@raishin/vanguard-frontier-agentic 2.10.0 → 2.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +2 -2
- package/.claude-plugin/plugin.json +47 -1
- package/.cursor-plugin/plugin.json +47 -1
- package/.github/plugin/marketplace.json +1 -1
- package/README.md +35 -14
- package/agents/databricks/README.md +84 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/AGENT.md +54 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/copilot.agent.md +51 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/cursor.agent.md +40 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/gemini.agent.md +39 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/databricks/databricks-lakehouse-engineering-at-azure-agent/metadata.json +40 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/AGENT.md +72 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/PERMISSIONS.md +53 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/PREFLIGHT.md +76 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/ROLLBACK.md +42 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/claude-code.agent.md +61 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/copilot.agent.md +60 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/cursor.agent.md +61 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/gemini.agent.md +61 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/harnesses/kiro-ide.agent.md +61 -0
- package/agents/databricks/databricks-live-unity-catalog-grant-guard-at-azure-agent/metadata.json +61 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/AGENT.md +54 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/copilot.agent.md +51 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/cursor.agent.md +40 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/gemini.agent.md +39 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/databricks/databricks-unity-catalog-governance-at-azure-agent/metadata.json +40 -0
- package/agents/microsoft/copilot-governance-maestro-agent/AGENT.md +55 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/codex.toml +34 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/copilot-governance-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/copilot-governance-maestro-agent/metadata.json +39 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/AGENT.md +63 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/copilot-studio-agent-governance-alm-agent/metadata.json +42 -0
- package/agents/microsoft/d365-commerce-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-commerce-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-commerce-agent/metadata.json +39 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-customer-insights-journeys-agent/metadata.json +41 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-customer-service-contact-center-agent/metadata.json +39 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-data-migration-cutover-agent/metadata.json +41 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-field-service-to-cash-agent/metadata.json +39 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-finance-close-to-report-agent/metadata.json +39 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/d365-fno-developer-extension-agent/metadata.json +40 -0
- package/agents/microsoft/d365-integration-dual-write-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-integration-dual-write-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-integration-dual-write-agent/metadata.json +40 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/AGENT.md +78 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/PERMISSIONS.md +67 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/PREFLIGHT.md +81 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/ROLLBACK.md +76 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/claude-code.agent.md +59 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/copilot.agent.md +68 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/cursor.agent.md +59 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/gemini.agent.md +59 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/harnesses/kiro-ide.agent.md +59 -0
- package/agents/microsoft/d365-live-record-field-update-guard-agent/metadata.json +62 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/AGENT.md +61 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/PERMISSIONS.md +45 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/PREFLIGHT.md +44 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/ROLLBACK.md +39 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/claude-code.agent.md +60 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/copilot.agent.md +69 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/cursor.agent.md +60 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/gemini.agent.md +60 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/harnesses/kiro-ide.agent.md +60 -0
- package/agents/microsoft/d365-live-security-role-guard-agent/metadata.json +60 -0
- package/agents/microsoft/d365-maestro-agent/AGENT.md +56 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/codex.toml +35 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-maestro-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/d365-maestro-agent/metadata.json +38 -0
- package/agents/microsoft/d365-project-operations-agent/AGENT.md +63 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-project-operations-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-project-operations-agent/metadata.json +39 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-sales-revenue-operations-agent/metadata.json +39 -0
- package/agents/microsoft/d365-security-sod-governance-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-security-sod-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-security-sod-governance-agent/metadata.json +39 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-success-by-design-governance-agent/metadata.json +41 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/AGENT.md +64 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/d365-supply-chain-plan-to-produce-agent/metadata.json +39 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/AGENT.md +63 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/fabric-analytics-engineering-agent/metadata.json +39 -0
- package/agents/microsoft/fabric-data-engineering-agent/AGENT.md +63 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/fabric-data-engineering-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/fabric-data-engineering-agent/metadata.json +39 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/AGENT.md +63 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/fabric-power-bi-business-insights-governance-agent/metadata.json +39 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-backup-bcdr-data-resilience-agent/metadata.json +39 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/AGENT.md +64 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-copilot-readiness-governance-agent/metadata.json +39 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-defender-xdr-security-operations-agent/metadata.json +41 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-exchange-sharepoint-information-governance-agent/metadata.json +41 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/AGENT.md +64 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-identity-zero-trust-agent/metadata.json +39 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-intune-endpoint-management-agent/metadata.json +41 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-licensing-ea-optimization-agent/metadata.json +39 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/AGENT.md +60 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/PERMISSIONS.md +45 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/PREFLIGHT.md +39 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/ROLLBACK.md +38 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/claude-code.agent.md +59 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/copilot.agent.md +68 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/cursor.agent.md +59 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/gemini.agent.md +59 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/harnesses/kiro-ide.agent.md +59 -0
- package/agents/microsoft/m365-live-identity-posture-guard-agent/metadata.json +66 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/AGENT.md +79 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/PERMISSIONS.md +68 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/PREFLIGHT.md +76 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/ROLLBACK.md +86 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/claude-code.agent.md +60 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/copilot.agent.md +69 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/cursor.agent.md +60 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/gemini.agent.md +60 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/harnesses/kiro-ide.agent.md +60 -0
- package/agents/microsoft/m365-live-sensitivity-label-apply-guard-agent/metadata.json +67 -0
- package/agents/microsoft/m365-maestro-agent/AGENT.md +55 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/codex.toml +34 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-maestro-agent/metadata.json +38 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-purview-data-security-compliance-agent/metadata.json +41 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-teams-collaboration-governance-agent/metadata.json +40 -0
- package/agents/microsoft/m365-tenant-governance-agent/AGENT.md +63 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/m365-tenant-governance-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/m365-tenant-governance-agent/metadata.json +39 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/AGENT.md +64 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/microsoft-business-impact-value-realization-agent/metadata.json +39 -0
- package/agents/microsoft/microsoft-maestro-agent/AGENT.md +56 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/codex.toml +35 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/microsoft-maestro-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/microsoft-maestro-agent/metadata.json +38 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/AGENT.md +64 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/power-automate-automation-risk-review-agent/metadata.json +39 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/AGENT.md +64 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/copilot.agent.md +52 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/cursor.agent.md +41 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/gemini.agent.md +40 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/harnesses/kiro-ide.agent.md +39 -0
- package/agents/microsoft/power-platform-alm-pipelines-agent/metadata.json +41 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/AGENT.md +64 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/codex.toml +14 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/power-platform-governance-dataverse-security-agent/metadata.json +40 -0
- package/agents/microsoft/power-platform-maestro-agent/AGENT.md +55 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/codex.toml +34 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/copilot.agent.md +51 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/cursor.agent.md +40 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/gemini.agent.md +39 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/microsoft/power-platform-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/microsoft/power-platform-maestro-agent/metadata.json +39 -0
- package/agents/snowflake/README.md +87 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/AGENT.md +55 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/copilot.agent.md +51 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/cursor.agent.md +40 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/gemini.agent.md +39 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/snowflake/snowflake-data-platform-engineering-at-azure-agent/metadata.json +39 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/AGENT.md +72 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/PERMISSIONS.md +54 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/PREFLIGHT.md +82 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/ROLLBACK.md +45 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/claude-code.agent.md +61 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/copilot.agent.md +60 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/cursor.agent.md +61 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/gemini.agent.md +61 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/harnesses/kiro-ide.agent.md +61 -0
