@raishin/vanguard-frontier-agentic 1.6.0 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +49 -11
- package/agents/AGENTS.md +83 -0
- package/agents/README.md +10 -0
- package/agents/contabo/README.md +174 -0
- package/agents/contabo/contabo-capacity-planner-agent/AGENT.md +49 -0
- package/agents/contabo/contabo-capacity-planner-agent/harnesses/claude-code.agent.md +36 -0
- package/agents/contabo/contabo-capacity-planner-agent/harnesses/codex.toml +33 -0
- package/agents/contabo/contabo-capacity-planner-agent/harnesses/copilot.agent.md +36 -0
- package/agents/contabo/contabo-capacity-planner-agent/harnesses/cursor.agent.md +36 -0
- package/agents/contabo/contabo-capacity-planner-agent/harnesses/gemini.agent.md +36 -0
- package/agents/contabo/contabo-capacity-planner-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/contabo/contabo-capacity-planner-agent/harnesses/kiro-ide.agent.md +36 -0
- package/agents/contabo/contabo-capacity-planner-agent/metadata.json +27 -0
- package/agents/contabo/contabo-cost-optimization-analyst-agent/AGENT.md +50 -0
- package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/codex.toml +33 -0
- package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/copilot.agent.md +37 -0
- package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/cursor.agent.md +37 -0
- package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/gemini.agent.md +37 -0
- package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/contabo/contabo-cost-optimization-analyst-agent/harnesses/kiro-ide.agent.md +37 -0
- package/agents/contabo/contabo-cost-optimization-analyst-agent/metadata.json +27 -0
- package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/AGENT.md +53 -0
- package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/claude-code.agent.md +40 -0
- package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/codex.toml +34 -0
- package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/copilot.agent.md +40 -0
- package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/cursor.agent.md +40 -0
- package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/gemini.agent.md +40 -0
- package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/harnesses/kiro-ide.agent.md +40 -0
- package/agents/contabo/contabo-live-instance-lifecycle-guard-agent/metadata.json +26 -0
- package/agents/contabo/contabo-live-storage-operations-guard-agent/AGENT.md +54 -0
- package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/codex.toml +34 -0
- package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/copilot.agent.md +38 -0
- package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/cursor.agent.md +38 -0
- package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/gemini.agent.md +38 -0
- package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/contabo/contabo-live-storage-operations-guard-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/contabo/contabo-live-storage-operations-guard-agent/metadata.json +26 -0
- package/agents/contabo/contabo-maestro-agent/AGENT.md +49 -0
- package/agents/contabo/contabo-maestro-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/contabo/contabo-maestro-agent/harnesses/codex.toml +33 -0
- package/agents/contabo/contabo-maestro-agent/harnesses/copilot.agent.md +37 -0
- package/agents/contabo/contabo-maestro-agent/harnesses/cursor.agent.md +37 -0
- package/agents/contabo/contabo-maestro-agent/harnesses/gemini.agent.md +37 -0
- package/agents/contabo/contabo-maestro-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/contabo/contabo-maestro-agent/harnesses/kiro-ide.agent.md +37 -0
- package/agents/contabo/contabo-maestro-agent/metadata.json +26 -0
- package/agents/contabo/contabo-security-hardening-agent/AGENT.md +49 -0
- package/agents/contabo/contabo-security-hardening-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/contabo/contabo-security-hardening-agent/harnesses/codex.toml +34 -0
- package/agents/contabo/contabo-security-hardening-agent/harnesses/copilot.agent.md +37 -0
- package/agents/contabo/contabo-security-hardening-agent/harnesses/cursor.agent.md +37 -0
- package/agents/contabo/contabo-security-hardening-agent/harnesses/gemini.agent.md +37 -0
- package/agents/contabo/contabo-security-hardening-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/contabo/contabo-security-hardening-agent/harnesses/kiro-ide.agent.md +37 -0
- package/agents/contabo/contabo-security-hardening-agent/metadata.json +26 -0
- package/agents/hetzner/README.md +156 -0
- package/agents/hetzner/hetzner-capacity-planner-agent/AGENT.md +50 -0
- package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/codex.toml +33 -0
- package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/copilot.agent.md +38 -0
- package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/cursor.agent.md +38 -0
- package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/gemini.agent.md +38 -0
- package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/hetzner/hetzner-capacity-planner-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/hetzner/hetzner-capacity-planner-agent/metadata.json +27 -0
- package/agents/hetzner/hetzner-cost-optimization-analyst-agent/AGENT.md +50 -0
- package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/codex.toml +33 -0
- package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/copilot.agent.md +38 -0
- package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/cursor.agent.md +38 -0
- package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/gemini.agent.md +38 -0
- package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/hetzner/hetzner-cost-optimization-analyst-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/hetzner/hetzner-cost-optimization-analyst-agent/metadata.json +27 -0
- package/agents/hetzner/hetzner-infrastructure-reviewer-agent/AGENT.md +50 -0
- package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/codex.toml +33 -0
- package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/copilot.agent.md +38 -0
- package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/cursor.agent.md +38 -0
- package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/gemini.agent.md +38 -0
- package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/hetzner/hetzner-infrastructure-reviewer-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/hetzner/hetzner-infrastructure-reviewer-agent/metadata.json +27 -0
- package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/AGENT.md +62 -0
- package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/claude-code.agent.md +44 -0
- package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/codex.toml +47 -0
- package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/copilot.agent.md +44 -0
- package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/cursor.agent.md +44 -0
- package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/gemini.agent.md +44 -0
- package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/harnesses/kiro-ide.agent.md +44 -0
- package/agents/hetzner/hetzner-live-firewall-rule-guard-agent/metadata.json +27 -0
- package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/AGENT.md +62 -0
- package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/claude-code.agent.md +45 -0
- package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/codex.toml +50 -0
- package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/copilot.agent.md +45 -0
- package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/cursor.agent.md +45 -0
- package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/gemini.agent.md +45 -0
- package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/harnesses/kiro-ide.agent.md +45 -0
- package/agents/hetzner/hetzner-live-server-lifecycle-guard-agent/metadata.json +27 -0
- package/agents/hetzner/hetzner-maestro-agent/AGENT.md +50 -0
- package/agents/hetzner/hetzner-maestro-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/hetzner/hetzner-maestro-agent/harnesses/codex.toml +33 -0
- package/agents/hetzner/hetzner-maestro-agent/harnesses/copilot.agent.md +38 -0
- package/agents/hetzner/hetzner-maestro-agent/harnesses/cursor.agent.md +38 -0
- package/agents/hetzner/hetzner-maestro-agent/harnesses/gemini.agent.md +38 -0
- package/agents/hetzner/hetzner-maestro-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/hetzner/hetzner-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/hetzner/hetzner-maestro-agent/metadata.json +26 -0
- package/agents/ionos/README.md +136 -0
- package/agents/ionos/ionos-cost-optimization-analyst-agent/AGENT.md +48 -0
- package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/claude-code.agent.md +36 -0
- package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/codex.toml +31 -0
- package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/copilot.agent.md +36 -0
- package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/cursor.agent.md +36 -0
- package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/gemini.agent.md +36 -0
- package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ionos/ionos-cost-optimization-analyst-agent/harnesses/kiro-ide.agent.md +36 -0
- package/agents/ionos/ionos-cost-optimization-analyst-agent/metadata.json +25 -0
- package/agents/ionos/ionos-datacenter-designer-reviewer-agent/AGENT.md +49 -0
- package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/codex.toml +32 -0
- package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/copilot.agent.md +37 -0
- package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/cursor.agent.md +37 -0
