analyst-agent/metadata.json +27 -0
  78. package/agents/hetzner/hetzner-infrastructure-reviewer-agent/AGENT.md +50 -0
  79. package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/claude-code.agent.md +38 -0
  80. package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/codex.toml +33 -0
  81. package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/copilot.agent.md +38 -0
  82. package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/cursor.agent.md +38 -0
  83. package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/gemini.agent.md +38 -0
  84. package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/kiro-cli.agent.json +6 -0
  85. package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/kiro-ide.agent.md +38 -0
  86. package/agents/hetzner/hetzner-infrastructure-reviewer-agent/metadata.json +27 -0
  87. package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/AGENT.md +62 -0
  88. package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/claude-code.agent.md +44 -0
  89. package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/codex.toml +47 -0
  90. package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/copilot.agent.md +44 -0
  91. package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/cursor.agent.md +44 -0
  92. package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/gemini.agent.md +44 -0
  93. package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/kiro-cli.agent.json +6 -0
  94. package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/kiro-ide.agent.md +44 -0
  95. package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/metadata.json +27 -0
  96. package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/AGENT.md +62 -0
  97. package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/claude-code.agent.md +45 -0
  98. package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/codex.toml +50 -0
  99. package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/copilot.agent.md +45 -0
  100. package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/cursor.agent.md +45 -0
  101. package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/gemini.agent.md +45 -0
  102. package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/kiro-cli.agent.json +6 -0
  103. package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/kiro-ide.agent.md +45 -0
  104. package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/metadata.json +27 -0
  105. package/agents/hetzner/hetzner-maestro-agent/AGENT.md +50 -0
  106. package/agents/hetzner/hetzner-maestro-agent/harnesses/claude-code.agent.md +38 -0
  107. package/agents/hetzner/hetzner-maestro-agent/harnesses/codex.toml +33 -0
  108. package/agents/hetzner/hetzner-maestro-agent/harnesses/copilot.agent.md +38 -0
  109. package/agents/hetzner/hetzner-maestro-agent/harnesses/cursor.agent.md +38 -0
  110. package/agents/hetzner/hetzner-maestro-agent/harnesses/gemini.agent.md +38 -0
  111. package/agents/hetzner/hetzner-maestro-agent/harnesses/kiro-cli.agent.json +6 -0
  112. package/agents/hetzner/hetzner-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
  113. package/agents/hetzner/hetzner-maestro-agent/metadata.json +26 -0
  114. package/agents/ionos/README.md +136 -0
  115. package/agents/ionos/ionos-cost-optimization-analyst-agent/AGENT.md +48 -0
  116. package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/claude-code.agent.md +36 -0
  117. package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/codex.toml +31 -0
  118. package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/copilot.agent.md +36 -0
  119. package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/cursor.agent.md +36 -0
  120. package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/gemini.agent.md +36 -0
  121. package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/kiro-cli.agent.json +6 -0
  122. package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/kiro-ide.agent.md +36 -0
  123. package/agents/ionos/ionos-cost-optimization-analyst-agent/metadata.json +25 -0
  124. package/agents/ionos/ionos-datacenter-designer-reviewer-agent/AGENT.md +49 -0
  125. package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/claude-code.agent.md +37 -0
  126. package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/codex.toml +32 -0
  127. package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/copilot.agent.md +37 -0
  128. package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/cursor.agent.md +37 -0
  129. package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/gemini.agent.md +37 -0
  130. package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/kiro-cli.agent.json +6 -0
  131. package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/kiro-ide.agent.md +37 -0
  132. package/agents/ionos/ionos-datacenter-designer-reviewer-agent/metadata.json +25 -0
  133. package/agents/ionos/ionos-kubernetes-platform-operator-agent/AGENT.md +48 -0
  134. package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/claude-code.agent.md +36 -0
  135. package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/codex.toml +31 -0
  136. package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/copilot.agent.md +36 -0
  137. package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/cursor.agent.md +36 -0
  138. package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/gemini.agent.md +36 -0
  139. package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/kiro-cli.agent.json +6 -0
  140. package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/kiro-ide.agent.md +36 -0
  141. package/agents/ionos/ionos-kubernetes-platform-operator-agent/metadata.json +25 -0
  142. package/agents/ionos/ionos-live-database-lifecycle-guard-agent/AGENT.md +53 -0
  143. package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/claude-code.agent.md +37 -0
  144. package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/codex.toml +33 -0
  145. package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/copilot.agent.md +37 -0
  146. package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/cursor.agent.md +37 -0
  147. package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/gemini.agent.md +37 -0
  148. package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/kiro-cli.agent.json +6 -0
  149. package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/kiro-ide.agent.md +37 -0
  150. package/agents/ionos/ionos-live-database-lifecycle-guard-agent/metadata.json +25 -0
  151. package/agents/ionos/ionos-maestro-agent/AGENT.md +48 -0
  152. package/agents/ionos/ionos-maestro-agent/harnesses/claude-code.agent.md +36 -0
  153. package/agents/ionos/ionos-maestro-agent/harnesses/codex.toml +31 -0
  154. package/agents/ionos/ionos-maestro-agent/harnesses/copilot.agent.md +36 -0
  155. package/agents/ionos/ionos-maestro-agent/harnesses/cursor.agent.md +36 -0
  156. package/agents/ionos/ionos-maestro-agent/harnesses/gemini.agent.md +36 -0
  157. package/agents/ionos/ionos-maestro-agent/harnesses/kiro-cli.agent.json +6 -0
  158. package/agents/ionos/ionos-maestro-agent/harnesses/kiro-ide.agent.md +36 -0
  159. package/agents/ionos/ionos-maestro-agent/metadata.json +24 -0
  160. package/agents/ionos/ionos-security-compliance-reviewer-agent/AGENT.md +49 -0
  161. package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/claude-code.agent.md +37 -0
  162. package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/codex.toml +32 -0
  163. package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/copilot.agent.md +37 -0
  164. package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/cursor.agent.md +37 -0
  165. package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/gemini.agent.md +37 -0
  166. package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/kiro-cli.agent.json +6 -0
  167. package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/kiro-ide.agent.md +37 -0
  168. package/agents/ionos/ionos-security-compliance-reviewer-agent/metadata.json +25 -0
  169. package/agents/ovhcloud/README.md +113 -0
  170. package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/AGENT.md +47 -0
  171. package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/claude-code.agent.md +35 -0
  172. package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/codex.toml +31 -0
  173. package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/copilot.agent.md +35 -0
  174. package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/cursor.agent.md +35 -0
  175. package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/gemini.agent.md +35 -0