- package/agents/snowflake/snowflake-live-rbac-grant-guard-at-azure-agent/metadata.json +60 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/AGENT.md +55 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/codex.toml +14 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/copilot.agent.md +51 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/cursor.agent.md +40 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/gemini.agent.md +39 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/harnesses/kiro-ide.agent.md +38 -0
- package/agents/snowflake/snowflake-rbac-access-governance-at-azure-agent/metadata.json +39 -0
- package/catalog/agents.json +3829 -2566
- package/catalog/asset-integrity.json +9395 -6775
- package/catalog/install-roles.json +179 -7
- package/catalog/skill-manifest.json +2004 -227
- package/catalog/skills.json +3613 -1900
- package/package.json +2 -2
- package/plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json +1 -1
- package/powers/README.md +5 -2
- package/powers/vanguard-databricks/POWER.md +42 -0
- package/powers/vanguard-microsoft/POWER.md +45 -0
- package/powers/vanguard-snowflake/POWER.md +42 -0
- package/schemas/agent.schema.json +4 -1
- package/schemas/mcp-reference.schema.json +4 -1
- package/schemas/rule.schema.json +4 -1
- package/schemas/skill.schema.json +4 -1
- package/scripts/generate-docs-data.mjs +2 -0
- package/scripts/generate-kiro-powers.mjs +36 -0
- package/scripts/release-prepare.mjs +40 -0
- package/skills/cross-functional/audit-evidence-mapping-protocol/SKILL.md +92 -0
- package/skills/cross-functional/audit-evidence-mapping-protocol/metadata.json +20 -0
- package/skills/cross-functional/audit-evidence-mapping-protocol/references/workflow-and-output.md +194 -0
- package/skills/cross-functional/case-to-resolution-protocol/SKILL.md +120 -0
- package/skills/cross-functional/case-to-resolution-protocol/metadata.json +21 -0
- package/skills/cross-functional/case-to-resolution-protocol/references/workflow-and-output.md +197 -0
- package/skills/cross-functional/change-request-to-go-live-protocol/SKILL.md +101 -0
- package/skills/cross-functional/change-request-to-go-live-protocol/metadata.json +21 -0
- package/skills/cross-functional/close-to-report-protocol/SKILL.md +99 -0
- package/skills/cross-functional/close-to-report-protocol/metadata.json +19 -0
- package/skills/cross-functional/close-to-report-protocol/references/workflow-and-output.md +185 -0
- package/skills/cross-functional/copilot-data-readiness-protocol/SKILL.md +142 -0
- package/skills/cross-functional/copilot-data-readiness-protocol/metadata.json +21 -0
- package/skills/cross-functional/copilot-data-readiness-protocol/references/workflow-and-output.md +264 -0
- package/skills/cross-functional/data-classification-to-dlp-protocol/SKILL.md +95 -0
- package/skills/cross-functional/data-classification-to-dlp-protocol/metadata.json +20 -0
- package/skills/cross-functional/data-classification-to-dlp-protocol/references/workflow-and-output.md +211 -0
- package/skills/cross-functional/environment-to-production-release-protocol/SKILL.md +95 -0
- package/skills/cross-functional/environment-to-production-release-protocol/metadata.json +20 -0
- package/skills/cross-functional/environment-to-production-release-protocol/references/workflow-and-output.md +214 -0
- package/skills/cross-functional/erp-crm-cutover-protocol/SKILL.md +142 -0
- package/skills/cross-functional/erp-crm-cutover-protocol/metadata.json +21 -0
- package/skills/cross-functional/erp-crm-cutover-protocol/references/workflow-and-output.md +270 -0
- package/skills/cross-functional/field-service-to-cash-protocol/SKILL.md +99 -0
- package/skills/cross-functional/field-service-to-cash-protocol/metadata.json +19 -0
- package/skills/cross-functional/field-service-to-cash-protocol/references/workflow-and-output.md +206 -0
- package/skills/cross-functional/identity-to-data-access-protocol/SKILL.md +132 -0
- package/skills/cross-functional/identity-to-data-access-protocol/metadata.json +21 -0
- package/skills/cross-functional/identity-to-data-access-protocol/references/workflow-and-output.md +224 -0
- package/skills/cross-functional/incident-to-remediation-protocol/SKILL.md +94 -0
- package/skills/cross-functional/incident-to-remediation-protocol/metadata.json +20 -0
- package/skills/cross-functional/incident-to-remediation-protocol/references/workflow-and-output.md +200 -0
- package/skills/cross-functional/lead-to-cash-protocol/SKILL.md +96 -0
- package/skills/cross-functional/lead-to-cash-protocol/metadata.json +19 -0
- package/skills/cross-functional/lead-to-cash-protocol/references/workflow-and-output.md +166 -0
- package/skills/cross-functional/license-to-value-protocol/SKILL.md +142 -0
- package/skills/cross-functional/license-to-value-protocol/metadata.json +21 -0
- package/skills/cross-functional/license-to-value-protocol/references/workflow-and-output.md +283 -0
- package/skills/cross-functional/order-to-cash-protocol/SKILL.md +95 -0
- package/skills/cross-functional/order-to-cash-protocol/metadata.json +19 -0
- package/skills/cross-functional/order-to-cash-protocol/references/workflow-and-output.md +140 -0
- package/skills/cross-functional/procure-to-pay-protocol/SKILL.md +98 -0
- package/skills/cross-functional/procure-to-pay-protocol/metadata.json +19 -0
- package/skills/cross-functional/procure-to-pay-protocol/references/workflow-and-output.md +155 -0
- package/skills/databricks/databricks-lakehouse-engineering-at-azure/SKILL.md +56 -0
- package/skills/databricks/databricks-lakehouse-engineering-at-azure/metadata.json +28 -0
- package/skills/databricks/databricks-lakehouse-engineering-at-azure/references/official-sources.md +40 -0
- package/skills/databricks/databricks-lakehouse-engineering-at-azure/references/safety-checklist.md +26 -0
- package/skills/databricks/databricks-lakehouse-engineering-at-azure/references/workflow-and-output.md +64 -0
- package/skills/databricks/databricks-live-unity-catalog-grant-guard-at-azure/SKILL.md +144 -0
- package/skills/databricks/databricks-live-unity-catalog-grant-guard-at-azure/metadata.json +22 -0
- package/skills/databricks/databricks-unity-catalog-governance-at-azure/SKILL.md +56 -0
- package/skills/databricks/databricks-unity-catalog-governance-at-azure/metadata.json +28 -0
- package/skills/databricks/databricks-unity-catalog-governance-at-azure/references/official-sources.md +41 -0
- package/skills/databricks/databricks-unity-catalog-governance-at-azure/references/safety-checklist.md +26 -0
- package/skills/databricks/databricks-unity-catalog-governance-at-azure/references/workflow-and-output.md +64 -0
- package/skills/microsoft/copilot-governance-maestro/SKILL.md +65 -0
- package/skills/microsoft/copilot-governance-maestro/metadata.json +30 -0
- package/skills/microsoft/copilot-governance-maestro/references/official-sources.md +32 -0
- package/skills/microsoft/copilot-governance-maestro/references/routing-quality-and-safety.md +62 -0
- package/skills/microsoft/copilot-governance-maestro/references/safety-checklist.md +42 -0
- package/skills/microsoft/copilot-governance-maestro/references/workflow-and-output.md +78 -0
- package/skills/microsoft/copilot-studio-agent-governance-alm/SKILL.md +65 -0
- package/skills/microsoft/copilot-studio-agent-governance-alm/metadata.json +32 -0
- package/skills/microsoft/copilot-studio-agent-governance-alm/references/official-sources.md +21 -0
- package/skills/microsoft/copilot-studio-agent-governance-alm/references/safety-checklist.md +41 -0
- package/skills/microsoft/copilot-studio-agent-governance-alm/references/workflow-and-output.md +68 -0
- package/skills/microsoft/d365-commerce/SKILL.md +63 -0
- package/skills/microsoft/d365-commerce/metadata.json +30 -0
- package/skills/microsoft/d365-commerce/references/official-sources.md +25 -0
- package/skills/microsoft/d365-commerce/references/safety-checklist.md +35 -0
- package/skills/microsoft/d365-commerce/references/workflow-and-output.md +67 -0
- package/skills/microsoft/d365-customer-insights-journeys/SKILL.md +57 -0
- package/skills/microsoft/d365-customer-insights-journeys/metadata.json +32 -0
- package/skills/microsoft/d365-customer-insights-journeys/references/official-sources.md +46 -0
- package/skills/microsoft/d365-customer-insights-journeys/references/safety-checklist.md +41 -0
- package/skills/microsoft/d365-customer-insights-journeys/references/workflow-and-output.md +74 -0
- package/skills/microsoft/d365-customer-service-contact-center/SKILL.md +62 -0
- package/skills/microsoft/d365-customer-service-contact-center/metadata.json +30 -0
- package/skills/microsoft/d365-customer-service-contact-center/references/official-sources.md +25 -0
- package/skills/microsoft/d365-customer-service-contact-center/references/safety-checklist.md +34 -0
- package/skills/microsoft/d365-customer-service-contact-center/references/workflow-and-output.md +66 -0
- package/skills/microsoft/d365-data-migration-cutover/SKILL.md +58 -0
- package/skills/microsoft/d365-data-migration-cutover/metadata.json +32 -0
- package/skills/microsoft/d365-data-migration-cutover/references/data-migration-cutover-guide.md +76 -0
- package/skills/microsoft/d365-data-migration-cutover/references/official-sources.md +51 -0
- package/skills/microsoft/d365-data-migration-cutover/references/safety-checklist.md +40 -0
- package/skills/microsoft/d365-data-migration-cutover/references/workflow-and-output.md +72 -0
- package/skills/microsoft/d365-field-service-to-cash/SKILL.md +63 -0
- package/skills/microsoft/d365-field-service-to-cash/metadata.json +30 -0
- package/skills/microsoft/d365-field-service-to-cash/references/official-sources.md +21 -0
- package/skills/microsoft/d365-field-service-to-cash/references/safety-checklist.md +35 -0
- package/skills/microsoft/d365-field-service-to-cash/references/workflow-and-output.md +66 -0
- package/skills/microsoft/d365-finance-close-to-report/SKILL.md +59 -0
- package/skills/microsoft/d365-finance-close-to-report/metadata.json +30 -0
- package/skills/microsoft/d365-finance-close-to-report/references/financial-close-controls-guide.md +79 -0
- package/skills/microsoft/d365-finance-close-to-report/references/official-sources.md +45 -0
- package/skills/microsoft/d365-finance-close-to-report/references/safety-checklist.md +39 -0
- package/skills/microsoft/d365-finance-close-to-report/references/workflow-and-output.md +71 -0
- package/skills/microsoft/d365-fno-developer-extension/SKILL.md +58 -0
- package/skills/microsoft/d365-fno-developer-extension/metadata.json +31 -0
- package/skills/microsoft/d365-fno-developer-extension/references/official-sources.md +44 -0
- package/skills/microsoft/d365-fno-developer-extension/references/safety-checklist.md +42 -0
- package/skills/microsoft/d365-fno-developer-extension/references/workflow-and-output.md +74 -0
- package/skills/microsoft/d365-integration-dual-write/SKILL.md +58 -0
- package/skills/microsoft/d365-integration-dual-write/metadata.json +31 -0
- package/skills/microsoft/d365-integration-dual-write/references/official-sources.md +48 -0
- package/skills/microsoft/d365-integration-dual-write/references/safety-checklist.md +41 -0
- package/skills/microsoft/d365-integration-dual-write/references/workflow-and-output.md +75 -0
- package/skills/microsoft/d365-live-record-field-update-guard/SKILL.md +170 -0
- package/skills/microsoft/d365-live-record-field-update-guard/metadata.json +22 -0
- package/skills/microsoft/d365-live-security-role-guard/SKILL.md +100 -0
- package/skills/microsoft/d365-live-security-role-guard/metadata.json +22 -0
- package/skills/microsoft/d365-maestro/SKILL.md +52 -0
- package/skills/microsoft/d365-maestro/metadata.json +30 -0
- package/skills/microsoft/d365-maestro/references/official-sources.md +29 -0
- package/skills/microsoft/d365-maestro/references/routing-quality-and-safety.md +73 -0
- package/skills/microsoft/d365-maestro/references/safety-checklist.md +65 -0
- package/skills/microsoft/d365-maestro/references/workflow-and-output.md +95 -0
- package/skills/microsoft/d365-project-operations/SKILL.md +63 -0
- package/skills/microsoft/d365-project-operations/metadata.json +30 -0
- package/skills/microsoft/d365-project-operations/references/official-sources.md +25 -0
- package/skills/microsoft/d365-project-operations/references/safety-checklist.md +35 -0
- package/skills/microsoft/d365-project-operations/references/workflow-and-output.md +67 -0
- package/skills/microsoft/d365-sales-revenue-operations/SKILL.md +59 -0
- package/skills/microsoft/d365-sales-revenue-operations/metadata.json +30 -0
- package/skills/microsoft/d365-sales-revenue-operations/references/official-sources.md +47 -0
- package/skills/microsoft/d365-sales-revenue-operations/references/revenue-operations-domain-guide.md +71 -0
- package/skills/microsoft/d365-sales-revenue-operations/references/safety-checklist.md +37 -0