- package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/gemini.agent.md +37 -0
- package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ionos/ionos-datacenter-designer-reviewer-agent/harnesses/kiro-ide.agent.md +37 -0
- package/agents/ionos/ionos-datacenter-designer-reviewer-agent/metadata.json +25 -0
- package/agents/ionos/ionos-kubernetes-platform-operator-agent/AGENT.md +48 -0
- package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/claude-code.agent.md +36 -0
- package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/codex.toml +31 -0
- package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/copilot.agent.md +36 -0
- package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/cursor.agent.md +36 -0
- package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/gemini.agent.md +36 -0
- package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ionos/ionos-kubernetes-platform-operator-agent/harnesses/kiro-ide.agent.md +36 -0
- package/agents/ionos/ionos-kubernetes-platform-operator-agent/metadata.json +25 -0
- package/agents/ionos/ionos-live-database-lifecycle-guard-agent/AGENT.md +53 -0
- package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/codex.toml +33 -0
- package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/copilot.agent.md +37 -0
- package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/cursor.agent.md +37 -0
- package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/gemini.agent.md +37 -0
- package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ionos/ionos-live-database-lifecycle-guard-agent/harnesses/kiro-ide.agent.md +37 -0
- package/agents/ionos/ionos-live-database-lifecycle-guard-agent/metadata.json +25 -0
- package/agents/ionos/ionos-maestro-agent/AGENT.md +48 -0
- package/agents/ionos/ionos-maestro-agent/harnesses/claude-code.agent.md +36 -0
- package/agents/ionos/ionos-maestro-agent/harnesses/codex.toml +31 -0
- package/agents/ionos/ionos-maestro-agent/harnesses/copilot.agent.md +36 -0
- package/agents/ionos/ionos-maestro-agent/harnesses/cursor.agent.md +36 -0
- package/agents/ionos/ionos-maestro-agent/harnesses/gemini.agent.md +36 -0
- package/agents/ionos/ionos-maestro-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ionos/ionos-maestro-agent/harnesses/kiro-ide.agent.md +36 -0
- package/agents/ionos/ionos-maestro-agent/metadata.json +24 -0
- package/agents/ionos/ionos-security-compliance-reviewer-agent/AGENT.md +49 -0
- package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/codex.toml +32 -0
- package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/copilot.agent.md +37 -0
- package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/cursor.agent.md +37 -0
- package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/gemini.agent.md +37 -0
- package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ionos/ionos-security-compliance-reviewer-agent/harnesses/kiro-ide.agent.md +37 -0
- package/agents/ionos/ionos-security-compliance-reviewer-agent/metadata.json +25 -0
- package/agents/ovhcloud/README.md +113 -0
- package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/AGENT.md +47 -0
- package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/claude-code.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/codex.toml +31 -0
- package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/copilot.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/cursor.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/gemini.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-cost-finops-analyst-agent/metadata.json +24 -0
- package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/AGENT.md +47 -0
- package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/claude-code.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/codex.toml +31 -0
- package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/copilot.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/cursor.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/gemini.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-iam-policy-review-agent/metadata.json +24 -0
- package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/AGENT.md +47 -0
- package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/claude-code.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/codex.toml +31 -0
- package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/copilot.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/cursor.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/gemini.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-kubernetes-platform-operator-agent/metadata.json +24 -0
- package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/AGENT.md +52 -0
- package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/claude-code.agent.md +40 -0
- package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/codex.toml +38 -0
- package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/copilot.agent.md +40 -0
- package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/cursor.agent.md +40 -0
- package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/gemini.agent.md +40 -0
- package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/harnesses/kiro-ide.agent.md +40 -0
- package/agents/ovhcloud/ovhcloud-live-kms-key-destruction-guard-agent/metadata.json +23 -0
- package/agents/ovhcloud/ovhcloud-maestro-agent/AGENT.md +47 -0
- package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/claude-code.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/codex.toml +31 -0
- package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/copilot.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/cursor.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/gemini.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ovhcloud/ovhcloud-maestro-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-maestro-agent/metadata.json +24 -0
- package/agents/ovhcloud/ovhcloud-network-architect-agent/AGENT.md +47 -0
- package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/claude-code.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/codex.toml +31 -0
- package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/copilot.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/cursor.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/gemini.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/ovhcloud/ovhcloud-network-architect-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/ovhcloud/ovhcloud-network-architect-agent/metadata.json +24 -0
- package/agents/scaleway/README.md +142 -0
- package/agents/scaleway/scaleway-cost-optimizer-agent/AGENT.md +47 -0
- package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/claude-code.agent.md +35 -0
- package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/codex.toml +32 -0
- package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/copilot.agent.md +35 -0
- package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/cursor.agent.md +35 -0
- package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/gemini.agent.md +35 -0
- package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/scaleway/scaleway-cost-optimizer-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/scaleway/scaleway-cost-optimizer-agent/metadata.json +26 -0
- package/agents/scaleway/scaleway-iam-policy-review-agent/AGENT.md +47 -0
- package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/claude-code.agent.md +35 -0
- package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/codex.toml +32 -0
- package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/copilot.agent.md +35 -0
- package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/cursor.agent.md +35 -0
- package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/gemini.agent.md +35 -0
- package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/scaleway/scaleway-iam-policy-review-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/scaleway/scaleway-iam-policy-review-agent/metadata.json +25 -0
- package/agents/scaleway/scaleway-kapsule-platform-operator-agent/AGENT.md +47 -0
- package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/claude-code.agent.md +35 -0
- package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/codex.toml +32 -0
- package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/copilot.agent.md +35 -0
- package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/cursor.agent.md +35 -0
- package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/gemini.agent.md +35 -0
- package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/scaleway/scaleway-kapsule-platform-operator-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/scaleway/scaleway-kapsule-platform-operator-agent/metadata.json +26 -0
- package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/AGENT.md +58 -0
- package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/claude-code.agent.md +46 -0
- package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/codex.toml +40 -0
- package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/copilot.agent.md +46 -0
- package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/cursor.agent.md +46 -0
- package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/gemini.agent.md +46 -0
- package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/harnesses/kiro-ide.agent.md +46 -0
- package/agents/scaleway/scaleway-live-kapsule-rollout-guard-agent/metadata.json +26 -0
- package/agents/scaleway/scaleway-maestro-agent/AGENT.md +47 -0
- package/agents/scaleway/scaleway-maestro-agent/harnesses/claude-code.agent.md +35 -0
- package/agents/scaleway/scaleway-maestro-agent/harnesses/codex.toml +31 -0