  176. package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/kiro-cli.agent.json +6 -0
  177. package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/kiro-ide.agent.md +35 -0
  178. package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/metadata.json +24 -0
  179. package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/AGENT.md +47 -0
  180. package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/claude-code.agent.md +35 -0
  181. package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/codex.toml +31 -0
  182. package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/copilot.agent.md +35 -0
  183. package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/cursor.agent.md +35 -0
  184. package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/gemini.agent.md +35 -0
  185. package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/kiro-cli.agent.json +6 -0
  186. package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/kiro-ide.agent.md +35 -0
  187. package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/metadata.json +24 -0
  188. package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/AGENT.md +47 -0
  189. package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/claude-code.agent.md +35 -0
  190. package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/codex.toml +31 -0
  191. package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/copilot.agent.md +35 -0
  192. package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/cursor.agent.md +35 -0
  193. package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/gemini.agent.md +35 -0
  194. package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/kiro-cli.agent.json +6 -0
  195. package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/kiro-ide.agent.md +35 -0
  196. package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/metadata.json +24 -0
  197. package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/AGENT.md +52 -0
  198. package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/claude-code.agent.md +40 -0
  199. package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/codex.toml +38 -0
  200. package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/copilot.agent.md +40 -0
  201. package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/cursor.agent.md +40 -0
  202. package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/gemini.agent.md +40 -0
  203. package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/kiro-cli.agent.json +6 -0
  204. package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/kiro-ide.agent.md +40 -0
  205. package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/metadata.json +23 -0
  206. package/agents/ovhcloud/ovhcloud-maestro-agent/AGENT.md +47 -0
  207. package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/claude-code.agent.md +35 -0
  208. package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/codex.toml +31 -0
  209. package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/copilot.agent.md +35 -0
  210. package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/cursor.agent.md +35 -0
  211. package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/gemini.agent.md +35 -0
  212. package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/kiro-cli.agent.json +6 -0
  213. package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/kiro-ide.agent.md +35 -0
  214. package/agents/ovhcloud/ovhcloud-maestro-agent/metadata.json +24 -0
  215. package/agents/ovhcloud/ovhcloud-network-architect-agent/AGENT.md +47 -0
  216. package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/claude-code.agent.md +35 -0
  217. package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/codex.toml +31 -0
  218. package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/copilot.agent.md +35 -0
  219. package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/cursor.agent.md +35 -0
  220. package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/gemini.agent.md +35 -0
  221. package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/kiro-cli.agent.json +6 -0
  222. package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/kiro-ide.agent.md +35 -0
  223. package/agents/ovhcloud/ovhcloud-network-architect-agent/metadata.json +24 -0
  224. package/agents/scaleway/README.md +142 -0
  225. package/agents/scaleway/scaleway-cost-optimizer-agent/AGENT.md +47 -0
  226. package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/claude-code.agent.md +35 -0
  227. package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/codex.toml +32 -0
  228. package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/copilot.agent.md +35 -0
  229. package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/cursor.agent.md +35 -0
  230. package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/gemini.agent.md +35 -0
  231. package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/kiro-cli.agent.json +6 -0
  232. package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/kiro-ide.agent.md +35 -0
  233. package/agents/scaleway/scaleway-cost-optimizer-agent/metadata.json +26 -0
  234. package/agents/scaleway/scaleway-iam-policy-review-agent/AGENT.md +47 -0
  235. package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/claude-code.agent.md +35 -0
  236. package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/codex.toml +32 -0
  237. package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/copilot.agent.md +35 -0
  238. package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/cursor.agent.md +35 -0
  239. package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/gemini.agent.md +35 -0
  240. package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/kiro-cli.agent.json +6 -0
  241. package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/kiro-ide.agent.md +35 -0
  242. package/agents/scaleway/scaleway-iam-policy-review-agent/metadata.json +25 -0
  243. package/agents/scaleway/scaleway-kapsule-platform-operator-agent/AGENT.md +47 -0
  244. package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/claude-code.agent.md +35 -0
  245. package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/codex.toml +32 -0
  246. package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/copilot.agent.md +35 -0
  247. package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/cursor.agent.md +35 -0
  248. package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/gemini.agent.md +35 -0
  249. package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/kiro-cli.agent.json +6 -0
  250. package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/kiro-ide.agent.md +35 -0
  251. package/agents/scaleway/scaleway-kapsule-platform-operator-agent/metadata.json +26 -0
  252. package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/AGENT.md +58 -0
  253. package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/claude-code.agent.md +46 -0
  254. package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/codex.toml +40 -0
  255. package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/copilot.agent.md +46 -0
  256. package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/cursor.agent.md +46 -0
  257. package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/gemini.agent.md +46 -0
  258. package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/kiro-cli.agent.json +6 -0
  259. package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/kiro-ide.agent.md +46 -0
  260. package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/metadata.json +26 -0
  261. package/agents/scaleway/scaleway-maestro-agent/AGENT.md +47 -0
  262. package/agents/scaleway/scaleway-maestro-agent/harnesses/claude-code.agent.md +35 -0
  263. package/agents/scaleway/scaleway-maestro-agent/harnesses/codex.toml +31 -0
  264. package/agents/scaleway/scaleway-maestro-agent/harnesses/copilot.agent.md +35 -0
  265. package/agents/scaleway/scaleway-maestro-agent/harnesses/cursor.agent.md +35 -0
  266. package/agents/scaleway/scaleway-maestro-agent/harnesses/gemini.agent.md +35 -0
  267. package/agents/scaleway/scaleway-maestro-agent/harnesses/kiro-cli.agent.json +6 -0
  268. package/agents/scaleway/scaleway-maestro-agent/harnesses/kiro-ide.agent.md +35 -0
  269. package/agents/scaleway/scaleway-maestro-agent/metadata.json +24 -0
  270. package/agents/scaleway/scaleway-network-architect-agent/AGENT.md +47 -0
  271. package/agents/scaleway/scaleway-network-architect-agent/harnesses/claude-code.agent.md +35 -0