- package/skills/microsoft/d365-sales-revenue-operations/references/workflow-and-output.md +67 -0
- package/skills/microsoft/d365-security-sod-governance/SKILL.md +57 -0
- package/skills/microsoft/d365-security-sod-governance/metadata.json +30 -0
- package/skills/microsoft/d365-security-sod-governance/references/official-sources.md +43 -0
- package/skills/microsoft/d365-security-sod-governance/references/safety-checklist.md +36 -0
- package/skills/microsoft/d365-security-sod-governance/references/sod-role-design-guide.md +72 -0
- package/skills/microsoft/d365-security-sod-governance/references/workflow-and-output.md +67 -0
- package/skills/microsoft/d365-success-by-design-governance/SKILL.md +58 -0
- package/skills/microsoft/d365-success-by-design-governance/metadata.json +32 -0
- package/skills/microsoft/d365-success-by-design-governance/references/implementation-governance-guide.md +77 -0
- package/skills/microsoft/d365-success-by-design-governance/references/official-sources.md +51 -0
- package/skills/microsoft/d365-success-by-design-governance/references/safety-checklist.md +38 -0
- package/skills/microsoft/d365-success-by-design-governance/references/workflow-and-output.md +70 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/SKILL.md +59 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/metadata.json +30 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/references/official-sources.md +46 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/references/planning-and-production-guide.md +80 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/references/safety-checklist.md +38 -0
- package/skills/microsoft/d365-supply-chain-plan-to-produce/references/workflow-and-output.md +71 -0
- package/skills/microsoft/fabric-analytics-engineering/SKILL.md +60 -0
- package/skills/microsoft/fabric-analytics-engineering/metadata.json +30 -0
- package/skills/microsoft/fabric-analytics-engineering/references/official-sources.md +17 -0
- package/skills/microsoft/fabric-analytics-engineering/references/safety-checklist.md +35 -0
- package/skills/microsoft/fabric-analytics-engineering/references/workflow-and-output.md +65 -0
- package/skills/microsoft/fabric-data-engineering/SKILL.md +63 -0
- package/skills/microsoft/fabric-data-engineering/metadata.json +30 -0
- package/skills/microsoft/fabric-data-engineering/references/official-sources.md +17 -0
- package/skills/microsoft/fabric-data-engineering/references/safety-checklist.md +37 -0
- package/skills/microsoft/fabric-data-engineering/references/workflow-and-output.md +67 -0
- package/skills/microsoft/fabric-power-bi-business-insights-governance/SKILL.md +61 -0
- package/skills/microsoft/fabric-power-bi-business-insights-governance/metadata.json +30 -0
- package/skills/microsoft/fabric-power-bi-business-insights-governance/references/official-sources.md +17 -0
- package/skills/microsoft/fabric-power-bi-business-insights-governance/references/safety-checklist.md +35 -0
- package/skills/microsoft/fabric-power-bi-business-insights-governance/references/workflow-and-output.md +65 -0
- package/skills/microsoft/m365-backup-bcdr-data-resilience/SKILL.md +57 -0
- package/skills/microsoft/m365-backup-bcdr-data-resilience/metadata.json +30 -0
- package/skills/microsoft/m365-backup-bcdr-data-resilience/references/official-sources.md +66 -0
- package/skills/microsoft/m365-backup-bcdr-data-resilience/references/safety-checklist.md +38 -0
- package/skills/microsoft/m365-backup-bcdr-data-resilience/references/workflow-and-output.md +66 -0
- package/skills/microsoft/m365-copilot-readiness-governance/SKILL.md +58 -0
- package/skills/microsoft/m365-copilot-readiness-governance/metadata.json +30 -0
- package/skills/microsoft/m365-copilot-readiness-governance/references/copilot-governance-domain.md +66 -0
- package/skills/microsoft/m365-copilot-readiness-governance/references/official-sources.md +59 -0
- package/skills/microsoft/m365-copilot-readiness-governance/references/safety-checklist.md +38 -0
- package/skills/microsoft/m365-copilot-readiness-governance/references/workflow-and-output.md +67 -0
- package/skills/microsoft/m365-defender-xdr-security-operations/SKILL.md +62 -0
- package/skills/microsoft/m365-defender-xdr-security-operations/metadata.json +32 -0
- package/skills/microsoft/m365-defender-xdr-security-operations/references/official-sources.md +79 -0
- package/skills/microsoft/m365-defender-xdr-security-operations/references/safety-checklist.md +44 -0
- package/skills/microsoft/m365-defender-xdr-security-operations/references/workflow-and-output.md +66 -0
- package/skills/microsoft/m365-exchange-sharepoint-information-governance/SKILL.md +57 -0
- package/skills/microsoft/m365-exchange-sharepoint-information-governance/metadata.json +32 -0
- package/skills/microsoft/m365-exchange-sharepoint-information-governance/references/official-sources.md +64 -0
- package/skills/microsoft/m365-exchange-sharepoint-information-governance/references/safety-checklist.md +40 -0
- package/skills/microsoft/m365-exchange-sharepoint-information-governance/references/workflow-and-output.md +66 -0
- package/skills/microsoft/m365-identity-zero-trust/SKILL.md +58 -0
- package/skills/microsoft/m365-identity-zero-trust/metadata.json +30 -0
- package/skills/microsoft/m365-identity-zero-trust/references/identity-zero-trust-domain.md +67 -0
- package/skills/microsoft/m365-identity-zero-trust/references/official-sources.md +64 -0
- package/skills/microsoft/m365-identity-zero-trust/references/safety-checklist.md +38 -0
- package/skills/microsoft/m365-identity-zero-trust/references/workflow-and-output.md +65 -0
- package/skills/microsoft/m365-intune-endpoint-management/SKILL.md +59 -0
- package/skills/microsoft/m365-intune-endpoint-management/metadata.json +32 -0
- package/skills/microsoft/m365-intune-endpoint-management/references/official-sources.md +66 -0
- package/skills/microsoft/m365-intune-endpoint-management/references/safety-checklist.md +39 -0
- package/skills/microsoft/m365-intune-endpoint-management/references/workflow-and-output.md +67 -0
- package/skills/microsoft/m365-licensing-ea-optimization/SKILL.md +57 -0
- package/skills/microsoft/m365-licensing-ea-optimization/metadata.json +30 -0
- package/skills/microsoft/m365-licensing-ea-optimization/references/official-sources.md +67 -0
- package/skills/microsoft/m365-licensing-ea-optimization/references/safety-checklist.md +39 -0
- package/skills/microsoft/m365-licensing-ea-optimization/references/workflow-and-output.md +68 -0
- package/skills/microsoft/m365-live-identity-posture-guard/SKILL.md +101 -0
- package/skills/microsoft/m365-live-identity-posture-guard/metadata.json +22 -0
- package/skills/microsoft/m365-live-sensitivity-label-apply-guard/SKILL.md +181 -0
- package/skills/microsoft/m365-live-sensitivity-label-apply-guard/metadata.json +22 -0
- package/skills/microsoft/m365-maestro/SKILL.md +51 -0
- package/skills/microsoft/m365-maestro/metadata.json +30 -0
- package/skills/microsoft/m365-maestro/references/official-sources.md +28 -0
- package/skills/microsoft/m365-maestro/references/routing-quality-and-safety.md +66 -0
- package/skills/microsoft/m365-maestro/references/safety-checklist.md +43 -0
- package/skills/microsoft/m365-maestro/references/workflow-and-output.md +78 -0
- package/skills/microsoft/m365-purview-data-security-compliance/SKILL.md +57 -0
- package/skills/microsoft/m365-purview-data-security-compliance/metadata.json +32 -0
- package/skills/microsoft/m365-purview-data-security-compliance/references/official-sources.md +81 -0
- package/skills/microsoft/m365-purview-data-security-compliance/references/safety-checklist.md +42 -0
- package/skills/microsoft/m365-purview-data-security-compliance/references/workflow-and-output.md +65 -0
- package/skills/microsoft/m365-teams-collaboration-governance/SKILL.md +58 -0
- package/skills/microsoft/m365-teams-collaboration-governance/metadata.json +31 -0
- package/skills/microsoft/m365-teams-collaboration-governance/references/official-sources.md +66 -0
- package/skills/microsoft/m365-teams-collaboration-governance/references/safety-checklist.md +39 -0
- package/skills/microsoft/m365-teams-collaboration-governance/references/workflow-and-output.md +66 -0
- package/skills/microsoft/m365-tenant-governance/SKILL.md +57 -0
- package/skills/microsoft/m365-tenant-governance/metadata.json +30 -0
- package/skills/microsoft/m365-tenant-governance/references/official-sources.md +66 -0
- package/skills/microsoft/m365-tenant-governance/references/safety-checklist.md +38 -0
- package/skills/microsoft/m365-tenant-governance/references/workflow-and-output.md +66 -0
- package/skills/microsoft/microsoft-business-impact-value-realization/SKILL.md +60 -0
- package/skills/microsoft/microsoft-business-impact-value-realization/metadata.json +30 -0
- package/skills/microsoft/microsoft-business-impact-value-realization/references/official-sources.md +17 -0
- package/skills/microsoft/microsoft-business-impact-value-realization/references/safety-checklist.md +31 -0
- package/skills/microsoft/microsoft-business-impact-value-realization/references/workflow-and-output.md +65 -0
- package/skills/microsoft/microsoft-maestro/SKILL.md +53 -0
- package/skills/microsoft/microsoft-maestro/metadata.json +30 -0
- package/skills/microsoft/microsoft-maestro/references/official-sources.md +30 -0
- package/skills/microsoft/microsoft-maestro/references/routing-quality-and-safety.md +67 -0
- package/skills/microsoft/microsoft-maestro/references/safety-checklist.md +53 -0
- package/skills/microsoft/microsoft-maestro/references/workflow-and-output.md +70 -0
- package/skills/microsoft/power-automate-automation-risk-review/SKILL.md +62 -0
- package/skills/microsoft/power-automate-automation-risk-review/metadata.json +30 -0
- package/skills/microsoft/power-automate-automation-risk-review/references/official-sources.md +17 -0
- package/skills/microsoft/power-automate-automation-risk-review/references/safety-checklist.md +35 -0
- package/skills/microsoft/power-automate-automation-risk-review/references/workflow-and-output.md +66 -0
- package/skills/microsoft/power-platform-alm-pipelines/SKILL.md +64 -0
- package/skills/microsoft/power-platform-alm-pipelines/metadata.json +31 -0
- package/skills/microsoft/power-platform-alm-pipelines/references/official-sources.md +22 -0
- package/skills/microsoft/power-platform-alm-pipelines/references/safety-checklist.md +40 -0
- package/skills/microsoft/power-platform-alm-pipelines/references/workflow-and-output.md +68 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/SKILL.md +58 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/metadata.json +31 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/references/dataverse-dlp-domain-guide.md +73 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/references/official-sources.md +31 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/references/safety-checklist.md +36 -0
- package/skills/microsoft/power-platform-governance-dataverse-security/references/workflow-and-output.md +67 -0
- package/skills/microsoft/power-platform-maestro/SKILL.md +51 -0
- package/skills/microsoft/power-platform-maestro/metadata.json +30 -0
- package/skills/microsoft/power-platform-maestro/references/official-sources.md +32 -0
- package/skills/microsoft/power-platform-maestro/references/routing-quality-and-safety.md +61 -0
- package/skills/microsoft/power-platform-maestro/references/safety-checklist.md +42 -0
- package/skills/microsoft/power-platform-maestro/references/workflow-and-output.md +86 -0
- package/skills/snowflake/snowflake-data-platform-engineering-at-azure/SKILL.md +66 -0
- package/skills/snowflake/snowflake-data-platform-engineering-at-azure/metadata.json +29 -0
- package/skills/snowflake/snowflake-data-platform-engineering-at-azure/references/official-sources.md +32 -0
- package/skills/snowflake/snowflake-data-platform-engineering-at-azure/references/safety-checklist.md +26 -0
- package/skills/snowflake/snowflake-data-platform-engineering-at-azure/references/workflow-and-output.md +63 -0
- package/skills/snowflake/snowflake-live-rbac-grant-guard-at-azure/SKILL.md +148 -0
- package/skills/snowflake/snowflake-live-rbac-grant-guard-at-azure/metadata.json +22 -0
- package/skills/snowflake/snowflake-rbac-access-governance-at-azure/SKILL.md +71 -0
- package/skills/snowflake/snowflake-rbac-access-governance-at-azure/metadata.json +29 -0
- package/skills/snowflake/snowflake-rbac-access-governance-at-azure/references/official-sources.md +33 -0
- package/skills/snowflake/snowflake-rbac-access-governance-at-azure/references/safety-checklist.md +26 -0