- package/agents/scaleway/scaleway-maestro-agent/harnesses/copilot.agent.md +35 -0
- package/agents/scaleway/scaleway-maestro-agent/harnesses/cursor.agent.md +35 -0
- package/agents/scaleway/scaleway-maestro-agent/harnesses/gemini.agent.md +35 -0
- package/agents/scaleway/scaleway-maestro-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/scaleway/scaleway-maestro-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/scaleway/scaleway-maestro-agent/metadata.json +24 -0
- package/agents/scaleway/scaleway-network-architect-agent/AGENT.md +47 -0
- package/agents/scaleway/scaleway-network-architect-agent/harnesses/claude-code.agent.md +35 -0
- package/agents/scaleway/scaleway-network-architect-agent/harnesses/codex.toml +32 -0
- package/agents/scaleway/scaleway-network-architect-agent/harnesses/copilot.agent.md +35 -0
- package/agents/scaleway/scaleway-network-architect-agent/harnesses/cursor.agent.md +35 -0
- package/agents/scaleway/scaleway-network-architect-agent/harnesses/gemini.agent.md +35 -0
- package/agents/scaleway/scaleway-network-architect-agent/harnesses/kiro-cli.agent.json +6 -0
- package/agents/scaleway/scaleway-network-architect-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/scaleway/scaleway-network-architect-agent/metadata.json +26 -0
- package/assets/logos/cloud/contabo/contabo-logo.png +0 -0
- package/assets/logos/cloud/contabo/contabo-logo.svg +21 -0
- package/assets/logos/cloud/hetzner/hetzner-logo.svg +1 -0
- package/assets/logos/cloud/ionos/ionos-logo.svg +1 -0
- package/assets/logos/cloud/ovhcloud/ovhcloud-logo.svg +27 -0
- package/assets/logos/cloud/scaleway/scaleway-logo.svg +1 -0
- package/catalog/agents.json +954 -160
- package/catalog/install-roles.json +54 -6
- package/catalog/skill-manifest.json +960 -0
- package/catalog/skills.json +950 -165
- package/package.json +7 -5
- package/schemas/agent.schema.json +5 -0
- package/scripts/export-marketplace-agents.mjs +1 -1
- package/skills/contabo/contabo-capacity-planner/SKILL.md +71 -0
- package/skills/contabo/contabo-capacity-planner/metadata.json +26 -0
- package/skills/contabo/contabo-capacity-planner/references/official-sources.md +16 -0
- package/skills/contabo/contabo-capacity-planner/references/safety-checklist.md +26 -0
- package/skills/contabo/contabo-capacity-planner/references/workflow-and-output.md +73 -0
- package/skills/contabo/contabo-cost-optimization-analyst/SKILL.md +56 -0
- package/skills/contabo/contabo-cost-optimization-analyst/metadata.json +26 -0
- package/skills/contabo/contabo-cost-optimization-analyst/references/official-sources.md +17 -0
- package/skills/contabo/contabo-cost-optimization-analyst/references/safety-checklist.md +25 -0
- package/skills/contabo/contabo-cost-optimization-analyst/references/workflow-and-output.md +63 -0
- package/skills/contabo/contabo-live-instance-lifecycle-guard/SKILL.md +91 -0
- package/skills/contabo/contabo-live-instance-lifecycle-guard/metadata.json +25 -0
- package/skills/contabo/contabo-live-instance-lifecycle-guard/references/official-sources.md +16 -0
- package/skills/contabo/contabo-live-instance-lifecycle-guard/references/safety-checklist.md +43 -0
- package/skills/contabo/contabo-live-instance-lifecycle-guard/references/workflow-and-output.md +63 -0
- package/skills/contabo/contabo-live-storage-operations-guard/SKILL.md +92 -0
- package/skills/contabo/contabo-live-storage-operations-guard/metadata.json +25 -0
- package/skills/contabo/contabo-live-storage-operations-guard/references/official-sources.md +16 -0
- package/skills/contabo/contabo-live-storage-operations-guard/references/safety-checklist.md +44 -0
- package/skills/contabo/contabo-live-storage-operations-guard/references/workflow-and-output.md +59 -0
- package/skills/contabo/contabo-maestro/SKILL.md +61 -0
- package/skills/contabo/contabo-maestro/metadata.json +25 -0
- package/skills/contabo/contabo-maestro/references/official-sources.md +17 -0
- package/skills/contabo/contabo-maestro/references/safety-checklist.md +24 -0
- package/skills/contabo/contabo-maestro/references/workflow-and-output.md +52 -0
- package/skills/contabo/contabo-security-hardening/SKILL.md +57 -0
- package/skills/contabo/contabo-security-hardening/metadata.json +25 -0
- package/skills/contabo/contabo-security-hardening/references/official-sources.md +16 -0
- package/skills/contabo/contabo-security-hardening/references/safety-checklist.md +27 -0
- package/skills/contabo/contabo-security-hardening/references/workflow-and-output.md +65 -0
- package/skills/hetzner/hetzner-capacity-planner/SKILL.md +56 -0
- package/skills/hetzner/hetzner-capacity-planner/metadata.json +26 -0
- package/skills/hetzner/hetzner-capacity-planner/references/official-sources.md +27 -0
- package/skills/hetzner/hetzner-capacity-planner/references/safety-checklist.md +28 -0
- package/skills/hetzner/hetzner-capacity-planner/references/workflow-and-output.md +73 -0
- package/skills/hetzner/hetzner-cost-optimization-analyst/SKILL.md +55 -0
- package/skills/hetzner/hetzner-cost-optimization-analyst/metadata.json +26 -0
- package/skills/hetzner/hetzner-cost-optimization-analyst/references/official-sources.md +26 -0
- package/skills/hetzner/hetzner-cost-optimization-analyst/references/safety-checklist.md +27 -0
- package/skills/hetzner/hetzner-cost-optimization-analyst/references/workflow-and-output.md +65 -0
- package/skills/hetzner/hetzner-infrastructure-reviewer/SKILL.md +56 -0
- package/skills/hetzner/hetzner-infrastructure-reviewer/metadata.json +26 -0
- package/skills/hetzner/hetzner-infrastructure-reviewer/references/official-sources.md +26 -0
- package/skills/hetzner/hetzner-infrastructure-reviewer/references/safety-checklist.md +27 -0
- package/skills/hetzner/hetzner-infrastructure-reviewer/references/workflow-and-output.md +67 -0
- package/skills/hetzner/hetzner-live-firewall-rule-guard/SKILL.md +63 -0
- package/skills/hetzner/hetzner-live-firewall-rule-guard/metadata.json +26 -0
- package/skills/hetzner/hetzner-live-firewall-rule-guard/references/official-sources.md +28 -0
- package/skills/hetzner/hetzner-live-firewall-rule-guard/references/safety-checklist.md +40 -0
- package/skills/hetzner/hetzner-live-firewall-rule-guard/references/workflow-and-output.md +80 -0
- package/skills/hetzner/hetzner-live-server-lifecycle-guard/SKILL.md +65 -0
- package/skills/hetzner/hetzner-live-server-lifecycle-guard/metadata.json +26 -0
- package/skills/hetzner/hetzner-live-server-lifecycle-guard/references/official-sources.md +29 -0
- package/skills/hetzner/hetzner-live-server-lifecycle-guard/references/safety-checklist.md +42 -0
- package/skills/hetzner/hetzner-live-server-lifecycle-guard/references/workflow-and-output.md +88 -0
- package/skills/hetzner/hetzner-maestro/SKILL.md +61 -0
- package/skills/hetzner/hetzner-maestro/metadata.json +25 -0
- package/skills/hetzner/hetzner-maestro/references/official-sources.md +19 -0
- package/skills/hetzner/hetzner-maestro/references/safety-checklist.md +25 -0
- package/skills/hetzner/hetzner-maestro/references/workflow-and-output.md +56 -0
- package/skills/ionos/ionos-cost-optimization-analyst/SKILL.md +57 -0
- package/skills/ionos/ionos-cost-optimization-analyst/metadata.json +27 -0
- package/skills/ionos/ionos-cost-optimization-analyst/references/official-sources.md +16 -0
- package/skills/ionos/ionos-cost-optimization-analyst/references/safety-checklist.md +25 -0
- package/skills/ionos/ionos-cost-optimization-analyst/references/workflow-and-output.md +65 -0
- package/skills/ionos/ionos-datacenter-designer-reviewer/SKILL.md +56 -0
- package/skills/ionos/ionos-datacenter-designer-reviewer/metadata.json +27 -0
- package/skills/ionos/ionos-datacenter-designer-reviewer/references/official-sources.md +16 -0
- package/skills/ionos/ionos-datacenter-designer-reviewer/references/safety-checklist.md +28 -0
- package/skills/ionos/ionos-datacenter-designer-reviewer/references/workflow-and-output.md +70 -0
- package/skills/ionos/ionos-kubernetes-platform-operator/SKILL.md +57 -0
- package/skills/ionos/ionos-kubernetes-platform-operator/metadata.json +27 -0
- package/skills/ionos/ionos-kubernetes-platform-operator/references/official-sources.md +16 -0
- package/skills/ionos/ionos-kubernetes-platform-operator/references/safety-checklist.md +27 -0
- package/skills/ionos/ionos-kubernetes-platform-operator/references/workflow-and-output.md +76 -0
- package/skills/ionos/ionos-live-database-lifecycle-guard/SKILL.md +66 -0
- package/skills/ionos/ionos-live-database-lifecycle-guard/metadata.json +27 -0
- package/skills/ionos/ionos-live-database-lifecycle-guard/references/official-sources.md +16 -0
- package/skills/ionos/ionos-live-database-lifecycle-guard/references/safety-checklist.md +37 -0
- package/skills/ionos/ionos-live-database-lifecycle-guard/references/workflow-and-output.md +58 -0
- package/skills/ionos/ionos-maestro/SKILL.md +54 -0
- package/skills/ionos/ionos-maestro/metadata.json +26 -0
- package/skills/ionos/ionos-maestro/references/official-sources.md +15 -0
- package/skills/ionos/ionos-maestro/references/safety-checklist.md +24 -0
- package/skills/ionos/ionos-maestro/references/workflow-and-output.md +57 -0
- package/skills/ionos/ionos-security-compliance-reviewer/SKILL.md +57 -0
- package/skills/ionos/ionos-security-compliance-reviewer/metadata.json +27 -0
- package/skills/ionos/ionos-security-compliance-reviewer/references/official-sources.md +16 -0
- package/skills/ionos/ionos-security-compliance-reviewer/references/safety-checklist.md +26 -0
- package/skills/ionos/ionos-security-compliance-reviewer/references/workflow-and-output.md +65 -0