  272. package/agents/scaleway/scaleway-network-architect-agent/harnesses/codex.toml +32 -0
  273. package/agents/scaleway/scaleway-network-architect-agent/harnesses/copilot.agent.md +35 -0
  274. package/agents/scaleway/scaleway-network-architect-agent/harnesses/cursor.agent.md +35 -0
  275. package/agents/scaleway/scaleway-network-architect-agent/harnesses/gemini.agent.md +35 -0
  276. package/agents/scaleway/scaleway-network-architect-agent/harnesses/kiro-cli.agent.json +6 -0
  277. package/agents/scaleway/scaleway-network-architect-agent/harnesses/kiro-ide.agent.md +35 -0
  278. package/agents/scaleway/scaleway-network-architect-agent/metadata.json +26 -0
  279. package/assets/logos/cloud/contabo/contabo-logo.png +0 -0
  280. package/assets/logos/cloud/contabo/contabo-logo.svg +21 -0
  281. package/assets/logos/cloud/hetzner/hetzner-logo.svg +1 -0
  282. package/assets/logos/cloud/ionos/ionos-logo.svg +1 -0
  283. package/assets/logos/cloud/ovhcloud/ovhcloud-logo.svg +27 -0
  284. package/assets/logos/cloud/scaleway/scaleway-logo.svg +1 -0
  285. package/catalog/agents.json +954 -160
  286. package/catalog/install-roles.json +54 -6
  287. package/catalog/skill-manifest.json +960 -0
  288. package/catalog/skills.json +950 -165
  289. package/package.json +7 -5
  290. package/schemas/agent.schema.json +5 -0
  291. package/scripts/export-marketplace-agents.mjs +1 -1
  292. package/skills/contabo/contabo-capacity-planner/SKILL.md +71 -0
  293. package/skills/contabo/contabo-capacity-planner/metadata.json +26 -0
  294. package/skills/contabo/contabo-capacity-planner/references/official-sources.md +16 -0
  295. package/skills/contabo/contabo-capacity-planner/references/safety-checklist.md +26 -0
  296. package/skills/contabo/contabo-capacity-planner/references/workflow-and-output.md +73 -0
  297. package/skills/contabo/contabo-cost-optimization-analyst/SKILL.md +56 -0
  298. package/skills/contabo/contabo-cost-optimization-analyst/metadata.json +26 -0
  299. package/skills/contabo/contabo-cost-optimization-analyst/references/official-sources.md +17 -0
  300. package/skills/contabo/contabo-cost-optimization-analyst/references/safety-checklist.md +25 -0
  301. package/skills/contabo/contabo-cost-optimization-analyst/references/workflow-and-output.md +63 -0
  302. package/skills/contabo/contabo-live-instance-lifecycle-guard/SKILL.md +91 -0
  303. package/skills/contabo/contabo-live-instance-lifecycle-guard/metadata.json +25 -0
  304. package/skills/contabo/contabo-live-instance-lifecycle-guard/references/official-sources.md +16 -0
  305. package/skills/contabo/contabo-live-instance-lifecycle-guard/references/safety-checklist.md +43 -0
  306. package/skills/contabo/contabo-live-instance-lifecycle-guard/references/workflow-and-output.md +63 -0
  307. package/skills/contabo/contabo-live-storage-operations-guard/SKILL.md +92 -0
  308. package/skills/contabo/contabo-live-storage-operations-guard/metadata.json +25 -0
  309. package/skills/contabo/contabo-live-storage-operations-guard/references/official-sources.md +16 -0
  310. package/skills/contabo/contabo-live-storage-operations-guard/references/safety-checklist.md +44 -0
  311. package/skills/contabo/contabo-live-storage-operations-guard/references/workflow-and-output.md +59 -0
  312. package/skills/contabo/contabo-maestro/SKILL.md +61 -0
  313. package/skills/contabo/contabo-maestro/metadata.json +25 -0
  314. package/skills/contabo/contabo-maestro/references/official-sources.md +17 -0
  315. package/skills/contabo/contabo-maestro/references/safety-checklist.md +24 -0
  316. package/skills/contabo/contabo-maestro/references/workflow-and-output.md +52 -0
  317. package/skills/contabo/contabo-security-hardening/SKILL.md +57 -0
  318. package/skills/contabo/contabo-security-hardening/metadata.json +25 -0
  319. package/skills/contabo/contabo-security-hardening/references/official-sources.md +16 -0
  320. package/skills/contabo/contabo-security-hardening/references/safety-checklist.md +27 -0
  321. package/skills/contabo/contabo-security-hardening/references/workflow-and-output.md +65 -0
  322. package/skills/hetzner/hetzner-capacity-planner/SKILL.md +56 -0
  323. package/skills/hetzner/hetzner-capacity-planner/metadata.json +26 -0
  324. package/skills/hetzner/hetzner-capacity-planner/references/official-sources.md +27 -0
  325. package/skills/hetzner/hetzner-capacity-planner/references/safety-checklist.md +28 -0
  326. package/skills/hetzner/hetzner-capacity-planner/references/workflow-and-output.md +73 -0
  327. package/skills/hetzner/hetzner-cost-optimization-analyst/SKILL.md +55 -0
  328. package/skills/hetzner/hetzner-cost-optimization-analyst/metadata.json +26 -0
  329. package/skills/hetzner/hetzner-cost-optimization-analyst/references/official-sources.md +26 -0
  330. package/skills/hetzner/hetzner-cost-optimization-analyst/references/safety-checklist.md +27 -0
  331. package/skills/hetzner/hetzner-cost-optimization-analyst/references/workflow-and-output.md +65 -0
  332. package/skills/hetzner/hetzner-infrastructure-reviewer/SKILL.md +56 -0
  333. package/skills/hetzner/hetzner-infrastructure-reviewer/metadata.json +26 -0
  334. package/skills/hetzner/hetzner-infrastructure-reviewer/references/official-sources.md +26 -0
  335. package/skills/hetzner/hetzner-infrastructure-reviewer/references/safety-checklist.md +27 -0
  336. package/skills/hetzner/hetzner-infrastructure-reviewer/references/workflow-and-output.md +67 -0
  337. package/skills/hetzner/hetzner-live-firewall-rule-guard/SKILL.md +63 -0
  338. package/skills/hetzner/hetzner-live-firewall-rule-guard/metadata.json +26 -0
  339. package/skills/hetzner/hetzner-live-firewall-rule-guard/references/official-sources.md +28 -0
  340. package/skills/hetzner/hetzner-live-firewall-rule-guard/references/safety-checklist.md +40 -0
  341. package/skills/hetzner/hetzner-live-firewall-rule-guard/references/workflow-and-output.md +80 -0
  342. package/skills/hetzner/hetzner-live-server-lifecycle-guard/SKILL.md +65 -0
  343. package/skills/hetzner/hetzner-live-server-lifecycle-guard/metadata.json +26 -0
  344. package/skills/hetzner/hetzner-live-server-lifecycle-guard/references/official-sources.md +29 -0
  345. package/skills/hetzner/hetzner-live-server-lifecycle-guard/references/safety-checklist.md +42 -0
  346. package/skills/hetzner/hetzner-live-server-lifecycle-guard/references/workflow-and-output.md +88 -0
  347. package/skills/hetzner/hetzner-maestro/SKILL.md +61 -0
  348. package/skills/hetzner/hetzner-maestro/metadata.json +25 -0
  349. package/skills/hetzner/hetzner-maestro/references/official-sources.md +19 -0
  350. package/skills/hetzner/hetzner-maestro/references/safety-checklist.md +25 -0
  351. package/skills/hetzner/hetzner-maestro/references/workflow-and-output.md +56 -0
  352. package/skills/ionos/ionos-cost-optimization-analyst/SKILL.md +57 -0
  353. package/skills/ionos/ionos-cost-optimization-analyst/metadata.json +27 -0
  354. package/skills/ionos/ionos-cost-optimization-analyst/references/official-sources.md +16 -0
  355. package/skills/ionos/ionos-cost-optimization-analyst/references/safety-checklist.md +25 -0
  356. package/skills/ionos/ionos-cost-optimization-analyst/references/workflow-and-output.md +65 -0
  357. package/skills/ionos/ionos-datacenter-designer-reviewer/SKILL.md +56 -0
  358. package/skills/ionos/ionos-datacenter-designer-reviewer/metadata.json +27 -0
  359. package/skills/ionos/ionos-datacenter-designer-reviewer/references/official-sources.md +16 -0
  360. package/skills/ionos/ionos-datacenter-designer-reviewer/references/safety-checklist.md +28 -0
  361. package/skills/ionos/ionos-datacenter-designer-reviewer/references/workflow-and-output.md +70 -0
  362. package/skills/ionos/ionos-kubernetes-platform-operator/SKILL.md +57 -0
  363. package/skills/ionos/ionos-kubernetes-platform-operator/metadata.json +27 -0
  364. package/skills/ionos/ionos-kubernetes-platform-operator/references/official-sources.md +16 -0
  365. package/skills/ionos/ionos-kubernetes-platform-operator/references/safety-checklist.md +27 -0
  366. package/skills/ionos/ionos-kubernetes-platform-operator/references/workflow-and-output.md +76 -0
  367. package/skills/ionos/ionos-live-database-lifecycle-guard/SKILL.md +66 -0
  368. package/skills/ionos/ionos-live-database-lifecycle-guard/metadata.json +27 -0
  369. package/skills/ionos/ionos-live-database-lifecycle-guard/references/official-sources.md +16 -0
  370. package/skills/ionos/ionos-live-database-lifecycle-guard/references/safety-checklist.md +37 -0