- package/skills/snowflake/snowflake-rbac-access-governance-at-azure/references/workflow-and-output.md +61 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/001-happy-business-impact-value-realization.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/002-happy-copilot-governance-maestro.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/003-happy-copilot-studio-agent-governance-alm.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/004-happy-d365-commerce.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/005-happy-d365-customer-insights-journeys.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/006-happy-d365-customer-service-contact-center.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/007-happy-d365-data-migration-cutover.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/008-happy-d365-field-service-to-cash.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/009-happy-d365-finance-close-to-report.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/010-happy-d365-fno-developer-extension.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/011-happy-d365-integration-dual-write.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/012-happy-d365-maestro.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/013-happy-d365-project-operations.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/014-happy-d365-sales-revenue-operations.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/015-happy-d365-security-sod-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/016-happy-d365-success-by-design-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/017-happy-d365-supply-chain-plan-to-produce.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/018-happy-fabric-analytics-engineering.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/019-happy-fabric-data-engineering.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/020-happy-fabric-power-bi-business-insights-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/021-happy-m365-backup-bcdr-data-resilience.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/022-happy-m365-copilot-readiness-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/023-happy-m365-defender-xdr-security-operations.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/024-happy-m365-exchange-sharepoint-information-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/025-happy-m365-identity-zero-trust.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/026-happy-m365-intune-endpoint-management.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/027-happy-m365-licensing-ea-optimization.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/028-happy-m365-maestro.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/029-happy-m365-purview-data-security-compliance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/030-happy-m365-teams-collaboration-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/031-happy-m365-tenant-governance.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/032-happy-power-automate-automation-risk-review.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/033-happy-power-platform-alm-pipelines.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/034-happy-power-platform-governance-dataverse-security.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/035-happy-power-platform-maestro.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-ambiguous.json +4 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-instruction-injection.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-liveguard-01-d365-live-record-field-update-guard.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-liveguard-02-d365-live-security-role-guard.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-liveguard-03-m365-live-identity-posture-guard.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-liveguard-04-m365-live-sensitivity-label-apply-guard.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-persona-replacement.json +9 -0
- package/tests/fixtures/microsoft-maestro-routing/expected/adv-secrets-bait.json +6 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/001-happy-business-impact-value-realization.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/002-happy-copilot-governance-maestro.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/003-happy-copilot-studio-agent-governance-alm.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/004-happy-d365-commerce.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/005-happy-d365-customer-insights-journeys.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/006-happy-d365-customer-service-contact-center.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/007-happy-d365-data-migration-cutover.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/008-happy-d365-field-service-to-cash.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/009-happy-d365-finance-close-to-report.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/010-happy-d365-fno-developer-extension.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/011-happy-d365-integration-dual-write.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/012-happy-d365-maestro.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/013-happy-d365-project-operations.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/014-happy-d365-sales-revenue-operations.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/015-happy-d365-security-sod-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/016-happy-d365-success-by-design-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/017-happy-d365-supply-chain-plan-to-produce.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/018-happy-fabric-analytics-engineering.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/019-happy-fabric-data-engineering.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/020-happy-fabric-power-bi-business-insights-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/021-happy-m365-backup-bcdr-data-resilience.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/022-happy-m365-copilot-readiness-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/023-happy-m365-defender-xdr-security-operations.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/024-happy-m365-exchange-sharepoint-information-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/025-happy-m365-identity-zero-trust.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/026-happy-m365-intune-endpoint-management.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/027-happy-m365-licensing-ea-optimization.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/028-happy-m365-maestro.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/029-happy-m365-purview-data-security-compliance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/030-happy-m365-teams-collaboration-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/031-happy-m365-tenant-governance.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/032-happy-power-automate-automation-risk-review.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/033-happy-power-platform-alm-pipelines.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/034-happy-power-platform-governance-dataverse-security.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/035-happy-power-platform-maestro.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-ambiguous.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-instruction-injection.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-liveguard-01-d365-live-record-field-update-guard.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-liveguard-02-d365-live-security-role-guard.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-liveguard-03-m365-live-identity-posture-guard.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-liveguard-04-m365-live-sensitivity-label-apply-guard.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-persona-replacement.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/inputs/adv-secrets-bait.json +7 -0
- package/tests/fixtures/microsoft-maestro-routing/taxonomy.json +467 -0
- package/tests/test-vfa-export-coverage.test.mjs +136 -0
- package/tests/validate-catalog.py +3 -0
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: m365-teams-collaboration-governance
|
|
3
|
+
description: Review and advise on Microsoft Teams collaboration and communications governance covering Teams and Microsoft 365 group lifecycle and sprawl, external access and guest sharing controls, sensitivity labels on Teams and groups, meeting and messaging policies, phone and voice governance, and app permission policies. Cert anchor MS-700 Teams Administrator. Static review and advisory only; tenant-wide external-access or sharing-policy changes are live-guard gated. Refuses to weaken guest sharing or external access controls for convenience.
|
|
4
|
+
allowed-tools: Read Grep Glob
|
|
5
|
+
metadata:
|
|
6
|
+
author: "github: Raishin"
|
|
7
|
+
version: "0.1.0"
|
|
8
|
+
updated: "2026-06-17"
|
|
9
|
+
category: platform
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Microsoft 365 Teams Collaboration Governance
|
|
13
|
+
|
|
14
|
+
## Purpose
|
|
15
|
+
|
|
16
|
+
Act as the Microsoft Teams governance reviewer who treats every unchecked team, every unenforced expiration policy, every open guest sharing setting, and every unreviewed external user as a future data sprawl or compliance incident until proven otherwise. Governance is not a one-time setup — it is an ongoing operational discipline.
|
|
17
|
+
|
|
18
|
+
## When to use
|
|
19
|
+
|
|
20
|
+
Use this skill for:
|
|
21
|
+
|
|
22
|
+
- Teams and Microsoft 365 group lifecycle review — team creation controls, naming policies, expiration policies, archival, deletion, and restore procedures
|
|
23
|
+
- Sprawl control — ownerless teams, inactive teams, excessive team count, and group creation restriction governance
|
|
24
|
+
- External access and guest sharing — tenant-wide external access settings, guest access per team, B2B collaboration configuration, cross-tenant access policies, and external user lifecycle
|
|
25
|
+
- Sensitivity labels on Teams and Microsoft 365 groups — privacy settings, external user access control, external sharing from labeled sites, and Conditional Access for labeled containers
|
|
26
|
+
- Meeting policies — meeting recording, lobby controls, who can present, watermarking, end-to-end encryption, meeting templates, and sensitivity label enforcement for meetings
|
|
27
|
+
- Messaging policies — chat, external chat, read receipts, and content moderation settings
|
|
28
|
+
- App permission policies — org-wide app settings, app permission policies by user group, custom app governance, and third-party app trust boundaries
|
|
29
|
+
- Phone and voice governance — calling policies, call park, call queues, auto attendants, and emergency calling configuration review
|
|
30
|
+
- Information barriers — policy review for regulatory-required communication restrictions between segments
|
|
31
|
+
|
|
32
|
+
## Lean operating rules
|
|
33
|
+
|
|
34
|
+
- Prefer current Microsoft Learn documentation for service behavior. Use facts in `references/official-sources.md` as starting anchors; when the user has configured read-only Teams admin or Microsoft Graph MCP access, use exposed read-only tools for current-state evidence instead of guessing.
|
|
35
|
+
- Separate confirmed facts from inference. If state was not queried or shown, say so.
|
|
36
|
+
- Refuse to recommend weakening tenant-wide external access or guest sharing policies for delivery pressure, user convenience, or broad exceptions. State this refusal plainly.
|
|
37
|
+
- Challenge unchecked team sprawl, missing expiration policies, guest access without review cadence, overly permissive app permission policies, and sensitivity label gaps on sensitive Teams.
|
|
38
|
+
- Keep the answer scoped, reversible, least-privilege, and explicit about blockers or unknowns.
|
|
39
|
+
- Load references only when needed; do not pull all deep guidance into short answers.
|
|
40
|
+
- Never ask for secrets, tenant IDs, admin credentials, client secrets, certificates, or customer data.
|
|
41
|
+
|
|
42
|
+
## References
|
|
43
|
+
|
|
44
|
+
Load these only when needed:
|
|
45
|
+
|
|
46
|
+
- [Workflow and output contract](references/workflow-and-output.md) — use when executing a full Teams governance review or formatting the final review.
|
|
47
|
+
- [Safety checklist](references/safety-checklist.md) — use before any recommendation that changes external access settings, sensitivity label policies, meeting policies, or app permission policies.
|
|
48
|
+
- [Official sources](references/official-sources.md) — use when grounding Teams governance, lifecycle, guest access, sensitivity labels, or meeting policy service behavior, or checking the detailed source list.
|
|
49
|
+
|
|
50
|
+
## Response minimum
|
|
51
|
+
|
|
52
|
+
Return, at minimum:
|
|
53
|
+
|
|
54
|
+
- the scoped target and evidence level,
|
|
55
|
+
- the governance control(s) implicated and the main risks or gaps,
|
|
56
|
+
- the safest next actions,
|
|
57
|
+
- validation or rollback notes where relevant,
|
|
58
|
+
- the assumptions or blockers that prevent stronger conclusions.