- package/skills/ovhcloud/ovhcloud-cost-finops-analyst/SKILL.md +53 -0
- package/skills/ovhcloud/ovhcloud-cost-finops-analyst/metadata.json +26 -0
- package/skills/ovhcloud/ovhcloud-cost-finops-analyst/references/official-sources.md +15 -0
- package/skills/ovhcloud/ovhcloud-cost-finops-analyst/references/safety-checklist.md +26 -0
- package/skills/ovhcloud/ovhcloud-cost-finops-analyst/references/workflow-and-output.md +61 -0
- package/skills/ovhcloud/ovhcloud-iam-policy-review/SKILL.md +52 -0
- package/skills/ovhcloud/ovhcloud-iam-policy-review/metadata.json +26 -0
- package/skills/ovhcloud/ovhcloud-iam-policy-review/references/official-sources.md +15 -0
- package/skills/ovhcloud/ovhcloud-iam-policy-review/references/safety-checklist.md +25 -0
- package/skills/ovhcloud/ovhcloud-iam-policy-review/references/workflow-and-output.md +62 -0
- package/skills/ovhcloud/ovhcloud-kubernetes-platform-operator/SKILL.md +53 -0
- package/skills/ovhcloud/ovhcloud-kubernetes-platform-operator/metadata.json +26 -0
- package/skills/ovhcloud/ovhcloud-kubernetes-platform-operator/references/official-sources.md +15 -0
- package/skills/ovhcloud/ovhcloud-kubernetes-platform-operator/references/safety-checklist.md +26 -0
- package/skills/ovhcloud/ovhcloud-kubernetes-platform-operator/references/workflow-and-output.md +64 -0
- package/skills/ovhcloud/ovhcloud-live-kms-key-destruction-guard/SKILL.md +55 -0
- package/skills/ovhcloud/ovhcloud-live-kms-key-destruction-guard/metadata.json +25 -0
- package/skills/ovhcloud/ovhcloud-live-kms-key-destruction-guard/references/official-sources.md +14 -0
- package/skills/ovhcloud/ovhcloud-live-kms-key-destruction-guard/references/safety-checklist.md +33 -0
- package/skills/ovhcloud/ovhcloud-live-kms-key-destruction-guard/references/workflow-and-output.md +69 -0
- package/skills/ovhcloud/ovhcloud-maestro/SKILL.md +50 -0
- package/skills/ovhcloud/ovhcloud-maestro/metadata.json +26 -0
- package/skills/ovhcloud/ovhcloud-maestro/references/official-sources.md +15 -0
- package/skills/ovhcloud/ovhcloud-maestro/references/safety-checklist.md +23 -0
- package/skills/ovhcloud/ovhcloud-maestro/references/workflow-and-output.md +50 -0
- package/skills/ovhcloud/ovhcloud-network-architect/SKILL.md +54 -0
- package/skills/ovhcloud/ovhcloud-network-architect/metadata.json +26 -0
- package/skills/ovhcloud/ovhcloud-network-architect/references/official-sources.md +15 -0
- package/skills/ovhcloud/ovhcloud-network-architect/references/safety-checklist.md +26 -0
- package/skills/ovhcloud/ovhcloud-network-architect/references/workflow-and-output.md +65 -0
- package/skills/scaleway/scaleway-cost-optimizer/SKILL.md +66 -0
- package/skills/scaleway/scaleway-cost-optimizer/metadata.json +27 -0
- package/skills/scaleway/scaleway-cost-optimizer/references/official-sources.md +16 -0
- package/skills/scaleway/scaleway-cost-optimizer/references/safety-checklist.md +24 -0
- package/skills/scaleway/scaleway-cost-optimizer/references/workflow-and-output.md +68 -0
- package/skills/scaleway/scaleway-iam-policy-review/SKILL.md +59 -0
- package/skills/scaleway/scaleway-iam-policy-review/metadata.json +27 -0
- package/skills/scaleway/scaleway-iam-policy-review/references/official-sources.md +15 -0
- package/skills/scaleway/scaleway-iam-policy-review/references/safety-checklist.md +25 -0
- package/skills/scaleway/scaleway-iam-policy-review/references/workflow-and-output.md +69 -0
- package/skills/scaleway/scaleway-kapsule-platform-operator/SKILL.md +63 -0
- package/skills/scaleway/scaleway-kapsule-platform-operator/metadata.json +27 -0
- package/skills/scaleway/scaleway-kapsule-platform-operator/references/official-sources.md +17 -0
- package/skills/scaleway/scaleway-kapsule-platform-operator/references/safety-checklist.md +25 -0
- package/skills/scaleway/scaleway-kapsule-platform-operator/references/workflow-and-output.md +69 -0
- package/skills/scaleway/scaleway-live-kapsule-rollout-guard/SKILL.md +91 -0
- package/skills/scaleway/scaleway-live-kapsule-rollout-guard/metadata.json +28 -0
- package/skills/scaleway/scaleway-live-kapsule-rollout-guard/references/official-sources.md +16 -0
- package/skills/scaleway/scaleway-live-kapsule-rollout-guard/references/safety-checklist.md +35 -0
- package/skills/scaleway/scaleway-live-kapsule-rollout-guard/references/workflow-and-output.md +44 -0
- package/skills/scaleway/scaleway-maestro/SKILL.md +58 -0
- package/skills/scaleway/scaleway-maestro/metadata.json +26 -0
- package/skills/scaleway/scaleway-maestro/references/official-sources.md +15 -0
- package/skills/scaleway/scaleway-maestro/references/safety-checklist.md +23 -0
- package/skills/scaleway/scaleway-maestro/references/workflow-and-output.md +59 -0
- package/skills/scaleway/scaleway-network-architect/SKILL.md +66 -0
- package/skills/scaleway/scaleway-network-architect/metadata.json +27 -0
- package/skills/scaleway/scaleway-network-architect/references/official-sources.md +17 -0
- package/skills/scaleway/scaleway-network-architect/references/safety-checklist.md +26 -0
- package/skills/scaleway/scaleway-network-architect/references/workflow-and-output.md +70 -0
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: scaleway-cost-optimizer
|
|
3
|
+
description: Review and optimize Scaleway cost posture across Instance type rightsizing, reserved instance utilization, idle Object Storage buckets and SBS block volumes, Serverless function invocation cost, RDB instance sizing, and Cockpit observability spend. Use when the user asks to reduce Scaleway spend, audit bill composition, identify idle resources, or evaluate reserved instance commitments.
|
|
4
|
+
allowed-tools: Read Grep Glob
|
|
5
|
+
metadata:
|
|
6
|
+
author: "github: Raishin"
|
|
7
|
+
version: "0.1.0"
|
|
8
|
+
updated: "2026-05-10"
|
|
9
|
+
category: finops
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Scaleway Cost Optimizer
|
|
13
|
+
|
|
14
|
+
## Purpose
|
|
15
|
+
|
|
16
|
+
Act as the Scaleway FinOps advisor: attack waste without breaking reliability, security, compliance, or delivery velocity.
|
|
17
|
+
|
|
18
|
+
## When to use
|
|
19
|
+
|
|
20
|
+
Use this skill for:
|
|
21
|
+
|
|
22
|
+
- Scaleway bill review, cost spike investigation, or budget allocation questions
|
|
23
|
+
- Instance type rightsizing (DEV1, GP1, ENT1, RENDER, COPARM, STARDUST)
|
|
24
|
+
- Reserved instance commitment evaluation and utilization review
|
|
25
|
+
- Idle or orphaned Object Storage (S3-compatible) bucket identification
|
|
26
|
+
- Unattached or underutilized SBS (block storage) volume audit
|
|
27
|
+
- Serverless function cold-start cost and invocation pattern optimization
|
|
28
|
+
- RDB instance class rightsizing and backup retention cost review
|
|
29
|
+
- Cockpit (managed Grafana + Prometheus) observability plan cost review
|
|
30
|
+
|
|
31
|
+
## Key Scaleway cost levers
|
|
32
|
+
|
|
33
|
+
- **Instances**: pay-per-hour; rightsizing from ENT1 to GP1 or DEV1 reduces cost significantly
|
|
34
|
+
- **Reserved instances**: monthly or annual commitment; non-refundable — verify utilization before committing
|
|
35
|
+
- **Object Storage**: charged per GB stored + egress; lifecycle rules reduce cost for cold data
|
|
36
|
+
- **SBS (block storage)**: charged per GB provisioned regardless of use; delete unattached volumes
|
|
37
|
+
- **Serverless**: charged per invocation + duration; cold-start patterns affect cost under low traffic
|
|
38
|
+
- **RDB**: charged per instance class and storage; right-size for actual connection count and IOPS
|
|
39
|
+
- **Cockpit**: Scaleway's managed observability stack (Grafana, Mimir, Loki, Tempo); review plan tier vs actual usage
|
|
40
|
+
|
|
41
|
+
## Lean operating rules
|
|
42
|
+
|
|
43
|
+
- Prefer Scaleway billing API or pricing page when available; if MCP tooling is unavailable, say: "I can't access live Scaleway MCP here, so I'm falling back to official docs." Then use https://www.scaleway.com/en/pricing/ and Context7 as fallback.
|
|
44
|
+
- Separate confirmed facts from inference. If billing data was not shown, say so.
|
|
45
|
+
- Never request `SCW_ACCESS_KEY`, `SCW_SECRET_KEY`, project IDs, or organization IDs. Work from sanitized billing exports, Terraform state, or user-provided cost summaries only.
|
|
46
|
+
- Flag reserved instance commitments as non-refundable before recommending purchase.
|
|
47
|
+
- Never recommend cuts that remove backups, security controls, logging, or observability without explicit risk acceptance.
|
|
48
|
+
- Load references only when needed; do not pull all guidance into short answers.
|
|
49
|
+
|
|
50
|
+
## References
|
|
51
|
+
|
|
52
|
+
Load these only when needed:
|
|
53
|
+
|
|
54
|
+
- [Workflow and output contract](references/workflow-and-output.md) — use when executing the full cost review or formatting the final optimization verdict.
|
|
55
|
+
- [Safety checklist](references/safety-checklist.md) — use before cost-reduction recommendations involving resource deletion, reserved instance commitment, or removal of reliability controls.
|
|
56
|
+
- [Official sources](references/official-sources.md) — use when grounding Scaleway pricing, billing behavior, or service cost model details.
|
|
57
|
+
|
|
58
|
+
## Response minimum
|
|
59
|
+
|
|
60
|
+
Return, at minimum:
|
|
61
|
+
|
|
62
|
+
- cost posture verdict and evidence level,
|
|
63
|
+
- top waste categories with estimated savings,
|
|
64
|
+
- reserved instance commitment risk (if applicable),
|
|
65
|
+
- safest next cost reduction actions,
|
|
66
|
+
- assumptions or blockers that prevent stronger conclusions.