  371. package/skills/ionos/ionos-live-database-lifecycle-guard/references/workflow-and-output.md +58 -0
  372. package/skills/ionos/ionos-maestro/SKILL.md +54 -0
  373. package/skills/ionos/ionos-maestro/metadata.json +26 -0
  374. package/skills/ionos/ionos-maestro/references/official-sources.md +15 -0
  375. package/skills/ionos/ionos-maestro/references/safety-checklist.md +24 -0
  376. package/skills/ionos/ionos-maestro/references/workflow-and-output.md +57 -0
  377. package/skills/ionos/ionos-security-compliance-reviewer/SKILL.md +57 -0
  378. package/skills/ionos/ionos-security-compliance-reviewer/metadata.json +27 -0
  379. package/skills/ionos/ionos-security-compliance-reviewer/references/official-sources.md +16 -0
  380. package/skills/ionos/ionos-security-compliance-reviewer/references/safety-checklist.md +26 -0
  381. package/skills/ionos/ionos-security-compliance-reviewer/references/workflow-and-output.md +65 -0
  382. package/skills/ovhcloud/ovhcloud-cost-finops-analyst/SKILL.md +53 -0
  383. package/skills/ovhcloud/ovhcloud-cost-finops-analyst/metadata.json +26 -0
  384. package/skills/ovhcloud/ovhcloud-cost-finops-analyst/references/official-sources.md +15 -0
  385. package/skills/ovhcloud/ovhcloud-cost-finops-analyst/references/safety-checklist.md +26 -0
  386. package/skills/ovhcloud/ovhcloud-cost-finops-analyst/references/workflow-and-output.md +61 -0
  387. package/skills/ovhcloud/ovhcloud-iam-policy-review/SKILL.md +52 -0
  388. package/skills/ovhcloud/ovhcloud-iam-policy-review/metadata.json +26 -0
  389. package/skills/ovhcloud/ovhcloud-iam-policy-review/references/official-sources.md +15 -0
  390. package/skills/ovhcloud/ovhcloud-iam-policy-review/references/safety-checklist.md +25 -0
  391. package/skills/ovhcloud/ovhcloud-iam-policy-review/references/workflow-and-output.md +62 -0
  392. package/skills/ovhcloud/ovhcloud-kubernetes-platform-operator/SKILL.md +53 -0
  393. package/skills/ovhcloud/ovhcloud-kubernetes-platform-operator/metadata.json +26 -0
  394. package/skills/ovhcloud/ovhcloud-kubernetes-platform-operator/references/official-sources.md +15 -0
  395. package/skills/ovhcloud/ovhcloud-kubernetes-platform-operator/references/safety-checklist.md +26 -0
  396. package/skills/ovhcloud/ovhcloud-kubernetes-platform-operator/references/workflow-and-output.md +64 -0
  397. package/skills/ovhcloud/ovhcloud-live-kms-key-destruction-guard/SKILL.md +55 -0
  398. package/skills/ovhcloud/ovhcloud-live-kms-key-destruction-guard/metadata.json +25 -0
  399. package/skills/ovhcloud/ovhcloud-live-kms-key-destruction-guard/references/official-sources.md +14 -0
  400. package/skills/ovhcloud/ovhcloud-live-kms-key-destruction-guard/references/safety-checklist.md +33 -0
  401. package/skills/ovhcloud/ovhcloud-live-kms-key-destruction-guard/references/workflow-and-output.md +69 -0
  402. package/skills/ovhcloud/ovhcloud-maestro/SKILL.md +50 -0
  403. package/skills/ovhcloud/ovhcloud-maestro/metadata.json +26 -0
  404. package/skills/ovhcloud/ovhcloud-maestro/references/official-sources.md +15 -0
  405. package/skills/ovhcloud/ovhcloud-maestro/references/safety-checklist.md +23 -0
  406. package/skills/ovhcloud/ovhcloud-maestro/references/workflow-and-output.md +50 -0
  407. package/skills/ovhcloud/ovhcloud-network-architect/SKILL.md +54 -0
  408. package/skills/ovhcloud/ovhcloud-network-architect/metadata.json +26 -0
  409. package/skills/ovhcloud/ovhcloud-network-architect/references/official-sources.md +15 -0
  410. package/skills/ovhcloud/ovhcloud-network-architect/references/safety-checklist.md +26 -0
  411. package/skills/ovhcloud/ovhcloud-network-architect/references/workflow-and-output.md +65 -0
  412. package/skills/scaleway/scaleway-cost-optimizer/SKILL.md +66 -0
  413. package/skills/scaleway/scaleway-cost-optimizer/metadata.json +27 -0
  414. package/skills/scaleway/scaleway-cost-optimizer/references/official-sources.md +16 -0
  415. package/skills/scaleway/scaleway-cost-optimizer/references/safety-checklist.md +24 -0
  416. package/skills/scaleway/scaleway-cost-optimizer/references/workflow-and-output.md +68 -0
  417. package/skills/scaleway/scaleway-iam-policy-review/SKILL.md +59 -0
  418. package/skills/scaleway/scaleway-iam-policy-review/metadata.json +27 -0
  419. package/skills/scaleway/scaleway-iam-policy-review/references/official-sources.md +15 -0
  420. package/skills/scaleway/scaleway-iam-policy-review/references/safety-checklist.md +25 -0
  421. package/skills/scaleway/scaleway-iam-policy-review/references/workflow-and-output.md +69 -0
  422. package/skills/scaleway/scaleway-kapsule-platform-operator/SKILL.md +63 -0
  423. package/skills/scaleway/scaleway-kapsule-platform-operator/metadata.json +27 -0
  424. package/skills/scaleway/scaleway-kapsule-platform-operator/references/official-sources.md +17 -0
  425. package/skills/scaleway/scaleway-kapsule-platform-operator/references/safety-checklist.md +25 -0
  426. package/skills/scaleway/scaleway-kapsule-platform-operator/references/workflow-and-output.md +69 -0
  427. package/skills/scaleway/scaleway-live-kapsule-rollout-guard/SKILL.md +91 -0
  428. package/skills/scaleway/scaleway-live-kapsule-rollout-guard/metadata.json +28 -0
  429. package/skills/scaleway/scaleway-live-kapsule-rollout-guard/references/official-sources.md +16 -0
  430. package/skills/scaleway/scaleway-live-kapsule-rollout-guard/references/safety-checklist.md +35 -0
  431. package/skills/scaleway/scaleway-live-kapsule-rollout-guard/references/workflow-and-output.md +44 -0
  432. package/skills/scaleway/scaleway-maestro/SKILL.md +58 -0
  433. package/skills/scaleway/scaleway-maestro/metadata.json +26 -0
  434. package/skills/scaleway/scaleway-maestro/references/official-sources.md +15 -0
  435. package/skills/scaleway/scaleway-maestro/references/safety-checklist.md +23 -0
  436. package/skills/scaleway/scaleway-maestro/references/workflow-and-output.md +59 -0
  437. package/skills/scaleway/scaleway-network-architect/SKILL.md +66 -0
  438. package/skills/scaleway/scaleway-network-architect/metadata.json +27 -0
  439. package/skills/scaleway/scaleway-network-architect/references/official-sources.md +17 -0
  440. package/skills/scaleway/scaleway-network-architect/references/safety-checklist.md +26 -0
  441. package/skills/scaleway/scaleway-network-architect/references/workflow-and-output.md +70 -0
@@ -0,0 +1,16 @@
1
+ # Official sources
2
+
3
+ Use this reference only when grounding IONOS Cloud security controls, compliance posture, or IAM behavior.
4
+
5
+ ## IONOS Cloud security and compliance documentation
6
+
7
+ Use these as starting points, not as proof of the user's live IONOS security state:
8
+
9
+ - https://docs.ionos.com/cloud/security — security controls, compliance certifications, and GDPR documentation
10
+ - https://docs.ionos.com/cloud/identity-and-access-management — IAM role design, bearer token scope, and access control reference
11
+ - https://api.ionos.com/docs/ — API authentication patterns and authorization scope reference
12
+ - https://docs.ionos.com/cloud/ — platform-level compliance certifications and regional availability
13
+
14
+ ## Grounding rule
15
+
16
+ Official IONOS documentation describes platform security capabilities and compliance certifications. It does not prove the user's current token scope, encryption configuration, firewall rules, audit log retention, or GDPR processing location alignment. Prefer live or user-provided sanitized evidence for current-state claims. When live tooling is unavailable, state this explicitly and label findings as `documentation-based` or `inference`.
@@ -0,0 +1,26 @@
1
+ # Safety checklist
2
+
3
+ Use this reference before recommending any configuration change, remediation, or posture hardening that touches a production IONOS Cloud environment.
4
+
5
+ ## Non-negotiables
6
+
7
+ - Never request, echo, or transmit bearer tokens, API keys, database credentials, or customer account identifiers.
8
+ - Never recommend disabling encryption at rest or in transit for any production workload.
9
+ - GDPR data residency is a hard blocker — if the declared processing region and the active datacenter region do not match, flag this as CRITICAL before any other finding.
10
+ - Do not invent datacenter IDs, resource names, token scopes, or live configuration state.
11
+ - Require explicit evidence of API token scope before approving any IAM posture as compliant.
12
+ - Stay advisory — do not call IONOS Cloud API endpoints or apply configuration changes.
13
+ - Label all claims: `live evidence`, `user-provided sanitized evidence`, `documentation-based`, or `inference`.