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "m365-teams-collaboration-governance",
|
|
3
|
+
"name": "Microsoft 365 Teams Collaboration Governance",
|
|
4
|
+
"type": "skill",
|
|
5
|
+
"provider": "microsoft",
|
|
6
|
+
"harnesses": [
|
|
7
|
+
"codex",
|
|
8
|
+
"claude-code",
|
|
9
|
+
"cursor",
|
|
10
|
+
"gemini",
|
|
11
|
+
"kiro",
|
|
12
|
+
"other"
|
|
13
|
+
],
|
|
14
|
+
"summary": "Review and advise on Microsoft Teams collaboration and communications governance covering Teams and Microsoft 365 group lifecycle and sprawl, external access and guest sharing controls, sensitivity labels on Teams and groups, meeting and messaging policies, phone and voice governance, and app permission policies. Cert anchor MS-700 Teams Administrator. Static review and advisory only; tenant-wide external-access or sharing-policy changes are live-guard gated and require explicit human confirmation. Refuses to weaken guest sharing or external access controls for convenience.",
|
|
15
|
+
"source_type": "original",
|
|
16
|
+
"official_docs": [
|
|
17
|
+
"https://learn.microsoft.com/microsoftteams/plan-teams-governance",
|
|
18
|
+
"https://learn.microsoft.com/microsoftteams/plan-teams-lifecycle",
|
|
19
|
+
"https://learn.microsoft.com/microsoftteams/guest-access",
|
|
20
|
+
"https://learn.microsoft.com/purview/sensitivity-labels-teams-groups-sites",
|
|
21
|
+
"https://learn.microsoft.com/microsoftteams/meeting-templates-sensitivity-labels-policies",
|
|
22
|
+
"https://learn.microsoft.com/credentials/certifications/resources/study-guides/ms-700"
|
|
23
|
+
],
|
|
24
|
+
"security_notes": "Never recommend weakening tenant-wide external access or guest sharing policies for convenience, delivery pressure, or broad exceptions. Tenant-wide external-access or sharing-policy changes, sensitivity label publishing changes affecting Teams, and phone system or voice routing configuration changes are live-guard gated and require explicit human confirmation, blast-radius assessment, and rollback path. Do not request secrets, tenant IDs, admin credentials, client secrets, certificates, or customer data. Label all findings as live evidence, repo evidence, user-provided sanitized evidence, documentation-based, or inference. Challenge unchecked Teams sprawl, missing expiration policies, guest access without review cadence, and overly permissive app permission policies.",
|
|
25
|
+
"last_verified": "2026-06-17",
|
|
26
|
+
"path": "skills/microsoft/m365-teams-collaboration-governance",
|
|
27
|
+
"author": "github: Raishin",
|
|
28
|
+
"version": "0.1.0",
|
|
29
|
+
"category": "platform",
|
|
30
|
+
"companion_agents": ["m365-teams-collaboration-governance-agent"]
|
|
31
|
+
}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
# Official sources
|
|
2
|
+
|
|
3
|
+
Use this reference only when you need source grounding for Microsoft Teams governance, lifecycle management, external access, guest sharing, sensitivity labels on Teams and groups, meeting policies, messaging policies, app permission policies, or phone and voice governance service behavior.
|
|
4
|
+
|
|
5
|
+
## Microsoft documentation
|
|
6
|
+
|
|
7
|
+
Use these as starting points, not as proof of the user's live Teams tenant state:
|
|
8
|
+
|
|
9
|
+
- https://learn.microsoft.com/microsoftteams/plan-teams-governance
|
|
10
|
+
- https://learn.microsoft.com/microsoftteams/plan-teams-lifecycle
|
|
11
|
+
- https://learn.microsoft.com/microsoftteams/guest-access
|
|
12
|
+
- https://learn.microsoft.com/purview/sensitivity-labels-teams-groups-sites
|
|
13
|
+
- https://learn.microsoft.com/purview/sensitivity-labels-meetings
|
|
14
|
+
- https://learn.microsoft.com/microsoftteams/meeting-templates-sensitivity-labels-policies
|
|
15
|
+
- https://learn.microsoft.com/microsoftteams/configure-meetings-three-tiers-protection
|
|
16
|
+
- https://learn.microsoft.com/entra/id-governance/entitlement-management-access-package-manage-lifecycle
|
|
17
|
+
- https://learn.microsoft.com/credentials/certifications/resources/study-guides/ms-700
|
|
18
|
+
|
|
19
|
+
## Grounding rule
|
|
20
|
+
|
|
21
|
+
Official documentation explains Microsoft Teams and Microsoft 365 group governance service behavior. It does not prove the user's current Teams external access settings, guest sharing policies, sensitivity label assignments on teams, meeting policy configurations, app permission policy assignments, or expiration policy enforcement. Prefer read-only Teams admin center evidence, Microsoft Graph read output, repository evidence, or sanitized user-provided evidence for current-state claims.
|
|
22
|
+
|
|
23
|
+
## Current documentation refresh (2026-06-17)
|
|
24
|
+
|
|
25
|
+
Key service facts from official Microsoft Learn documentation:
|
|
26
|
+
|
|
27
|
+
**Teams governance (per learn.microsoft.com/microsoftteams/plan-teams-governance):**
|
|
28
|
+
- Group and team creation controls: restrict creation to specific security groups, enforce naming policies (prefixes/suffixes, blocked words), require classification or sensitivity labels
|
|
29
|
+
- Expiration policies for Microsoft 365 groups — automatic renewal by active owners or deletion after inactivity period
|
|
30
|
+
- Archival and deletion — archived teams remain readable but not writable; deleted teams are recoverable for 30 days
|
|
31
|
+
- Guest access — per-tenant and per-team controls; guests can be added by team owners unless restricted
|
|
32
|
+
|
|
33
|
+
**Teams lifecycle (per learn.microsoft.com/microsoftteams/plan-teams-lifecycle):**
|
|
34
|
+
- Lifecycle roles: team owner (up to 100 per team), team member, guest (external email invited)
|
|
35
|
+
- Governance decisions before rollout: naming conventions, expiration policies, retention policies, guest access policy
|
|
36
|
+
- Microsoft Entra access reviews for groups with guest members — deny blocked from sign-in then account deleted after 30 days inactivity
|
|
37
|
+
|
|
38
|
+
**Guest access (per learn.microsoft.com/microsoftteams/guest-access):**
|
|
39
|
+
- Tenant-wide guest access toggle in Teams admin center — overrides per-team settings
|
|
40
|
+
- Guest capabilities: participate in channels, meetings, and chat; cannot access admin features or create teams
|
|
41
|
+
- Microsoft Entra entitlement management governs structured guest lifecycle — governed vs. ungoverned guest accounts
|
|
42
|
+
- Ungoverned guests remain in tenant indefinitely after last access package assignment expires unless explicitly removed
|
|
43
|
+
|
|
44
|
+
**Sensitivity labels on Teams and groups (per learn.microsoft.com/purview/sensitivity-labels-teams-groups-sites):**
|
|
45
|
+
- Labels can enforce: privacy (public/private), external user access, external sharing from labeled SharePoint sites, Conditional Access for labeled sites, private team discoverability, channel sharing controls
|
|
46
|
+
- Labels must be enabled for containers in Microsoft Purview before they appear in Teams group creation
|
|
47
|
+
- Channel meeting labels inherit from the group/site label when configured
|
|
48
|
+
|
|
49
|
+
**Meeting policies and sensitivity labels (per learn.microsoft.com/microsoftteams/meeting-templates-sensitivity-labels-policies):**
|
|
50
|
+
- Admin policies determine feature availability; sensitivity labels can enforce features even if admin policy is off
|
|
51
|
+
- Templates offer per-meeting flexibility within admin policy constraints; labels enforce specific settings
|
|
52
|
+
- End-to-end encryption, watermarking, and automatic recording can be enforced by sensitivity labels
|
|
53
|
+
- Three protection tiers: baseline, sensitive, highly sensitive — each with meeting template and label configuration
|
|
54
|
+
|
|
55
|
+
**Common failure modes:**
|
|
56
|
+
- No expiration policy on Microsoft 365 groups — teams accumulate indefinitely with no ownership verification
|
|
57
|
+
- Tenant-wide guest access enabled but no per-team review cadence for guest memberships
|
|
58
|
+
- Sensitivity labels not enabled for containers — no label governance on Teams or SharePoint sites
|
|
59
|
+
- App permission policies set to "Allow all apps" globally — no third-party app trust boundary
|
|
60
|
+
- Phone system configured without calling policy review — emergency calling not validated for all users
|
|
61
|
+
- Information barriers not implemented in regulated industries requiring communication segment restrictions
|
|
62
|
+
|
|
63
|
+
Review implications:
|
|
64
|
+
- Do not approve tenant-wide external access changes without blast-radius assessment and staged rollout.
|
|
65
|
+
- Guest access policies require both technical controls and periodic access review cadence to be effective.
|
|
66
|
+
- Documentation cannot prove the user's actual Teams external access settings, expiration policy coverage, or sensitivity label deployment state.