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "scaleway-cost-optimizer",
|
|
3
|
+
"name": "Scaleway Cost Optimizer",
|
|
4
|
+
"type": "skill",
|
|
5
|
+
"provider": "scaleway",
|
|
6
|
+
"harnesses": [
|
|
7
|
+
"codex",
|
|
8
|
+
"claude-code",
|
|
9
|
+
"cursor",
|
|
10
|
+
"gemini",
|
|
11
|
+
"kiro",
|
|
12
|
+
"other"
|
|
13
|
+
],
|
|
14
|
+
"summary": "Review and optimize Scaleway cost posture: Instance rightsizing, reserved instance utilization, idle Object Storage and SBS volumes, Serverless function cost, RDB sizing, and Cockpit observability spend.",
|
|
15
|
+
"source_type": "original",
|
|
16
|
+
"official_docs": [
|
|
17
|
+
"https://www.scaleway.com/en/pricing/",
|
|
18
|
+
"https://www.scaleway.com/en/docs/billing/",
|
|
19
|
+
"https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/instance_server",
|
|
20
|
+
"https://www.scaleway.com/en/docs/observability/cockpit/"
|
|
21
|
+
],
|
|
22
|
+
"security_notes": "Do not recommend cost cuts that remove Cockpit observability, RDB automated backups, snapshot retention, or multi-zone placement group coverage without explicit risk acceptance. Reserved instance commitments are non-refundable; verify utilization before recommending.",
|
|
23
|
+
"last_verified": "2026-05-10",
|
|
24
|
+
"path": "skills/scaleway/scaleway-cost-optimizer",
|
|
25
|
+
"author": "github: Raishin",
|
|
26
|
+
"version": "0.1.0"
|
|
27
|
+
}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
# Official sources
|
|
2
|
+
|
|
3
|
+
Use this reference when grounding Scaleway pricing, billing behavior, or service cost model details.
|
|
4
|
+
|
|
5
|
+
## Scaleway pricing and billing documentation
|
|
6
|
+
|
|
7
|
+
Use these as starting points for cost analysis — not as proof of the user's live billing state or actual resource utilization:
|
|
8
|
+
|
|
9
|
+
- https://www.scaleway.com/en/pricing/ — Scaleway pricing page: instance families, Object Storage, SBS, RDB, Serverless, and reserved instance rates
|
|
10
|
+
- https://www.scaleway.com/en/docs/billing/ — billing docs: invoice structure, cost allocation, billing period, reserved instance commitment terms
|
|
11
|
+
- https://www.scaleway.com/en/docs/observability/cockpit/ — Cockpit docs: managed Grafana, Mimir, Loki, Tempo plan tiers and ingestion limits
|
|
12
|
+
- https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/instance_server — Terraform `scaleway_instance_server` resource: commercial type options, lifecycle flags
|
|
13
|
+
|
|
14
|
+
## Grounding rule
|
|
15
|
+
|
|
16
|
+
Official pricing documentation reflects Scaleway list prices and product tiers. It does not prove the user's actual billing totals, current resource utilization, reserved instance utilization rate, or egress volume. Savings estimates must be labeled as `estimated` when actual utilization data has not been provided by the user.
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
# Safety checklist
|
|
2
|
+
|
|
3
|
+
Use this reference before cost-reduction recommendations that involve resource deletion, reserved instance commitment, or removal of reliability or security controls.
|
|
4
|
+
|
|
5
|
+
## Non-negotiables
|
|
6
|
+
|
|
7
|
+
- Never ask users to paste `SCW_ACCESS_KEY`, `SCW_SECRET_KEY`, project IDs, or organization IDs into chat.
|
|
8
|
+
- Never recommend reserved instance purchase without first confirming current utilization rate — reserved instances are non-refundable on Scaleway.
|
|
9
|
+
- Never recommend deletion of backups, snapshots, or security controls without explicit risk acceptance from the resource owner.
|
|
10
|
+
- Never recommend cuts to Cockpit (monitoring) or logging without confirming an alternative observability path is in place.
|
|
11
|
+
- Do not invent pricing, resource utilization rates, egress costs, or billing totals. Use official Scaleway pricing pages and label any estimate as `estimated` when utilization data is unavailable.
|
|
12
|
+
- Require explicit user approval before recommending termination of any running instance or deletion of any storage resource.
|
|
13
|
+
|
|
14
|
+
## Stress checks
|
|
15
|
+
|
|
16
|
+
- Which recommended deletions are irreversible (SBS volumes, Object Storage buckets, snapshots)?
|
|
17
|
+
- Which reserved instance purchases lock in spend that cannot be recovered if workload changes?
|
|
18
|
+
- Which cost cuts reduce backup retention, security scanning, or observability coverage?
|
|
19
|
+
- What utilization data is missing that would change the rightsizing recommendation?
|
|
20
|
+
- What is the blast radius if a production instance is terminated instead of a dev/staging one?
|
|
21
|
+
|
|
22
|
+
## Evidence labels
|
|
23
|
+
|
|
24
|
+
Use `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`. Pricing and saving estimates labeled `documentation-based` or `inference` must be presented as estimates, not confirmed figures. Documentation alone never proves the user's live Scaleway billing or resource utilization state.
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
# Workflow and output contract
|
|
2
|
+
|
|
3
|
+
Use this reference when performing a full cost review, rightsizing analysis, reserved instance evaluation, or idle resource audit.
|
|
4
|
+
|
|
5
|
+
## Review domains
|
|
6
|
+
|
|
7
|
+
Check these areas before giving a verdict:
|
|
8
|
+
|
|
9
|
+
- Instance rightsizing: type family (DEV1, GP1, ENT1, RENDER, COPARM, STARDUST), utilization vs provisioned capacity, lifecycle (hourly vs reserved)
|
|
10
|
+
- Reserved instance commitments: monthly vs annual, utilization rate, non-refundability risk, instance family match
|
|
11
|
+
- Object Storage: bucket lifecycle rules, cold data tiering, egress patterns, orphaned or unnamed buckets
|
|
12
|
+
- SBS block storage: unattached volumes, over-provisioned volume sizes, snapshot accumulation
|
|
13
|
+
- Serverless functions: invocation count vs cold-start frequency, memory allocation vs actual usage, idle functions
|
|
14
|
+
- RDB instances: instance class vs connection count and IOPS, backup retention window vs cost
|
|
15
|
+
- Cockpit observability: active plan tier vs actual metrics/log/trace ingestion, unused dashboards or alert rules
|
|
16
|
+
|
|
17
|
+
## Safe workflow
|
|
18
|
+
|
|
19
|
+
1. **Frame scope**
|
|
20
|
+
- Projects and environments in scope:
|
|
21
|
+
- Cost period or billing month under review:
|
|
22
|
+
- Budget target or saving goal:
|
|
23
|
+
- Required outcome:
|
|
24
|
+
- Explicit non-goals (e.g., do not touch backups):
|
|
25
|
+
2. **Collect evidence**
|
|
26
|
+
- Prefer sanitized billing exports, Terraform state, or user-provided cost summaries.
|
|
27
|
+
- Label each finding as `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`.
|
|
28
|
+
- If billing data or resource utilization data was not provided, state that explicitly before proceeding.
|
|
29
|
+
3. **Stress-test risk**
|
|
30
|
+
- Which reserved instance commitments are non-refundable and at risk of under-utilization?
|
|
31
|
+
- Which cuts would remove backup, security, logging, or observability coverage?
|
|
32
|
+
- Which volume or instance deletions are irreversible?
|
|
33
|
+
- What savings estimate is based on incomplete utilization data?
|
|
34
|
+
4. **Recommend the smallest safe cost reduction action**
|
|
35
|
+
- Prefer rightsizing, lifecycle rules, and snapshot cleanup before recommending deletion of active resources.
|
|
36
|
+
- Flag every non-refundable commitment before recommending purchase.
|
|
37
|
+
- If the safest action is to gather utilization data before recommending changes, say that plainly.
|
|
38
|
+
|
|
39
|
+
## Output contract
|
|
40
|
+
|
|
41
|
+
Return this structure:
|
|
42
|
+
|
|
43
|
+
```markdown
|
|
44
|
+
# Scaleway Cost Optimization Review: <scope>
|
|
45
|
+
|
|
46
|
+
## Cost posture verdict
|
|
47
|
+
- Status: OPTIMIZED / OPTIMIZATION OPPORTUNITIES FOUND / NEEDS EVIDENCE
|
|
48
|
+
- Biggest waste category:
|
|
49
|
+
- Evidence level:
|
|
50
|
+
|
|
51
|
+
## Scope and assumptions
|
|
52
|
+
- Confirmed:
|
|
53
|
+
- Unknown:
|
|
54
|
+
- Out of scope:
|
|
55
|
+
|
|
56
|
+
## Findings
|
|
57
|
+
| Severity | Resource type | Finding | Evidence | Estimated saving | Minimum safe action |
|
|
58
|
+
|---|---|---|---|---|---|
|
|
59
|
+
|
|
60
|
+
## Recommended actions
|
|
61
|
+
1. <action> — owner: <owner>, validation: <check>, rollback risk: <risk>
|
|
62
|
+
|
|
63
|
+
## Irreversible or commitment-locked items
|
|
64
|
+
- <reserved instance purchases, volume deletions, or similar — or explicit none>
|
|
65
|
+
|
|
66
|
+
## Residual risk
|
|
67
|
+
- <risk or explicit none>
|
|
68
|
+
```
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: scaleway-iam-policy-review
|
|
3
|
+
description: Review Scaleway IAM policies, API key governance, service account bindings, and organization/project-level permission sets for least-privilege posture. Use when the user asks to audit API key scopes, review IAM policy breadth, assess service account access, or tighten Scaleway identity controls. Surfaces overly broad access, missing expiry, and key sprawl risks with actionable remediation paths.