14
+
15
+ ## Stress checks
16
+
17
+ - What can expose data outside the declared GDPR region? (Cross-border endpoint mismatch, replication settings)
18
+ - What can allow unauthorized access to production resources? (Overly broad API token, missing LAN firewall rule)
19
+ - What can break audit trail continuity? (Logging disabled, short retention period)
20
+ - What can expose credentials or API tokens? (Plaintext config, unrestricted token scope)
21
+ - What compliance evidence is missing or assumed rather than verified?
22
+ - Is the regional endpoint correct for each IONOS service in scope? (`de-txl`, `de-fra`, `fr-par`, `es-vit`, `gb-lhr`, `gb-bhx`, `us-las`, `us-mci`, `us-ewr`)
23
+
24
+ ## Evidence labels
25
+
26
+ Use `live evidence`, `user-provided sanitized evidence`, `documentation-based`, or `inference`. Documentation alone never proves the user's live IONOS Cloud compliance posture — it describes expected service behavior only.
@@ -0,0 +1,65 @@
1
+ # Workflow and output contract
2
+
3
+ Use this reference only when performing a full IONOS Cloud security and GDPR compliance review.
4
+
5
+ ## Review domains
6
+
7
+ Check these areas before giving a verdict:
8
+
9
+ - GDPR data residency: datacenter region matches declared data processing location; endpoint region is correct for all service calls
10
+ - Encryption posture: volumes encrypted at rest, TLS enforced in transit for all service endpoints
11
+ - Network isolation: private LAN segmentation, NIC firewall rules, no unintended public interfaces on sensitive workloads
12
+ - IAM hygiene: bearer token scope is least-privilege, token rotation cadence, no overly broad API token assignments
13
+ - Audit trail: logging enabled for control-plane and data-plane operations, retention meets compliance requirements
14
+ - Vulnerability posture: server OS update cadence, exposed port surface, known CVE exposure on managed services
15
+
16
+ ## Safe workflow
17
+
18
+ 1. **Frame scope**
19
+ - Datacenter region(s) and declared GDPR processing location:
20
+ - Workload type and data classification:
21
+ - Compliance driver (GDPR, ISO 27001, internal policy):
22
+ - Required outcome:
23
+ - Explicit non-goals:
24
+ 2. **Collect evidence**
25
+ - Prefer live IONOS Cloud API or DCD export evidence if available.
26
+ - Otherwise inspect IaC (Terraform), user-provided sanitized configuration, or official IONOS docs.
27
+ - Label each finding as `live evidence`, `user-provided sanitized evidence`, `documentation-based`, or `inference`.
28
+ 3. **Stress-test risk**
29
+ - What can expose data outside the declared GDPR region?
30
+ - What can allow unauthorized access to production resources?
31
+ - What can break audit trail continuity?
32
+ - What can expose credentials or API tokens?
33
+ - What compliance evidence is missing?
34
+ 4. **Recommend the smallest safe action**
35
+ - Prefer additive hardening (add encryption, tighten scope) over disruptive remediation.
36
+ - If the safest action is to gather more evidence before recommending, say that plainly.
37
+
38
+ ## Output contract
39
+
40
+ Return this structure:
41
+
42
+ ```markdown
43
+ # IONOS Security and Compliance Review: <scope>
44
+ ## Executive verdict
45
+ - Status: COMPLIANT / COMPLIANT WITH RISKS / NON-COMPLIANT / NEEDS EVIDENCE
46
+ - Biggest risk:
47
+ - Evidence level:
48
+ ## Scope and assumptions
49
+ - Confirmed:
50
+ - Unknown:
51
+ - Out of scope:
52
+ ## GDPR data residency
53
+ - Datacenter region:
54
+ - Endpoint region validated:
55
+ - Status: CONFIRMED / MISMATCH / UNKNOWN
56
+ ## Findings
57
+ | Severity | Domain | Finding | Evidence | Why it matters | Minimum safe action |
58
+ |---|---|---|---|---|---|
59
+ ## Recommended actions
60
+ 1. <action> — owner: <owner>, validation: <check>, rollback: <rollback>
61
+ ## Evidence gaps
62
+ - <gap or explicit none>
63
+ ## Residual risk
64
+ - <risk or explicit none>
65
+ ```
@@ -0,0 +1,53 @@
1
+ ---
2
+ name: ovhcloud-cost-finops-analyst
3
+ description: Analyze OVHcloud Public Cloud cost posture across projects and regions: identify idle instances and unattached volumes, review Savings Plans and commitment coverage, recommend rightsizing and tagging improvements, and surface forecast risks. Use when the user asks to reduce, explain, or govern OVHcloud spend without compromising observability, backups, or redundancy.
4
+ allowed-tools: Read Grep Glob
5
+ metadata:
6
+ author: "github: Raishin"
7
+ version: "0.1.0"
8
+ updated: "2026-05-10"
9
+ category: finops
10
+ ---
11
+
12
+ # OVHcloud Cost FinOps Analyst
13
+
14
+ ## Purpose
15
+
16
+ Act as the OVHcloud FinOps analyst: surface waste, validate commitment coverage, and recommend cost reductions that preserve reliability, observability, and security posture.
17
+
18
+ ## When to use
19
+
20
+ Use this skill for:
21
+
22
+ - OVHcloud Public Cloud bill review, cost spike diagnosis, or spend forecast
23
+ - Idle instance, unattached volume, or unused snapshot identification
24
+ - Savings Plans coverage review and commitment gap analysis
25
+ - Rightsizing recommendations based on instance usage baselines
26
+ - Tagging governance and showback/chargeback design
27
+ - Cost optimization roadmap across projects and regions
28
+
29
+ ## Lean operating rules
30
+
31
+ - Prefer OVHcloud billing and Public Cloud documentation; if MCP tooling is unavailable, fall back to https://help.ovhcloud.com/ and Context7.
32
+ - Separate confirmed spend from estimated savings. Never present projected savings as guaranteed.
33
+ - Challenge idle-resource deletion, commitment cancellation, or rightsizing without confirmed backup state, usage baseline, and rollback path.
34
+ - Do not recommend cuts that remove backups, monitoring agents, log retention, or redundant components without explicit risk acceptance.
35
+ - Keep recommendations reversible; prefer snapshot-before-delete patterns.
36
+
37
+ ## References
38
+
39
+ Load these only when needed:
40
+
41
+ - [Workflow and output contract](references/workflow-and-output.md) — use when executing the full cost review or formatting the final answer.
42
+ - [Safety checklist](references/safety-checklist.md) — use before recommending resource deletion, commitment changes, or any cost action affecting reliability or compliance.
43
+ - [Official sources](references/official-sources.md) — use when grounding OVHcloud billing behavior or checking the source list.
44
+
45
+ ## Response minimum
46
+
47
+ Return, at minimum:
48
+
49
+ - the scoped target and evidence level,
50
+ - confirmed waste or over-spend signals,
51
+ - safe cost-reduction recommendations with rollback notes,
52
+ - savings estimates labeled as projected (not guaranteed),
53
+ - blockers or assumptions that prevent stronger conclusions.
@@ -0,0 +1,26 @@
1
+ {
2
+ "id": "ovhcloud-cost-finops-analyst",
3
+ "name": "OVHcloud Cost FinOps Analyst",
4
+ "type": "skill",
5
+ "provider": "ovhcloud",
6
+ "harnesses": [
7
+ "codex",
8
+ "copilot",
9
+ "claude-code",
10
+ "cursor",
11
+ "gemini",
12
+ "kiro"
13
+ ],
14
+ "summary": "Analyze OVHcloud Public Cloud cost posture, identify idle resources and commitment gaps, and recommend rightsizing and tagging improvements without compromising reliability or observability.",
15
+ "source_type": "original",
16
+ "official_docs": [
17
+ "https://help.ovhcloud.com/csm/en-public-cloud-billing?id=kb_article_view&sysparm_article=KB0050830",
18
+ "https://help.ovhcloud.com/csm/en-public-cloud-compute-savings-plan?id=kb_article_view&sysparm_article=KB0062980",
19
+ "https://registry.terraform.io/providers/ovh/ovh/latest/docs/resources/cloud_project"
20
+ ],
21
+ "security_notes": "Cost optimizations must not remove backups, monitoring agents, log retention, or redundant components without explicit risk acceptance; idle resource deletion is irreversible without a prior snapshot.",
22
+ "last_verified": "2026-05-10",
23
+ "path": "skills/ovhcloud/ovhcloud-cost-finops-analyst",
24
+ "author": "github: Raishin",
25
+ "version": "0.1.0"
26
+ }
@@ -0,0 +1,15 @@
1
+ # Official sources
2
+
3
+ Use this reference only when you need source grounding for OVHcloud billing and Public Cloud cost behavior or the detailed source list.