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
# Safety checklist
|
|
2
|
+
|
|
3
|
+
Use this reference before any recommendation that changes Teams external access settings, guest sharing policies, sensitivity label publishing policies affecting Teams, meeting policies, app permission policies, phone system configuration, or information barrier policies.
|
|
4
|
+
|
|
5
|
+
## Non-negotiables
|
|
6
|
+
|
|
7
|
+
- Never recommend weakening tenant-wide external access or guest sharing policies for convenience, deadline pressure, or broad exceptions without compensating controls and access review cadence. State this refusal plainly.
|
|
8
|
+
- Never ask users to paste secrets, admin credentials, tenant IDs, client secrets, certificates, private keys, or customer data into chat.
|
|
9
|
+
- Use read-only Teams admin center evidence or Microsoft Graph read evidence for live state when available; otherwise use repository evidence, sanitized user evidence, or official documentation and label the evidence level.
|
|
10
|
+
- Do not invent Teams external access settings, expiration policy coverage, guest access states, sensitivity label deployment, meeting policy configurations, or app permission policy assignments.
|
|
11
|
+
- Require explicit user approval before recommending tenant-wide external access changes, sensitivity label publishing policy changes affecting Teams, meeting policy changes with security implications, or app permission policy modifications.
|
|
12
|
+
- Keep remediation least-privilege, reversible, staged (pilot group before org-wide), and scoped to the requested Teams policy boundary.
|
|
13
|
+
- Treat any tenant with guest access enabled but no expiration policies or access review cadence as medium-high risk for guest sprawl.
|
|
14
|
+
- Treat any sensitive team (finance, legal, executive, HR) without a sensitivity label enforcing privacy and external user access control as a governance gap.
|
|
15
|
+
|
|
16
|
+
## Stress checks
|
|
17
|
+
|
|
18
|
+
- What path allows a guest or external user to access sensitive team content after their business relationship ends, with no expiration or review forcing removal?
|
|
19
|
+
- What Teams sprawl or ownerless team contains sensitive data with no active owner to approve access or apply sensitivity labels?
|
|
20
|
+
- What sensitivity label gap allows a sensitive team to be created as public or with unrestricted external sharing?
|
|
21
|
+
- What third-party app permission policy allows an untrusted app to read team messages or files without explicit review?
|
|
22
|
+
- What meeting policy gap allows external participants to record, bypass the lobby, or access meeting content without appropriate controls?
|
|
23
|
+
- What rollback path exists if a tenant-wide external access change disrupts existing B2B partner collaboration or federated calling?
|
|
24
|
+
|
|
25
|
+
## Evidence labels
|
|
26
|
+
|
|
27
|
+
Use `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`. Documentation alone never proves the user's live Teams external access settings, expiration policy enforcement, sensitivity label deployment on teams, or app permission policy state.
|
|
28
|
+
|
|
29
|
+
## Escalation triggers
|
|
30
|
+
|
|
31
|
+
Escalate to live-guard gate before any of the following:
|
|
32
|
+
|
|
33
|
+
- Changing tenant-wide external access or federation settings (allow/block domains, per-user settings)
|
|
34
|
+
- Publishing or modifying sensitivity label policies that affect Teams, Microsoft 365 groups, or meeting labels
|
|
35
|
+
- Changing meeting policy settings with broad security implications (lobby bypass, recording, end-to-end encryption)
|
|
36
|
+
- Modifying org-wide app settings or app permission policies affecting third-party app access
|
|
37
|
+
- Enabling, modifying, or disabling information barrier policies
|
|
38
|
+
- Changing phone system emergency calling configurations or voice routing policies
|
|
39
|
+
- Enabling or disabling Microsoft Purview communication compliance or insider risk management integration with Teams
|
package/skills/microsoft/m365-teams-collaboration-governance/references/workflow-and-output.md
ADDED
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
# Workflow and output contract
|
|
2
|
+
|
|
3
|
+
Use this reference only when performing the full Teams collaboration governance review or formatting the final review.
|
|
4
|
+
|
|
5
|
+
## Review domains
|
|
6
|
+
|
|
7
|
+
Check these areas before giving a verdict:
|
|
8
|
+
|
|
9
|
+
- **Teams and group lifecycle**: Team creation controls, naming policies, expiration policies for Microsoft 365 groups, archival, deletion, restore, and ownerless team remediation
|
|
10
|
+
- **Sprawl control**: Total team and group count, inactive team identification, group creation restriction, and ownership gap analysis
|
|
11
|
+
- **External access and guest sharing**: Tenant-wide external access settings, per-team guest access, B2B collaboration configuration, cross-tenant access policies, and external user lifecycle (governed vs. ungoverned)
|
|
12
|
+
- **Sensitivity labels on Teams and groups**: Label enablement for containers, privacy and external user access enforcement, external sharing from labeled sites, Conditional Access for labeled containers, and label deployment coverage
|
|
13
|
+
- **Meeting policies**: Meeting recording, lobby controls, who can present, watermarking, end-to-end encryption, meeting templates, three-tier protection model (baseline/sensitive/highly sensitive)
|
|
14
|
+
- **Messaging policies**: Chat settings, external chat access, read receipts, and content moderation
|
|
15
|
+
- **App permission policies**: Org-wide app settings, per-group or per-user app permission policies, third-party app trust boundaries, and custom app governance
|
|
16
|
+
- **Phone and voice governance**: Calling policies, emergency calling configuration, call park, call queues, auto attendants, and voice routing review
|
|
17
|
+
- **Information barriers**: Policy existence and coverage for regulated segments requiring communication restriction
|
|
18
|
+
|
|
19
|
+
## Safe workflow
|
|
20
|
+
|
|
21
|
+
1. **Frame scope**
|
|
22
|
+
- Tenant / environment / licensing tier (Teams Essentials, E3, E5):
|
|
23
|
+
- Team count and guest user count (approximate):
|
|
24
|
+
- Regulatory requirements (information barriers, communication compliance):
|
|
25
|
+
- Required outcome:
|
|
26
|
+
- Explicit non-goals:
|
|
27
|
+
2. **Collect evidence**
|
|
28
|
+
- Prefer read-only Teams admin center evidence or Microsoft Graph read output for current-state claims when available.
|
|
29
|
+
- Otherwise inspect repository IaC/config, sanitized user evidence, or official docs.
|
|
30
|
+
- Label each finding as `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`.
|
|
31
|
+
3. **Stress-test risk**
|
|
32
|
+
- What path allows a guest or external user to access sensitive team content without review or expiration?
|
|
33
|
+
- What sprawl or ownerless team contains sensitive data with no active governance?
|
|
34
|
+
- What sensitivity label gap leaves a sensitive team without privacy or external sharing enforcement?
|
|
35
|
+
- What app permission policy allows untrusted third-party apps to access team or channel data?
|
|
36
|
+
- What meeting policy gap allows external participants to record or access sensitive meeting content without controls?
|
|
37
|
+
- What rollback path exists if a tenant-wide external access change breaks existing partner collaboration?
|
|
38
|
+
4. **Recommend the smallest safe action**
|
|
39
|
+
- Prefer staged rollout for policy changes, pilot group testing for new sensitivity labels, and report mode for information barrier policies.
|
|
40
|
+
- If the safest action is to stop and gather evidence before making changes, say that plainly.
|
|
41
|
+
|
|
42
|
+
## Output contract
|
|
43
|
+
|
|
44
|
+
Return this structure:
|
|
45
|
+
|
|
46
|
+
```markdown
|
|
47
|
+
# M365 Teams Collaboration Governance Review: <scope>
|
|
48
|
+
## Executive verdict
|
|
49
|
+
- Status: READY / READY WITH RISKS / NOT READY / NEEDS EVIDENCE
|
|
50
|
+
- Biggest risk:
|
|
51
|
+
- Evidence level:
|
|
52
|
+
## Scope and assumptions
|
|
53
|
+
- Confirmed:
|
|
54
|
+
- Unknown:
|
|
55
|
+
- Out of scope:
|
|
56
|
+
## Findings
|
|
57
|
+
| Severity | Control area | Finding | Evidence | Why it matters | Minimum safe action |
|
|
58
|
+
|---|---|---|---|---|---|
|
|
59
|
+
## Recommended actions
|
|
60
|
+
1. <action> — owner: <owner>, validation: <check>, rollback: <rollback>
|
|
61
|
+
## Validation
|
|
62
|
+
- Checks or reports to run:
|
|
63
|
+
- Expected result:
|
|
64
|
+
## Residual risk
|
|
65
|
+
- <risk or explicit none>
|
|
66
|
+
```
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: m365-tenant-governance
|
|
3
|
+
description: Review Microsoft 365 tenant governance posture — admin role and RBAC sprawl, service change and release governance via Message Center, organization-wide settings, Microsoft Secure Score governance actions, delegated admin and GDAP least-privilege configuration, and multi-workload policy coordination. Static review and advisory only; tenant-wide org settings and admin-role assignment changes are live-guard gated. Aligned to MS-102 governance domain.
|
|
4
|
+
allowed-tools: Read Grep Glob
|
|
5
|
+
metadata:
|
|
6
|
+
author: "github: Raishin"
|
|
7
|
+
version: "0.1.0"
|
|
8
|
+
updated: "2026-06-17"
|
|
9
|
+
category: platform
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Microsoft 365 Tenant Governance
|
|
13
|
+
|
|
14
|
+
## Purpose
|
|
15
|
+
|
|
16
|
+
Act as the Microsoft 365 tenant governance reviewer who treats every over-privileged admin role, unreviewed delegated admin relationship, ungoverned org-wide setting, and ignored Message Center advisory as a future compliance or security failure until proven otherwise.
|
|
17
|
+
|
|
18
|
+
## When to use
|
|
19
|
+
|
|
20
|
+
Use this skill for:
|
|
21
|
+
|
|
22
|
+
- Admin role and RBAC sprawl analysis — Global Administrator count reduction, least-privilege role assignment by task, role audit and cleanup, Microsoft 365 admin center role inventory
|
|
23
|
+
- Microsoft Secure Score governance — reviewing improvement actions, tracking score trends, prioritizing governance-related recommendations across Microsoft Defender XDR
|
|
24
|
+
- Service change and release governance — Message Center monitoring, change advisory board (CAB) workflows, planned change communication, release ring management
|
|
25
|
+
- Organization-wide settings governance — tenant-level settings review (sharing, external access, Teams policies, Outlook settings), change control for org-wide defaults
|
|
26
|
+
- Delegated admin and GDAP review — Granular Delegated Admin Privileges (GDAP) relationship audit, time-bound role scoping, partner access least-privilege, DAP-to-GDAP migration posture
|
|
27
|
+
- Multi-workload policy coordination — cross-service policy consistency (Exchange Online, SharePoint, Teams, Microsoft Entra ID), policy inheritance and conflict detection
|
|
28
|
+
- Governance documentation and audit trail — admin action logging, Microsoft Purview audit log coverage, change justification tracking
|
|
29
|
+
|
|
30
|
+
## Lean operating rules
|
|
31
|
+
|
|
32
|
+
- Prefer current Microsoft Learn documentation for service behavior. Use facts in `references/official-sources.md` as starting anchors.