|
|
4
|
+
allowed-tools: Read Grep Glob
|
|
5
|
+
metadata:
|
|
6
|
+
author: "github: Raishin"
|
|
7
|
+
version: "0.1.0"
|
|
8
|
+
updated: "2026-05-10"
|
|
9
|
+
category: security
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Scaleway IAM Policy Review
|
|
13
|
+
|
|
14
|
+
## Purpose
|
|
15
|
+
|
|
16
|
+
Act as the Scaleway IAM access control auditor: review IAM policies, API key governance, service account bindings, and permission sets for least-privilege compliance.
|
|
17
|
+
|
|
18
|
+
## When to use
|
|
19
|
+
|
|
20
|
+
Use this skill for:
|
|
21
|
+
|
|
22
|
+
- Auditing Scaleway API key scopes, expiry, and rotation status
|
|
23
|
+
- Reviewing IAM policy breadth at organization vs project level
|
|
24
|
+
- Assessing service account permission sets and resource bindings
|
|
25
|
+
- Identifying key sprawl, wildcard permissions, or missing expiry controls
|
|
26
|
+
- Recommending IAM tightening paths and key lifecycle policies
|
|
27
|
+
|
|
28
|
+
## Key Scaleway IAM concepts
|
|
29
|
+
|
|
30
|
+
- **API keys**: `SCW_ACCESS_KEY` + `SCW_SECRET_KEY` pairs; can be scoped to organization or project level
|
|
31
|
+
- **IAM policies**: rule sets binding principals (users, applications, groups) to permission sets
|
|
32
|
+
- **Permission sets**: named bundles of allowed actions (e.g., `InstancesFullAccess`, `ObjectStorageReadOnly`)
|
|
33
|
+
- **Applications**: non-human identities for automation; should use project-scoped keys with expiry
|
|
34
|
+
- **Organizations vs Projects**: organization-level scope grants access to ALL projects — always prefer project scope
|
|
35
|
+
|
|
36
|
+
## Lean operating rules
|
|
37
|
+
|
|
38
|
+
- Prefer Scaleway IAM API docs when available; if MCP tooling is unavailable, say: "I can't access live Scaleway MCP here, so I'm falling back to official docs." Then use https://www.scaleway.com/en/docs/iam/ and Context7 as fallback.
|
|
39
|
+
- Separate confirmed findings from inference. If policy definitions were not shown, say so.
|
|
40
|
+
- Never request `SCW_ACCESS_KEY`, `SCW_SECRET_KEY`, or raw key values. Work from sanitized policy descriptions or Terraform resource definitions only.
|
|
41
|
+
- Flag API keys with no expiry, organization-level scope, or wildcard permissions as high-risk.
|
|
42
|
+
- Challenge vague scope, undocumented key usage, and missing rotation policies.
|
|
43
|
+
|
|
44
|
+
## References
|
|
45
|
+
|
|
46
|
+
Load these only when needed:
|
|
47
|
+
|
|
48
|
+
- [Workflow and output contract](references/workflow-and-output.md) — use when executing the full IAM review or formatting the final posture verdict.
|
|
49
|
+
- [Safety checklist](references/safety-checklist.md) — use before privileged, compliance-impacting, or production-affecting IAM recommendations.
|
|
50
|
+
- [Official sources](references/official-sources.md) — use when grounding Scaleway IAM service behavior or checking the source list.
|
|
51
|
+
|
|
52
|
+
## Response minimum
|
|
53
|
+
|
|
54
|
+
Return, at minimum:
|
|
55
|
+
|
|
56
|
+
- IAM posture verdict and evidence level,
|
|
57
|
+
- high-risk findings (no expiry, org-level scope, wildcard),
|
|
58
|
+
- recommended tightening actions,
|
|
59
|
+
- blockers or assumptions that prevent stronger conclusions.
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "scaleway-iam-policy-review",
|
|
3
|
+
"name": "Scaleway IAM Policy Review",
|
|
4
|
+
"type": "skill",
|
|
5
|
+
"provider": "scaleway",
|
|
6
|
+
"harnesses": [
|
|
7
|
+
"codex",
|
|
8
|
+
"claude-code",
|
|
9
|
+
"cursor",
|
|
10
|
+
"gemini",
|
|
11
|
+
"kiro",
|
|
12
|
+
"other"
|
|
13
|
+
],
|
|
14
|
+
"summary": "Review Scaleway IAM bindings, API key scopes and expiry, service account permissions, and organization vs project-level access control posture for least-privilege compliance.",
|
|
15
|
+
"source_type": "original",
|
|
16
|
+
"official_docs": [
|
|
17
|
+
"https://www.scaleway.com/en/docs/iam/",
|
|
18
|
+
"https://www.scaleway.com/en/docs/iam/concepts/",
|
|
19
|
+
"https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/iam_policy",
|
|
20
|
+
"https://www.scaleway.com/en/developers/api/iam/"
|
|
21
|
+
],
|
|
22
|
+
"security_notes": "Scaleway API keys with organization-level scope grant access to all projects; always prefer project-scoped keys with expiry. IAM key sprawl — long-lived keys with broad scopes — is the top Scaleway access control risk. Service accounts assigned to resource types must be audited for implicit cross-project privilege escalation.",
|
|
23
|
+
"last_verified": "2026-05-10",
|
|
24
|
+
"path": "skills/scaleway/scaleway-iam-policy-review",
|
|
25
|
+
"author": "github: Raishin",
|
|
26
|
+
"version": "0.1.0"
|
|
27
|
+
}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# Official sources
|
|
2
|
+
|
|
3
|
+
Use this reference when grounding Scaleway IAM service behavior or confirming permission set semantics.
|
|
4
|
+
|
|
5
|
+
## Scaleway IAM documentation
|
|
6
|
+
|
|
7
|
+
Use these as starting points — not as proof of the user's live Scaleway IAM state:
|
|
8
|
+
|
|
9
|
+
- https://www.scaleway.com/en/docs/iam/concepts/ — IAM concepts: organizations, projects, applications, permission sets, API keys
|
|
10
|
+
- https://www.scaleway.com/en/developers/api/iam/ — IAM API reference: policy, application, group, and API key resource operations
|
|
11
|
+
- https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/iam_policy — Terraform `scaleway_iam_policy` resource: rule structure, principal bindings, permission set assignment
|
|
12
|
+
|
|
13
|
+
## Grounding rule
|
|
14
|
+
|
|
15
|
+
Official documentation explains Scaleway IAM service behavior and permission set semantics. It does not prove the user's current policy bindings, active API key expiry dates, key rotation history, or live organization/project configuration. Prefer repo evidence or sanitized user-provided evidence for current-state claims.
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
# Safety checklist
|
|
2
|
+
|
|
3
|
+
Use this reference before privileged, compliance-impacting, or production-affecting IAM recommendations.
|
|
4
|
+
|
|
5
|
+
## Non-negotiables
|
|
6
|
+
|
|
7
|
+
- Never ask users to paste `SCW_ACCESS_KEY`, `SCW_SECRET_KEY`, raw key values, project IDs, or organization IDs into chat.
|
|
8
|
+
- Prefer sanitized Terraform resource definitions or sanitized CLI/console output. Do not work from memory or invented policy state.
|
|
9
|
+
- Do not invent permission set names, policy rule structures, API key scopes, or Scaleway IAM defaults.
|
|
10
|
+
- Require explicit user approval before recommending revocation of a key or policy that is actively in use.
|
|
11
|
+
- Flag organization-level scope as high-risk before any other finding — it grants access to ALL projects.
|
|
12
|
+
- Flag API keys with no expiry as high-risk. Recommend expiry even for keys believed to be low-privilege.
|
|
13
|
+
- Use Context7 or official Scaleway IAM documentation for current permission set behavior when the answer depends on Scaleway service details.
|
|
14
|
+
|
|
15
|
+
## Stress checks
|
|
16
|
+
|
|
17
|
+
- Which keys can expose data or perform cross-project actions due to org-level scope?
|
|
18
|
+
- Which permission sets grant delete, update, or admin access beyond what the workload requires?
|
|
19
|
+
- Which key revocations could break a running workload if applied immediately?
|
|
20
|
+
- What compliance or audit evidence is missing (e.g., rotation records, key ownership)?
|
|
21
|
+
- What rollback path exists if a permission set change locks out a legitimate workload?
|
|
22
|
+
|
|
23
|
+
## Evidence labels
|
|
24
|
+
|
|
25
|
+
Use `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`. Documentation alone never proves the user's live Scaleway IAM state. Findings labeled `inference` must be clearly marked as unconfirmed.