4
+
5
+ ## OVHcloud documentation
6
+
7
+ Use these as starting points, not as proof of the user's live OVHcloud spend or resource state:
8
+
9
+ - https://help.ovhcloud.com/csm/en-public-cloud-billing?id=kb_article_view&sysparm_article=KB0050830
10
+ - https://help.ovhcloud.com/csm/en-public-cloud-compute-savings-plan?id=kb_article_view&sysparm_article=KB0062980
11
+ - https://registry.terraform.io/providers/ovh/ovh/latest/docs/resources/cloud_project
12
+
13
+ ## Grounding rule
14
+
15
+ Official documentation explains OVHcloud billing mechanics, Savings Plan commitment rules, and Public Cloud resource pricing models. It does not prove the user's current spend, resource utilization, commitment coverage, or tagging state. Prefer live billing export or sanitized user-provided evidence for current-state claims. Never present pricing or savings figures derived only from documentation as exact quotes for the user's environment.
@@ -0,0 +1,26 @@
1
+ # Safety checklist
2
+
3
+ Use this reference before recommending resource deletion, commitment changes, rightsizing, or any cost action that could affect reliability, observability, or compliance posture.
4
+
5
+ ## Non-negotiables
6
+
7
+ - Never ask users to paste API tokens, application keys, billing credentials, or account passwords into chat.
8
+ - Prefer OVHcloud billing and Public Cloud documentation for service behavior. If no live tooling is available, use repository evidence or official documentation and label the evidence level.
9
+ - Do not invent project IDs, resource names, pricing rates, utilization baselines, or Savings Plan commitment details.
10
+ - Require explicit user approval before recommending instance deletion, volume deletion, snapshot cleanup, or commitment cancellation.
11
+ - Never recommend removing backups, monitoring agents, log retention pipelines, or redundant components without explicit risk acceptance from the user.
12
+ - Separate confirmed waste from estimated savings. Never present projected savings as guaranteed.
13
+ - Use Context7 or official OVHcloud documentation for current billing and pricing behavior when the answer depends on OVHcloud-specific service details.
14
+
15
+ ## Stress checks
16
+
17
+ - What resource deletion could break backups, log retention, monitoring, or redundancy?
18
+ - What rightsizing could cause performance degradation, outage, or SLA breach?
19
+ - What commitment cancellation could incur penalty charges or coverage gaps?
20
+ - What tagging or chargeback change could misattribute spend and cause organizational confusion?
21
+ - What compliance or audit evidence is missing?
22
+ - What rollback or recovery path is unproven if the cost action has negative effects?
23
+
24
+ ## Evidence labels
25
+
26
+ Use `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`. Documentation alone never proves the user's live OVHcloud project spend, resource state, or Savings Plan coverage.
@@ -0,0 +1,61 @@
1
+ # Workflow and output contract
2
+
3
+ Use this reference only when performing the full cost review, spend forecast, optimization roadmap, or Savings Plan coverage analysis.
4
+
5
+ ## Review domains
6
+
7
+ Check these areas before giving a verdict:
8
+
9
+ - Public Cloud project scope, region breakdown, and active service inventory
10
+ - Idle or unattached resources: stopped instances still billed, unattached volumes, unused floating IPs, orphaned snapshots
11
+ - Savings Plans coverage: commitment level, term, matching instance types, coverage gaps vs. on-demand spend
12
+ - Instance rightsizing signals: CPU and memory utilization baselines, instance flavor choices vs. workload requirements
13
+ - Tagging hygiene: untagged resources blocking showback, chargeback attribution, or cost allocation
14
+ - Backup, monitoring, and redundancy components that must not be cut without explicit risk acceptance
15
+
16
+ ## Safe workflow
17
+
18
+ 1. **Frame scope**
19
+ - Project ID(s) and region(s) in scope:
20
+ - Current monthly spend baseline or billing period:
21
+ - Business criticality and reliability requirements:
22
+ - Required outcome (reduce spend / explain spike / forecast / tagging governance):
23
+ - Explicit non-goals (e.g., do not touch production databases):
24
+ 2. **Collect evidence**
25
+ - Prefer OVHcloud billing export, Public Cloud usage APIs, or Terraform state evidence if available.
26
+ - Otherwise inspect repository `ovh_cloud_project` or related resources, sanitized billing screenshots, or official OVHcloud docs.
27
+ - Label each finding as `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`.
28
+ 3. **Stress-test risk**
29
+ - What resource deletion could break backups, log retention, monitoring, or redundancy?
30
+ - What rightsizing recommendation could cause performance degradation or SLA breach?
31
+ - What commitment cancellation could incur penalty charges?
32
+ - What evidence is missing that prevents confident savings estimates?
33
+ 4. **Recommend the smallest safe action**
34
+ - Prefer snapshot-before-delete, staged rightsizing, and validated commitment coverage before recommending cuts.
35
+ - Separate confirmed waste from estimated potential savings; never present projected savings as guaranteed.
36
+
37
+ ## Output contract
38
+
39
+ Return this structure:
40
+
41
+ ```markdown
42
+ # OVHcloud Cost FinOps Review: <project or scope>
43
+ ## Executive verdict
44
+ - Status: OPTIMIZED / IMPROVEMENT AVAILABLE / RISKS PRESENT / NEEDS EVIDENCE
45
+ - Biggest waste signal:
46
+ - Evidence level:
47
+ ## Scope and assumptions
48
+ - Confirmed:
49
+ - Unknown:
50
+ - Out of scope:
51
+ ## Findings
52
+ | Severity | Finding | Evidence | Estimated monthly saving | Minimum safe action |
53
+ |---|---|---|---|---|
54
+ ## Recommended actions
55
+ 1. <action> — owner: <owner>, prerequisite: <check>, rollback: <rollback>
56
+ ## Savings summary
57
+ - Confirmed waste: <amount or unknown>
58
+ - Projected savings (not guaranteed): <range>
59
+ ## Residual risk
60
+ - <risk or explicit none>
61
+ ```
@@ -0,0 +1,52 @@
1
+ ---
2
+ name: ovhcloud-iam-policy-review
3
+ description: Review OVHcloud IAM policies for overly permissive allow rules, missing deny blocks, unscoped URNs, absent condition blocks (IP CIDR, resource tag, expiration), and identity-group hygiene. Use when the user needs to audit access control, review `ovh_iam_policy` Terraform resources, assess OAuth2 service account scopes, or validate conditional access configuration against the principle of least privilege.
4
+ allowed-tools: Read Grep Glob
5
+ metadata:
6
+ author: "github: Raishin"
7
+ version: "0.1.0"
8
+ updated: "2026-05-10"
9
+ category: security
10
+ ---
11
+
12
+ # OVHcloud IAM Policy Review
13
+
14
+ ## Purpose
15
+
16
+ Audit OVHcloud IAM policies for over-permissive access, missing conditional controls, and identity-group hygiene gaps. Produce an evidence-backed verdict with least-privilege recommendations.