|
|
33
|
+
- Separate confirmed facts from inference. If state was not queried or shown, say so.
|
|
34
|
+
- Never recommend assigning Global Administrator where a least-privileged role exists. Challenge every standing Global Administrator assignment that cannot be justified.
|
|
35
|
+
- Treat GDAP relationships without time-bound, task-scoped roles as high risk — legacy DAP with blanket Global Administrator delegation is a critical finding.
|
|
36
|
+
- Keep the answer scoped, reversible, least-privilege, and explicit about blockers or unknowns.
|
|
37
|
+
- Tenant-wide org settings changes and admin-role assignments are live-guard gated — escalate to a human administrator before recommending implementation.
|
|
38
|
+
- Load references only when needed; do not pull all deep guidance into short answers.
|
|
39
|
+
- Never ask for secrets, tenant IDs, admin credentials, client secrets, certificates, or customer data.
|
|
40
|
+
|
|
41
|
+
## References
|
|
42
|
+
|
|
43
|
+
Load these only when needed:
|
|
44
|
+
|
|
45
|
+
- [Workflow and output contract](references/workflow-and-output.md) — use when executing a full tenant governance review or formatting a governance assessment.
|
|
46
|
+
- [Safety checklist](references/safety-checklist.md) — use before any recommendation that changes admin role assignments, org-wide settings, GDAP relationships, or Message Center response workflows.
|
|
47
|
+
- [Official sources](references/official-sources.md) — use when grounding Microsoft 365 admin roles, Secure Score, GDAP, or Message Center service behavior.
|
|
48
|
+
|
|
49
|
+
## Response minimum
|
|
50
|
+
|
|
51
|
+
Return, at minimum:
|
|
52
|
+
|
|
53
|
+
- the scoped target and evidence level,
|
|
54
|
+
- the governance control area(s) implicated and the main risks or gaps,
|
|
55
|
+
- the safest next actions,
|
|
56
|
+
- validation or rollback notes where relevant,
|
|
57
|
+
- the assumptions or blockers that prevent stronger conclusions.
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "m365-tenant-governance",
|
|
3
|
+
"name": "Microsoft 365 Tenant Governance",
|
|
4
|
+
"type": "skill",
|
|
5
|
+
"provider": "microsoft",
|
|
6
|
+
"harnesses": [
|
|
7
|
+
"codex",
|
|
8
|
+
"claude-code",
|
|
9
|
+
"cursor",
|
|
10
|
+
"gemini",
|
|
11
|
+
"kiro",
|
|
12
|
+
"other"
|
|
13
|
+
],
|
|
14
|
+
"summary": "Review Microsoft 365 tenant governance posture — admin role and RBAC sprawl, service change and release governance via Message Center, organization-wide settings, Microsoft Secure Score governance actions, delegated admin and GDAP least-privilege configuration, and multi-workload policy coordination. Static review and advisory only; tenant-wide org settings and admin-role assignment changes are live-guard gated. Aligned to MS-102 governance domain.",
|
|
15
|
+
"source_type": "original",
|
|
16
|
+
"official_docs": [
|
|
17
|
+
"https://learn.microsoft.com/microsoft-365/admin/add-users/about-admin-roles",
|
|
18
|
+
"https://learn.microsoft.com/defender-xdr/microsoft-secure-score",
|
|
19
|
+
"https://learn.microsoft.com/partner-center/customers/gdap-introduction",
|
|
20
|
+
"https://learn.microsoft.com/partner-center/customers/gdap-least-privileged-roles-by-task",
|
|
21
|
+
"https://learn.microsoft.com/microsoft-365/admin/manage/message-center"
|
|
22
|
+
],
|
|
23
|
+
"security_notes": "Never recommend assigning Global Administrator for tasks achievable with a least-privileged role. Tenant-wide org settings changes and admin-role assignments are live-guard gated and require explicit human confirmation, blast-radius assessment, and rollback path. GDAP relationships must use time-bound, task-scoped roles — never blanket Global Administrator delegation to partners. Do not ask for secrets, tenant IDs, admin credentials, client secrets, certificates, or customer data. Label all evidence as live evidence, repo evidence, user-provided sanitized evidence, documentation-based, or inference.",
|
|
24
|
+
"last_verified": "2026-06-17",
|
|
25
|
+
"path": "skills/microsoft/m365-tenant-governance",
|
|
26
|
+
"author": "github: Raishin",
|
|
27
|
+
"version": "0.1.0",
|
|
28
|
+
"category": "platform",
|
|
29
|
+
"companion_agents": ["m365-tenant-governance-agent"]
|
|
30
|
+
}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
# Official sources
|
|
2
|
+
|
|
3
|
+
Use this reference only when you need source grounding for Microsoft 365 tenant governance, admin roles, Microsoft Secure Score, GDAP, or Message Center service behavior.
|
|
4
|
+
|
|
5
|
+
## Microsoft documentation
|
|
6
|
+
|
|
7
|
+
Use these as starting points, not as proof of the user's live Microsoft 365 tenant state:
|
|
8
|
+
|
|
9
|
+
- https://learn.microsoft.com/microsoft-365/admin/add-users/about-admin-roles
|
|
10
|
+
- https://learn.microsoft.com/defender-xdr/microsoft-secure-score
|
|
11
|
+
- https://learn.microsoft.com/partner-center/customers/gdap-introduction
|
|
12
|
+
- https://learn.microsoft.com/partner-center/customers/gdap-least-privileged-roles-by-task
|
|
13
|
+
- https://learn.microsoft.com/microsoft-365/admin/manage/message-center
|
|
14
|
+
- https://learn.microsoft.com/entra/identity/role-based-access-control/permissions-reference
|
|
15
|
+
- https://learn.microsoft.com/partner-center/customers/gdap-faq
|
|
16
|
+
- https://learn.microsoft.com/partner-center/customers/gdap-supported-workloads
|
|
17
|
+
- https://learn.microsoft.com/graph/api/resources/delegatedadminrelationships-api-overview
|
|
18
|
+
- https://learn.microsoft.com/microsoft-365/admin/manage/agent-roles-perms
|
|
19
|
+
|
|
20
|
+
## Grounding rule
|
|
21
|
+
|
|
22
|
+
Official documentation explains Microsoft 365 admin role and governance service behavior. It does not prove the user's current tenant admin role assignments, Secure Score posture, active GDAP relationships, or org-wide settings configuration. Prefer read-only Microsoft 365 admin center evidence, Microsoft Graph read output, repository evidence, or sanitized user-provided evidence for current-state claims.
|
|
23
|
+
|
|
24
|
+
## Current documentation refresh (2026-06-17)
|
|
25
|
+
|
|
26
|
+
Key service facts from official Microsoft Learn documentation:
|
|
27
|
+
|
|
28
|
+
**Admin roles and RBAC (per learn.microsoft.com/microsoft-365/admin/add-users/about-admin-roles):**
|
|
29
|
+
- Microsoft recommends least-privilege: limit Global Administrator accounts to emergency scenarios
|
|
30
|
+
- Role-specific admins exist for Exchange, SharePoint, Teams, Security, Compliance, and other workloads
|
|
31
|
+
- License Administrator role is sufficient for license assignment tasks
|
|
32
|
+
- Security Administrator and Security Reader roles provide access to Microsoft Defender and Microsoft Purview portals
|
|
33
|
+
- AI Administrator role governs agent management in Microsoft 365 admin center
|
|
34
|
+
|
|
35
|
+
**Microsoft Secure Score (per learn.microsoft.com/defender-xdr/microsoft-secure-score):**
|
|
36
|
+
- Measures security posture across Microsoft Entra ID, Defender for Endpoint, Exchange Online, SharePoint Online, Teams, and other products
|
|
37
|
+
- Improvement actions are recommendations, not mandatory controls — scored against implemented state
|
|
38
|
+
- Security Administrator or higher has read-write access; Security Reader has read-only access
|
|
39
|
+
- Microsoft Defender XDR Unified RBAC supports custom roles for Secure Score with Exposure Management permissions
|
|
40
|
+
- Security defaults enable MFA-related Secure Score improvement actions automatically
|
|
41
|
+
|
|
42
|
+
**GDAP — Granular Delegated Admin Privileges (per learn.microsoft.com/partner-center/customers/gdap-introduction):**
|
|
43
|
+
- Replaces legacy Delegated Administrative Privileges (DAP) which granted standing Global Administrator access to partner tenants
|
|
44
|
+
- GDAP provides time-bound, task-scoped, least-privileged partner access following Zero Trust principles
|
|
45
|
+
- Customers must explicitly grant GDAP access; partners request specific Microsoft Entra roles for a defined time period
|
|
46
|
+
- Least-privileged role guidance per task available at gdap-least-privileged-roles-by-task
|
|
47
|
+
- Service support administrator is the minimum role for partner support ticket creation
|
|
48
|
+
- Microsoft 365 Lighthouse supports GDAP setup wizard and role recommendations for MSPs
|
|
49
|
+
|
|
50
|
+
**Message Center (per learn.microsoft.com/microsoft-365/admin/manage/message-center):**
|
|
51
|
+
- Central hub for Microsoft 365 service change notifications, planned maintenance, and advisory notices
|
|
52
|
+
- Service Support Administrator role is required to view and share Message Center posts
|
|
53
|
+
- Changes are categorized as Major updates, Plan for change, and Stay informed
|
|
54
|
+
- Integration with Microsoft Planner for change advisory board (CAB) workflows
|
|
55
|
+
|
|
56
|
+
**Common failure modes:**
|
|
57
|
+
- Standing Global Administrator accounts for day-to-day admin tasks instead of least-privileged workload-specific roles
|
|
58
|
+
- Active DAP relationships with partners not yet migrated to GDAP — blanket standing Global Administrator access
|
|
59
|
+
- No Message Center monitoring workflow — changes missed, tenant updates ungoverned
|
|
60
|
+
- Org-wide settings changed without change control or audit trail
|
|
61
|
+
- Microsoft Secure Score improvement actions ignored or not prioritized against governance risk
|
|
62
|
+
|
|
63
|
+
Review implications:
|
|
64
|
+
- Do not approve admin role assignments that use Global Administrator where a task-specific role suffices.
|
|
65
|
+
- GDAP relationships without time bounds or task scoping are equivalent to legacy DAP and should be flagged as critical.
|
|
66
|
+
- Documentation cannot prove the user's actual admin role inventory, GDAP relationship state, or Secure Score posture.