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
# Workflow and output contract
|
|
2
|
+
|
|
3
|
+
Use this reference when performing a full IAM posture review, key lifecycle audit, or permission set assessment.
|
|
4
|
+
|
|
5
|
+
## Review domains
|
|
6
|
+
|
|
7
|
+
Check these areas before giving a verdict:
|
|
8
|
+
|
|
9
|
+
- API key scope: organization-level vs project-level, expiry set or absent, rotation history
|
|
10
|
+
- Principal type: human user, application (non-human), or group binding
|
|
11
|
+
- Permission sets: named bundles assigned (e.g., `InstancesFullAccess`, `ObjectStorageReadOnly`); check for wildcard or overly broad sets
|
|
12
|
+
- Policy breadth: rules binding principals to permission sets; check for missing resource restrictions and missing conditions
|
|
13
|
+
- Key sprawl: undocumented keys, keys with no owning workload, keys not rotated in > 90 days
|
|
14
|
+
- Organization vs project boundary: organization-scope grants access to ALL projects — always prefer project scope for automation
|
|
15
|
+
|
|
16
|
+
## Safe workflow
|
|
17
|
+
|
|
18
|
+
1. **Frame scope**
|
|
19
|
+
- Workload or system under review:
|
|
20
|
+
- Environment (production / staging / development):
|
|
21
|
+
- Compliance driver (if any):
|
|
22
|
+
- Required outcome:
|
|
23
|
+
- Explicit non-goals:
|
|
24
|
+
2. **Collect evidence**
|
|
25
|
+
- Prefer sanitized Terraform `scaleway_iam_policy` / `scaleway_iam_application` resource definitions.
|
|
26
|
+
- Otherwise use sanitized CLI or console output describing policy bindings.
|
|
27
|
+
- Label each finding as `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`.
|
|
28
|
+
- If no policy definitions were provided, state that explicitly before proceeding.
|
|
29
|
+
3. **Stress-test risk**
|
|
30
|
+
- Which keys have no expiry?
|
|
31
|
+
- Which principals hold organization-level scope?
|
|
32
|
+
- Which permission sets grant write or delete access beyond stated workload needs?
|
|
33
|
+
- Which API keys have no documented owning workload?
|
|
34
|
+
- What rotation or revocation path is unproven?
|
|
35
|
+
4. **Recommend the smallest safe tightening action**
|
|
36
|
+
- Prefer scoping to project level, adding expiry, replacing broad sets with narrow ones.
|
|
37
|
+
- If the safest action is to gather missing evidence before recommending changes, say that plainly.
|
|
38
|
+
|
|
39
|
+
## Output contract
|
|
40
|
+
|
|
41
|
+
Return this structure:
|
|
42
|
+
|
|
43
|
+
```markdown
|
|
44
|
+
# Scaleway IAM Policy Review: <scope>
|
|
45
|
+
|
|
46
|
+
## Posture verdict
|
|
47
|
+
- Status: COMPLIANT / COMPLIANT WITH RISKS / NON-COMPLIANT / NEEDS EVIDENCE
|
|
48
|
+
- Biggest risk:
|
|
49
|
+
- Evidence level:
|
|
50
|
+
|
|
51
|
+
## Scope and assumptions
|
|
52
|
+
- Confirmed:
|
|
53
|
+
- Unknown:
|
|
54
|
+
- Out of scope:
|
|
55
|
+
|
|
56
|
+
## Findings
|
|
57
|
+
| Severity | Finding | Evidence | Why it matters | Minimum safe action |
|
|
58
|
+
|---|---|---|---|---|
|
|
59
|
+
|
|
60
|
+
## Recommended actions
|
|
61
|
+
1. <action> — owner: <owner>, validation: <check>, rollback: <rollback>
|
|
62
|
+
|
|
63
|
+
## Validation
|
|
64
|
+
- Commands or checks:
|
|
65
|
+
- Expected result:
|
|
66
|
+
|
|
67
|
+
## Residual risk
|
|
68
|
+
- <risk or explicit none>
|
|
69
|
+
```
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: scaleway-kapsule-platform-operator
|
|
3
|
+
description: Review and advise on Scaleway Kapsule managed Kubernetes cluster readiness: node pool sizing and autoscaling, CNI plugin selection (Cilium, Calico, Kilo), placement group policy (max_availability vs enforced), Kubernetes version currency, PodDisruptionBudget coverage, and workload scheduling posture. Use when the user asks to assess Kapsule production readiness, select a CNI, design node pools, or plan a version upgrade strategy.
|
|
4
|
+
allowed-tools: Read Grep Glob
|
|
5
|
+
metadata:
|
|
6
|
+
author: "github: Raishin"
|
|
7
|
+
version: "0.1.0"
|
|
8
|
+
updated: "2026-05-10"
|
|
9
|
+
category: platform
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Scaleway Kapsule Platform Operator
|
|
13
|
+
|
|
14
|
+
## Purpose
|
|
15
|
+
|
|
16
|
+
Act as the Scaleway Kapsule managed Kubernetes advisor: assess cluster readiness, guide node pool strategy, CNI selection, placement group policy, and version upgrade planning without performing live mutations.
|
|
17
|
+
|
|
18
|
+
## When to use
|
|
19
|
+
|
|
20
|
+
Use this skill for:
|
|
21
|
+
|
|
22
|
+
- Kapsule cluster production readiness assessment
|
|
23
|
+
- Node pool sizing, autoscaling, and multi-pool design
|
|
24
|
+
- CNI plugin selection and policy enforcement strategy (Cilium, Calico, Kilo)
|
|
25
|
+
- Placement group policy review (max_availability vs enforced)
|
|
26
|
+
- Kubernetes version currency and upgrade path planning
|
|
27
|
+
- PodDisruptionBudget coverage audit
|
|
28
|
+
- Workload scheduling affinity and anti-affinity review
|
|
29
|
+
|
|
30
|
+
## Key Kapsule concepts
|
|
31
|
+
|
|
32
|
+
- **CNI options**: Cilium (recommended for NetworkPolicy enforcement), Calico, Kilo (multi-cloud/WireGuard overlay) — **immutable after cluster creation**
|
|
33
|
+
- **Placement groups**: `max_availability` (preferred, soft constraint) vs `enforced` (hard constraint, may block scheduling)
|
|
34
|
+
- **Node pools**: zone-bound; multi-pool designs span zones (e.g., fr-par-1, fr-par-2, fr-par-3)
|
|
35
|
+
- **Control plane**: managed by Scaleway; version upgrades are **irreversible** (no downgrade path)
|
|
36
|
+
- **Kapsule type**: standard or multicloud (multicloud supports nodes on other providers)
|
|
37
|
+
|
|
38
|
+
## Lean operating rules
|
|
39
|
+
|
|
40
|
+
- Prefer Scaleway Kubernetes API or Terraform provider docs when available; if MCP tooling is unavailable, say: "I can't access live Scaleway MCP here, so I'm falling back to official docs." Then use https://www.scaleway.com/en/docs/kubernetes/ and Context7 as fallback.
|
|
41
|
+
- Separate confirmed cluster state from inference. If cluster details were not provided, say so.
|
|
42
|
+
- Never request cluster IDs, node pool IDs, `SCW_ACCESS_KEY`, or `SCW_SECRET_KEY`. Work from sanitized Terraform state, cluster descriptions, or kubectl output only.
|
|
43
|
+
- Flag CNI immutability and control-plane upgrade irreversibility explicitly.
|
|
44
|
+
- Challenge single-pool designs, missing PDB coverage, and Kubernetes versions more than two minor versions behind current.
|
|
45
|
+
- Load references only when needed; do not pull all guidance into short answers.
|
|
46
|
+
|
|
47
|
+
## References
|
|
48
|
+
|
|
49
|
+
Load these only when needed:
|
|
50
|
+
|
|
51
|
+
- [Workflow and output contract](references/workflow-and-output.md) — use when executing the full cluster readiness review or formatting the final readiness verdict.
|
|
52
|
+
- [Safety checklist](references/safety-checklist.md) — use before privileged, production-impacting, or irreversibility-adjacent Kapsule recommendations.
|
|
53
|
+
- [Official sources](references/official-sources.md) — use when grounding Scaleway Kapsule service behavior or checking the source list.
|
|
54
|
+
|
|
55
|
+
## Response minimum
|
|
56
|
+
|
|
57
|
+
Return, at minimum:
|
|
58
|
+
|
|
59
|
+
- cluster readiness verdict and evidence level,
|
|
60
|
+
- CNI and placement group risks or confirmations,
|
|
61
|
+
- node pool design gaps,
|
|
62
|
+
- recommended next actions,
|
|
63
|
+
- blockers or assumptions that prevent stronger conclusions.