17
+
18
+ ## When to use
19
+
20
+ Use this skill for:
21
+
22
+ - Auditing `ovh_iam_policy` Terraform resources for scope and condition gaps
23
+ - Reviewing OAuth2 service account permissions against the principle of least privilege
24
+ - Assessing identity groups for membership sprawl or excessive aggregated permissions
25
+ - Evaluating conditional access blocks: IP CIDR restrictions, resource tag conditions, expiration dates
26
+ - Pre-deployment review of new IAM policies or policy changes
27
+
28
+ ## Lean operating rules
29
+
30
+ - Prefer OVHcloud IAM docs and Terraform provider docs; if MCP tooling is unavailable, fall back to https://help.ovhcloud.com/ and Context7.
31
+ - Separate confirmed policy state from inference. If the policy was not shown, say so.
32
+ - Challenge policies with wildcarded URNs (`urn:v1:eu:resource:*`), missing condition blocks, or allow rules that supersede deny rules unexpectedly.
33
+ - Recommend least-privilege: scope to narrowest URN prefix, add IP condition, set expiration where supported.
34
+ - Keep recommendations reversible and explicit about blast radius.
35
+
36
+ ## References
37
+
38
+ Load these only when needed:
39
+
40
+ - [Workflow and output contract](references/workflow-and-output.md) — use when executing the full IAM audit or formatting the final answer.
41
+ - [Safety checklist](references/safety-checklist.md) — use before privileged, access-granting, or production-impacting recommendations.
42
+ - [Official sources](references/official-sources.md) — use when grounding OVHcloud IAM service behavior or checking the source list.
43
+
44
+ ## Response minimum
45
+
46
+ Return, at minimum:
47
+
48
+ - the policy verdict and evidence level,
49
+ - specific URN scope and condition gaps found,
50
+ - the blast radius of the current policy,
51
+ - safe remediation recommendations with rollback notes,
52
+ - blockers or unknowns that prevent stronger conclusions.
@@ -0,0 +1,26 @@
1
+ {
2
+ "id": "ovhcloud-iam-policy-review",
3
+ "name": "OVHcloud IAM Policy Review",
4
+ "type": "skill",
5
+ "provider": "ovhcloud",
6
+ "harnesses": [
7
+ "codex",
8
+ "copilot",
9
+ "claude-code",
10
+ "cursor",
11
+ "gemini",
12
+ "kiro"
13
+ ],
14
+ "summary": "Review OVHcloud IAM policies for overly permissive allow rules, missing deny blocks, unscoped URNs, absent condition blocks (IP CIDR, resource tag, expiration), and identity-group hygiene.",
15
+ "source_type": "original",
16
+ "official_docs": [
17
+ "https://help.ovhcloud.com/csm/en-account-iam-policies?id=kb_article_view&sysparm_article=KB0055594",
18
+ "https://registry.terraform.io/providers/ovh/ovh/latest/docs/resources/iam_policy",
19
+ "https://api.ovh.com/console/#/me/api/credential"
20
+ ],
21
+ "security_notes": "OVHcloud IAM conditions (IP CIDR, resource tags, expiration) can silently allow broad access if omitted; always audit allow/deny rule order and URN scope before approving policy changes.",
22
+ "last_verified": "2026-05-10",
23
+ "path": "skills/ovhcloud/ovhcloud-iam-policy-review",
24
+ "author": "github: Raishin",
25
+ "version": "0.1.0"
26
+ }
@@ -0,0 +1,15 @@
1
+ # Official sources
2
+
3
+ Use this reference only when you need source grounding for OVHcloud IAM service behavior or the detailed source list.
4
+
5
+ ## OVHcloud documentation
6
+
7
+ Use these as starting points, not as proof of the user's live OVHcloud IAM state:
8
+
9
+ - https://help.ovhcloud.com/csm/en-account-iam-policies?id=kb_article_view&sysparm_article=KB0055594
10
+ - https://registry.terraform.io/providers/ovh/ovh/latest/docs/resources/iam_policy
11
+ - https://api.ovh.com/console/#/me/api/credential
12
+
13
+ ## Grounding rule
14
+
15
+ Official documentation explains OVHcloud IAM service behavior and URN schema. It does not prove the user's current account policies, identity group membership, OAuth2 credential scopes, or live access state. Prefer live OVHcloud API evidence or sanitized user-provided policy JSON for current-state claims.
@@ -0,0 +1,25 @@
1
+ # Safety checklist
2
+
3
+ Use this reference before privileged, destructive, access-granting, compliance-impacting, or production-impacting recommendations.
4
+
5
+ ## Non-negotiables
6
+
7
+ - Never ask users to paste API tokens, application keys, OAuth2 client secrets, session tokens, or account passwords into chat.
8
+ - Prefer OVHcloud IAM docs and Terraform provider docs as the source of truth for policy behavior. If no live tooling is available, use repository evidence or official documentation and label the evidence level.
9
+ - Do not invent account IDs, NIC handles, URN paths, identity group names, or live policy state.
10
+ - Require explicit user approval before recommending policy changes, group membership changes, or OAuth2 scope reductions that affect production workloads.
11
+ - Use Context7 or official OVHcloud documentation for current IAM service behavior when the answer depends on OVHcloud-specific semantics.
12
+ - Keep remediation least-privilege, reversible, and scoped to the requested account boundary.
13
+
14
+ ## Stress checks
15
+
16
+ - What URN scope can expose unintended resources or actions?
17
+ - What action list can escalate privilege or perform irreversible operations?
18
+ - What missing condition block allows access from untrusted origins?
19
+ - What identity group aggregation creates unexpected cross-service blast radius?
20
+ - What compliance or audit evidence is missing?
21
+ - What rollback or validation path is unproven?
22
+
23
+ ## Evidence labels
24
+
25
+ Use `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`. Documentation alone never proves the user's live OVHcloud IAM state.
@@ -0,0 +1,62 @@
1
+ # Workflow and output contract
2
+
3
+ Use this reference only when performing the full IAM policy audit, pre-deployment review, or least-privilege remediation pass.
4
+
5
+ ## Review domains
6
+
7
+ Check these areas before giving a verdict:
8
+
9
+ - Policy type, principal identity or group, resource URN scope, action set, and intended operations
10
+ - Wildcarded URNs (`urn:v1:eu:resource:*`), over-broad action lists, allow rules that may supersede deny rules unexpectedly
11
+ - Missing condition blocks: IP CIDR restrictions, resource tag conditions, expiration dates
12
+ - OAuth2 service account scope vs. minimum required permissions
13
+ - Identity group membership sprawl and aggregated permission blast radius
14
+ - Reversibility of policy changes and rollback path
15
+
16
+ ## Safe workflow
17
+
18
+ 1. **Frame scope**
19
+ - Account / NIC handle and environment:
20
+ - Policy name(s) and principal type (user, group, service account):
21
+ - Business purpose and data classification:
22
+ - Required outcome:
23
+ - Explicit non-goals:
24
+ 2. **Collect evidence**
25
+ - Prefer live OVHcloud API or Terraform state evidence if available.
26
+ - Otherwise inspect repository `ovh_iam_policy` resources, sanitized user-provided config, or official OVHcloud docs.
27
+ - Label each finding as `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`.
28
+ 3. **Stress-test risk**
29
+ - What URN scope can expose unintended resources?
30
+ - What action set can escalate privilege or perform destructive operations?
31
+ - What missing condition allows access from untrusted networks or identities?
32
+ - What identity group membership creates over-aggregated permissions?
33
+ - What evidence is missing that prevents a confident verdict?
34
+ 4. **Recommend the smallest safe action**
35
+ - Prefer narrowest URN prefix, explicit condition blocks, and staged rollout.
36
+ - If the safest action is to stop and gather the actual policy JSON, say that plainly.
37
+
38
+ ## Output contract
39
+
40
+ Return this structure:
41
+
42
+ ```markdown
43
+ # OVHcloud IAM Policy Review: <policy name or scope>
44
+ ## Executive verdict
45
+ - Status: READY / READY WITH RISKS / NOT READY / NEEDS EVIDENCE
46
+ - Biggest risk:
47
+ - Evidence level:
48
+ ## Scope and assumptions
49
+ - Confirmed:
50
+ - Unknown:
51
+ - Out of scope:
52
+ ## Findings
53
+ | Severity | Finding | Evidence | Why it matters | Minimum safe action |
54
+ |---|---|---|---|---|
55
+ ## Recommended actions
56
+ 1. <action> — owner: <owner>, validation: <check>, rollback: <rollback>
57
+ ## Validation
58
+ - Checks or API calls:
59
+ - Expected result:
60
+ ## Residual risk
61
+ - <risk or explicit none>
62
+ ```
@@ -0,0 +1,53 @@
1
+ ---
2
+ name: ovhcloud-kubernetes-platform-operator
3
+ description: Review and advise on OVHcloud Managed Kubernetes (MCK) cluster lifecycle, node pool sizing, autoscaling configuration, version upgrade planning, workload placement via taints and tolerations, network policies, RBAC hardening, and cluster security posture. Use when the user needs MCK operational guidance, Terraform IaC review for `ovh_cloud_project_kube` resources, or upgrade risk assessment.
4
+ allowed-tools: Read Grep Glob
5
+ metadata:
6
+ author: "github: Raishin"
7
+ version: "0.1.0"
8
+ updated: "2026-05-10"
9
+ category: platform
10
+ ---
11
+
12
+ # OVHcloud Kubernetes Platform Operator
13
+
14
+ ## Purpose
15
+
16
+ Provide advisory guidance on OVHcloud Managed Kubernetes lifecycle, node pool operations, workload placement, and cluster security — without performing live mutations.
17
+
18
+ ## When to use
19
+
20
+ Use this skill for:
21
+
22
+ - MCK cluster version upgrade planning and compatibility review
23
+ - Node pool sizing, autoscaling bounds, and flavor selection guidance
24
+ - Workload placement via taints, tolerations, and node affinity rules
25
+ - Network policy and RBAC hardening review
26
+ - Terraform IaC review for `ovh_cloud_project_kube` and `ovh_cloud_project_kube_nodepool` resources
27
+ - Pre-deletion drain and PodDisruptionBudget validation review
28
+
29
+ ## Lean operating rules
30
+
31
+ - Prefer OVHcloud Kubernetes docs and Terraform provider docs; if MCP tooling is unavailable, fall back to https://help.ovhcloud.com/ and Context7.
32
+ - Separate confirmed cluster state from inference. If the cluster configuration was not shown, say so.
33
+ - Challenge node pool deletions or upgrades without confirmed PodDisruptionBudgets, drain verification, and workload rescheduling readiness.
34
+ - Require explicit approval signal before recommending cluster deletion or scale-to-zero on production workloads.
35
+ - Keep recommendations reversible; prefer blue-green node pool rotation over in-place forced replacement.
36
+
37
+ ## References
38
+
39
+ Load these only when needed:
40
+
41
+ - [Workflow and output contract](references/workflow-and-output.md) — use when executing the full cluster review or formatting the final answer.
42
+ - [Safety checklist](references/safety-checklist.md) — use before cluster upgrades, node pool deletions, scale-to-zero operations, or RBAC changes.
43
+ - [Official sources](references/official-sources.md) — use when grounding OVHcloud Managed Kubernetes service behavior or checking the source list.
44
+
45
+ ## Response minimum
46
+
47
+ Return, at minimum:
48
+
49
+ - the cluster posture verdict and evidence level,
50
+ - confirmed upgrade or operational risks,
51
+ - safe next actions with rollback notes,
52
+ - PDB and drain readiness assessment where relevant,
53
+ - blockers or unknowns that prevent stronger conclusions.
@@ -0,0 +1,26 @@
1
+ {
2
+ "id": "ovhcloud-kubernetes-platform-operator",
3
+ "name": "OVHcloud Kubernetes Platform Operator",
4
+ "type": "skill",
5
+ "provider": "ovhcloud",
6
+ "harnesses": [
7
+ "codex",
8
+ "copilot",
9
+ "claude-code",
10
+ "cursor",
11
+ "gemini",
12
+ "kiro"
13
+ ],
14
+ "summary": "Review and advise on OVHcloud Managed Kubernetes lifecycle, node pool operations, upgrade planning, workload placement, RBAC, and cluster security posture.",
15
+ "source_type": "original",
16
+ "official_docs": [
17
+ "https://help.ovhcloud.com/csm/en-public-cloud-kubernetes?id=kb_article_view&sysparm_article=KB0049613",
18
+ "https://registry.terraform.io/providers/ovh/ovh/latest/docs/resources/cloud_project_kube",
19
+ "https://registry.terraform.io/providers/ovh/ovh/latest/docs/resources/cloud_project_kube_nodepool"
20
+ ],
21
+ "security_notes": "MCK node pool upgrades are disruptive if PodDisruptionBudgets are absent; never recommend force-deleting nodes without draining and confirming workload rescheduling.",
22
+ "last_verified": "2026-05-10",
23
+ "path": "skills/ovhcloud/ovhcloud-kubernetes-platform-operator",
24
+ "author": "github: Raishin",
25
+ "version": "0.1.0"
26
+ }
@@ -0,0 +1,15 @@
1
+ # Official sources
2
+
3
+ Use this reference only when you need source grounding for OVHcloud Managed Kubernetes service behavior or the detailed source list.
4
+
5
+ ## OVHcloud documentation
6
+
7
+ Use these as starting points, not as proof of the user's live cluster state:
8
+
9
+ - https://help.ovhcloud.com/csm/en-public-cloud-kubernetes?id=kb_article_view&sysparm_article=KB0049613
10
+ - https://registry.terraform.io/providers/ovh/ovh/latest/docs/resources/cloud_project_kube
11
+ - https://registry.terraform.io/providers/ovh/ovh/latest/docs/resources/cloud_project_kube_nodepool
12
+
13
+ ## Grounding rule
14
+
15
+ Official documentation explains OVHcloud Managed Kubernetes version support windows, node pool lifecycle policies, and MCK-specific behavior. It does not prove the user's current cluster version, node pool configuration, PodDisruptionBudget coverage, RBAC state, or network policy posture. Prefer live MCK API evidence or sanitized user-provided cluster config for current-state claims.
@@ -0,0 +1,26 @@
1
+ # Safety checklist
2
+
3
+ Use this reference before recommending cluster upgrades, node pool deletions, scale-to-zero operations, RBAC changes, or any action that could disrupt running workloads.
4
+
5
+ ## Non-negotiables
6
+
7
+ - Never ask users to paste kubeconfig files, service account tokens, API tokens, or cluster certificates into chat.
8
+ - Prefer OVHcloud Managed Kubernetes docs and Terraform provider docs for service behavior. If no live tooling is available, use repository evidence or official documentation and label the evidence level.
9
+ - Do not invent cluster names, node pool IDs, Kubernetes versions, autoscaling limits, or live workload state.
10
+ - Require explicit user approval before recommending cluster deletion, node pool deletion, forced drain, or scale-to-zero on production workloads.
11
+ - Do not recommend a node pool upgrade or replacement without confirmed PodDisruptionBudgets and drain readiness for all affected workloads.
12
+ - Keep recommendations reversible; prefer blue-green node pool rotation over in-place forced replacement.
13
+ - Use Context7 or official OVHcloud documentation for current Kubernetes version support windows and MCK-specific behavior.
14
+
15
+ ## Stress checks
16
+
17
+ - What workloads lack a PDB and would be disrupted by a node drain or pool replacement?
18
+ - What Kubernetes version upgrade introduces API deprecations or breaking add-on changes?
19
+ - What RBAC binding creates cluster-wide write access or privilege escalation paths?
20
+ - What network policy gap leaves backend services exposed across namespaces?
21
+ - What autoscaling configuration could trigger uncontrolled cost growth?
22
+ - What rollback path is available if the upgrade fails mid-process?
23
+
24
+ ## Evidence labels
25
+
26
+ Use `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`. Documentation alone never proves the user's live cluster state, workload PDB coverage, or RBAC configuration.