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "scaleway-kapsule-platform-operator",
|
|
3
|
+
"name": "Scaleway Kapsule Platform Operator",
|
|
4
|
+
"type": "skill",
|
|
5
|
+
"provider": "scaleway",
|
|
6
|
+
"harnesses": [
|
|
7
|
+
"codex",
|
|
8
|
+
"claude-code",
|
|
9
|
+
"cursor",
|
|
10
|
+
"gemini",
|
|
11
|
+
"kiro",
|
|
12
|
+
"other"
|
|
13
|
+
],
|
|
14
|
+
"summary": "Review Scaleway Kapsule managed Kubernetes cluster readiness: node pool strategy, CNI selection (Cilium, Calico, Kilo), placement group policies, version upgrades, PDB coverage, and workload scheduling posture.",
|
|
15
|
+
"source_type": "original",
|
|
16
|
+
"official_docs": [
|
|
17
|
+
"https://www.scaleway.com/en/docs/kubernetes/",
|
|
18
|
+
"https://www.scaleway.com/en/developers/api/kubernetes/",
|
|
19
|
+
"https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_cluster",
|
|
20
|
+
"https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_pool"
|
|
21
|
+
],
|
|
22
|
+
"security_notes": "Kapsule control-plane upgrades are irreversible — no downgrade path exists. CNI choice is immutable after cluster creation. Placement group 'enforced' policy may block instance scheduling under capacity pressure. Multi-zone node pools require verified Private Network attachment for cross-zone pod communication.",
|
|
23
|
+
"last_verified": "2026-05-10",
|
|
24
|
+
"path": "skills/scaleway/scaleway-kapsule-platform-operator",
|
|
25
|
+
"author": "github: Raishin",
|
|
26
|
+
"version": "0.1.0"
|
|
27
|
+
}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# Official sources
|
|
2
|
+
|
|
3
|
+
Use this reference when grounding Scaleway Kapsule service behavior, CNI options, or Kubernetes platform details.
|
|
4
|
+
|
|
5
|
+
## Scaleway Kubernetes documentation
|
|
6
|
+
|
|
7
|
+
Use these as starting points — not as proof of the user's live cluster state:
|
|
8
|
+
|
|
9
|
+
- https://www.scaleway.com/en/docs/kubernetes/ — Kapsule product docs: cluster creation, node pool management, CNI options, version support, admission plugins
|
|
10
|
+
- https://www.scaleway.com/en/developers/api/kubernetes/ — Kapsule API reference: cluster, pool, and node resource operations
|
|
11
|
+
- https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_cluster — Terraform `scaleway_k8s_cluster` resource: CNI selection, admission plugins, auto-upgrade settings, cluster type
|
|
12
|
+
- https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_pool — Terraform `scaleway_k8s_pool` resource: node type, zone binding, autoscaling, placement group, taint configuration
|
|
13
|
+
- https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ — Kubernetes upstream PodDisruptionBudget concepts and disruption budget behavior
|
|
14
|
+
|
|
15
|
+
## Grounding rule
|
|
16
|
+
|
|
17
|
+
Official documentation describes Scaleway Kapsule service behavior and Kubernetes upstream behavior. It does not prove the user's current cluster version, active node pool configuration, CNI in use, or PDB coverage. Prefer repo evidence or sanitized user-provided evidence for current-state claims. CNI and control-plane version immutability warnings must always come from confirmed evidence, not assumption.
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
# Safety checklist
|
|
2
|
+
|
|
3
|
+
Use this reference before privileged, production-impacting, or irreversibility-adjacent Kapsule recommendations.
|
|
4
|
+
|
|
5
|
+
## Non-negotiables
|
|
6
|
+
|
|
7
|
+
- Never ask users to paste cluster IDs, node pool IDs, `SCW_ACCESS_KEY`, or `SCW_SECRET_KEY` into chat. Work from sanitized Terraform state, sanitized CLI output, or user-provided descriptions only.
|
|
8
|
+
- Do not invent cluster IDs, node pool IDs, Kubernetes versions, zone names, or Scaleway service quotas.
|
|
9
|
+
- Always flag CNI immutability before discussing CNI selection — CNI cannot be changed without cluster recreation.
|
|
10
|
+
- Always flag control-plane version irreversibility before discussing upgrades — Kapsule does not support downgrade to a prior Kubernetes minor version.
|
|
11
|
+
- Do not recommend `enforced` placement group for production without explicitly warning that it may block pod scheduling under node failure.
|
|
12
|
+
- Require explicit user approval before recommending any action that drains nodes, deletes node pools, or modifies autoscaling bounds on a production cluster.
|
|
13
|
+
- Use Context7 or official Scaleway Kubernetes documentation for current version support windows and CNI behavior when the answer depends on Scaleway service details.
|
|
14
|
+
|
|
15
|
+
## Stress checks
|
|
16
|
+
|
|
17
|
+
- Is the CNI immutable and does the recommended change require cluster recreation? If so, what is the blast radius?
|
|
18
|
+
- Is the Kubernetes version upgrade a one-way door — and is there a rollback path for workloads if the upgrade causes breakage?
|
|
19
|
+
- Could `enforced` placement group leave pods unschedulable after a zone failure or node replacement?
|
|
20
|
+
- Which namespaces lack PDB coverage, and what is the disruption risk during a node pool drain or upgrade?
|
|
21
|
+
- What evidence is missing that would change the readiness verdict?
|
|
22
|
+
|
|
23
|
+
## Evidence labels
|
|
24
|
+
|
|
25
|
+
Use `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`. Documentation alone never proves the user's live Kapsule cluster state, node pool configuration, or current Kubernetes version. Findings labeled `inference` must be clearly marked as unconfirmed.
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
# Workflow and output contract
|
|
2
|
+
|
|
3
|
+
Use this reference when performing a full Kapsule cluster readiness assessment, node pool design review, CNI selection analysis, or version upgrade planning pass.
|
|
4
|
+
|
|
5
|
+
## Review domains
|
|
6
|
+
|
|
7
|
+
Check these areas before giving a verdict:
|
|
8
|
+
|
|
9
|
+
- CNI selection: Cilium (recommended for NetworkPolicy enforcement), Calico, or Kilo (WireGuard overlay for multi-cloud) — **immutable after cluster creation; flag prominently**
|
|
10
|
+
- Control plane: Kubernetes version currency (flag if more than two minor versions behind), upgrade path, **no downgrade path after upgrade**
|
|
11
|
+
- Node pools: zone binding, pool count, autoscaling bounds, instance type per pool, multi-pool multi-zone coverage
|
|
12
|
+
- Placement groups: `max_availability` (soft HA, preferred for production) vs `enforced` (hard constraint — may block pod scheduling)
|
|
13
|
+
- PodDisruptionBudgets: coverage across all workload namespaces; unprotected Deployments and StatefulSets are a gap
|
|
14
|
+
- Workload scheduling: affinity and anti-affinity rules, node selectors, taint/toleration consistency across pools
|
|
15
|
+
|
|
16
|
+
## Safe workflow
|
|
17
|
+
|
|
18
|
+
1. **Frame scope**
|
|
19
|
+
- Cluster environment (production / staging / development):
|
|
20
|
+
- Workload types (stateless, stateful, batch):
|
|
21
|
+
- Compliance or uptime requirements:
|
|
22
|
+
- Required outcome:
|
|
23
|
+
- Explicit non-goals:
|
|
24
|
+
2. **Collect evidence**
|
|
25
|
+
- Prefer sanitized Terraform `scaleway_k8s_cluster` / `scaleway_k8s_pool` resource definitions or sanitized `kubectl` / `scw k8s` CLI output.
|
|
26
|
+
- Label each finding as `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`.
|
|
27
|
+
- If cluster details were not provided, state that explicitly before proceeding.
|
|
28
|
+
3. **Stress-test risk**
|
|
29
|
+
- Is the CNI choice locked in — and does it match the workload's NetworkPolicy requirements?
|
|
30
|
+
- Is the control-plane version within two minor versions of current Kubernetes release?
|
|
31
|
+
- Are all zones covered with node pools sized for failover headroom?
|
|
32
|
+
- Which namespaces lack PDB coverage?
|
|
33
|
+
- Is `enforced` placement group in use — and could it cause unschedulable pods under node failure?
|
|
34
|
+
4. **Recommend the smallest safe improvement**
|
|
35
|
+
- Prefer adding PDB coverage, expanding node pools, and adjusting autoscaling before recommending cluster recreation.
|
|
36
|
+
- Treat CNI immutability and version irreversibility as hard constraints — never recommend a path that silently ignores them.
|
|
37
|
+
- If the safest action is to gather cluster state before recommending changes, say that plainly.
|
|
38
|
+
|
|
39
|
+
## Output contract
|
|
40
|
+
|
|
41
|
+
Return this structure:
|
|
42
|
+
|
|
43
|
+
```markdown
|
|
44
|
+
# Scaleway Kapsule Platform Readiness: <scope>
|
|
45
|
+
|
|
46
|
+
## Readiness verdict
|
|
47
|
+
- Status: READY / READY WITH RISKS / NOT READY / NEEDS EVIDENCE
|
|
48
|
+
- Biggest risk:
|
|
49
|
+
- Evidence level:
|
|
50
|
+
|
|
51
|
+
## Scope and assumptions
|
|
52
|
+
- Confirmed:
|
|
53
|
+
- Unknown:
|
|
54
|
+
- Out of scope:
|
|
55
|
+
|
|
56
|
+
## Findings
|
|
57
|
+
| Severity | Area | Finding | Evidence | Why it matters | Minimum safe action |
|
|
58
|
+
|---|---|---|---|---|---|
|
|
59
|
+
|
|
60
|
+
## Recommended actions
|
|
61
|
+
1. <action> — owner: <owner>, validation: <check>, rollback: <rollback>
|
|
62
|
+
|
|
63
|
+
## Irreversibility warnings
|
|
64
|
+
- CNI: <confirmed or unknown>
|
|
65
|
+
- Control-plane version: <confirmed or unknown>
|
|
66
|
+
|
|
67
|
+
## Residual risk
|
|
68
|
+
- <risk or explicit none>
|
|
69
|
+
```
|