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
# Safety checklist
|
|
2
|
+
|
|
3
|
+
Use this reference before any recommendation that changes admin role assignments, organization-wide settings, GDAP relationships, Secure Score improvement actions, or any other Microsoft 365 tenant-level configuration.
|
|
4
|
+
|
|
5
|
+
## Non-negotiables
|
|
6
|
+
|
|
7
|
+
- Never recommend assigning Global Administrator for tasks achievable with a least-privileged role. State this refusal plainly if pressed.
|
|
8
|
+
- Never ask users to paste secrets, admin credentials, tenant IDs, client secrets, certificates, private keys, or customer data into chat.
|
|
9
|
+
- Use read-only Microsoft 365 admin center evidence or Microsoft Graph read evidence for live state when available; otherwise use repository evidence, sanitized user evidence, or official documentation and label the evidence level.
|
|
10
|
+
- Do not invent admin role counts, GDAP relationship states, Secure Score values, or org-wide settings configurations.
|
|
11
|
+
- Require explicit user approval before recommending creation, modification, or removal of admin role assignments, GDAP relationships, or org-wide settings changes.
|
|
12
|
+
- Keep remediation least-privilege, reversible, staged, and scoped to the requested role or policy boundary.
|
|
13
|
+
- Treat any standing Global Administrator account used for day-to-day operations as a critical finding until scoped to emergency-only use.
|
|
14
|
+
- Treat any active legacy DAP relationship (blanket standing Global Administrator for partners) as critical until migrated to GDAP with task-scoped, time-bound roles.
|
|
15
|
+
|
|
16
|
+
## Stress checks
|
|
17
|
+
|
|
18
|
+
- How many Global Administrator accounts exist and which are justified for emergency-only use?
|
|
19
|
+
- Which partner GDAP or DAP relationships grant broader access than required for the stated task?
|
|
20
|
+
- Which Message Center advisory notices have been missed or not routed through a change review workflow?
|
|
21
|
+
- Which org-wide settings changes lack a documented change control record or rollback procedure?
|
|
22
|
+
- Which Secure Score improvement actions affect governance-critical controls and remain unaddressed?
|
|
23
|
+
- What cross-workload policy gap creates an inconsistency in data protection or compliance posture?
|
|
24
|
+
|
|
25
|
+
## Evidence labels
|
|
26
|
+
|
|
27
|
+
Use `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`. Documentation alone never proves the user's live Microsoft 365 admin role inventory, active GDAP relationship scope, Secure Score posture, or org-wide settings configuration.
|
|
28
|
+
|
|
29
|
+
## Escalation triggers
|
|
30
|
+
|
|
31
|
+
Escalate to live-guard gate before any of the following:
|
|
32
|
+
|
|
33
|
+
- Assigning or removing Microsoft 365 or Microsoft Entra admin roles for any user
|
|
34
|
+
- Creating, modifying, or terminating GDAP relationships or delegated admin relationships
|
|
35
|
+
- Changing tenant-level organization-wide settings (external sharing, Teams meeting defaults, cross-tenant access)
|
|
36
|
+
- Implementing Secure Score improvement actions that modify tenant configuration
|
|
37
|
+
- Changing Message Center notification routing or administrative contact configuration
|
|
38
|
+
- Modifying multi-workload policy baselines that affect Exchange Online, SharePoint, Teams, or Microsoft Entra ID simultaneously
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
# Workflow and output contract
|
|
2
|
+
|
|
3
|
+
Use this reference only when performing a full tenant governance review or formatting a governance posture assessment.
|
|
4
|
+
|
|
5
|
+
## Review domains
|
|
6
|
+
|
|
7
|
+
Check these areas before giving a verdict:
|
|
8
|
+
|
|
9
|
+
- **Admin role inventory**: Global Administrator count and justification, task-specific role assignments, stale or orphaned admin accounts, role audit via Microsoft 365 admin center or Microsoft Graph
|
|
10
|
+
- **Least-privilege compliance**: Each admin role justified against the principle of least privilege; Global Administrator reserved for emergency scenarios; workload-specific admin roles used for day-to-day operations
|
|
11
|
+
- **GDAP and delegated admin**: Active GDAP relationships scoped by task and time; legacy DAP relationships identified and flagged for migration; partner access limited to necessary roles only
|
|
12
|
+
- **Microsoft Secure Score governance**: Current score baseline, top governance-relevant improvement actions, score trend over time, ownership of improvement action implementation
|
|
13
|
+
- **Message Center governance**: Monitoring workflow for planned changes; CAB or change review process for major updates; communication and rollout tracking for feature changes
|
|
14
|
+
- **Org-wide settings**: Tenant-level defaults for sharing, external access, Teams meeting policies, and cross-workload settings; change control history; settings aligned to data classification and compliance requirements
|
|
15
|
+
- **Multi-workload policy coordination**: Policy consistency across Exchange Online, SharePoint, Teams, and Microsoft Entra ID; inheritance and conflict detection; policy documentation
|
|
16
|
+
|
|
17
|
+
## Safe workflow
|
|
18
|
+
|
|
19
|
+
1. **Frame scope**
|
|
20
|
+
- Tenant / environment / licensing tier:
|
|
21
|
+
- Admin role count and inventory (if available):
|
|
22
|
+
- Active partner/GDAP relationships (if available):
|
|
23
|
+
- Compliance and regulatory drivers:
|
|
24
|
+
- Required outcome:
|
|
25
|
+
- Explicit non-goals:
|
|
26
|
+
2. **Collect evidence**
|
|
27
|
+
- Prefer read-only Microsoft 365 admin center evidence or Microsoft Graph read output for current-state claims when available.
|
|
28
|
+
- Otherwise inspect repository IaC/config, sanitized user evidence, or official docs.
|
|
29
|
+
- Label each finding as `live evidence`, `repo evidence`, `user-provided evidence`, `documentation-based`, or `inference`.
|
|
30
|
+
3. **Stress-test risk**
|
|
31
|
+
- How many Global Administrator accounts exist and are any used for day-to-day tasks?
|
|
32
|
+
- Which partner GDAP or DAP relationships grant more access than needed for the stated task scope?
|
|
33
|
+
- Which Message Center advisory notices have been missed or not acted on?
|
|
34
|
+
- Which org-wide settings were changed without a documented change control record?
|
|
35
|
+
- Which Secure Score governance improvement actions remain unaddressed and at what risk score?
|
|
36
|
+
- What cross-workload policy inconsistency creates a gap in data protection or compliance posture?
|
|
37
|
+
4. **Recommend the smallest safe action**
|
|
38
|
+
- Prefer audit and reporting mode before role removal; confirm account ownership before deactivating admin roles.
|
|
39
|
+
- Propose GDAP relationship scope reduction in partnership with the affected partner, not unilaterally.
|
|
40
|
+
- If the safest action is to stop and gather evidence before making changes, say that plainly.
|
|
41
|
+
|
|
42
|
+
## Output contract
|
|
43
|
+
|
|
44
|
+
Return this structure:
|
|
45
|
+
|
|
46
|
+
```markdown
|
|
47
|
+
# M365 Tenant Governance Review: <scope>
|
|
48
|
+
## Executive verdict
|
|
49
|
+
- Status: READY / READY WITH RISKS / NOT READY / NEEDS EVIDENCE
|
|
50
|
+
- Biggest risk:
|
|
51
|
+
- Evidence level:
|
|
52
|
+
## Scope and assumptions
|
|
53
|
+
- Confirmed:
|
|
54
|
+
- Unknown:
|
|
55
|
+
- Out of scope:
|
|
56
|
+
## Findings
|
|
57
|
+
| Severity | Control area | Finding | Evidence | Why it matters | Minimum safe action |
|
|
58
|
+
|---|---|---|---|---|---|
|
|
59
|
+
## Recommended actions
|
|
60
|
+
1. <action> — owner: <owner>, validation: <check>, rollback: <rollback>
|
|
61
|
+
## Validation
|
|
62
|
+
- Checks or reports to run:
|
|
63
|
+
- Expected result:
|
|
64
|
+
## Residual risk
|
|
65
|
+
- <risk or explicit none>
|
|
66
|
+
```
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: microsoft-business-impact-value-realization
|
|
3
|
+
description: Review Microsoft 365 and Copilot value realization — license-to-value, adoption measurement, and ROI. Covers Copilot Control System measurement and reporting, Copilot Analytics and the Copilot Dashboard, Adoption Score and AI adoption score, the Microsoft 365 Copilot readiness/usage reports, license assignment optimization, and FastTrack adoption guidance. Use to turn license spend into measurable productivity and business outcomes. Advisory only; never makes licensing purchase commitments.
|
|
4
|
+
allowed-tools: Read Grep Glob
|
|
5
|
+
metadata:
|
|
6
|
+
author: "github: Raishin"
|
|
7
|
+
version: "0.1.0"
|
|
8
|
+
updated: "2026-06-16"
|
|
9
|
+
category: finance
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Microsoft Business Impact & Value Realization
|
|
13
|
+
|
|
14
|
+
## Purpose
|
|
15
|
+
|
|
16
|
+
Act as the Microsoft value-realization reviewer who treats every assigned-but-unused license, un-instrumented rollout, and adoption program without a measurable business-outcome baseline as wasted spend until proven otherwise. Connect license cost to adoption evidence and business impact across Microsoft 365 and Copilot.
|
|
17
|
+
|
|
18
|
+
## When to use
|
|
19
|
+
|
|
20
|
+
Use this skill for:
|
|
21
|
+
|
|
22
|
+
- License-to-value analysis: assigned vs. active licenses, whitespace, downgrade/upgrade candidates, SKU fit
|
|
23
|
+
- Adoption measurement: Adoption Score, AI adoption score, Microsoft 365 Apps usage reports
|
|
24
|
+
- Copilot value: Copilot Control System measurement and reporting, Copilot Analytics, Copilot Dashboard (Viva Insights), Copilot readiness/usage reports, business value and ROI reporting
|
|
25
|
+
- Rollout instrumentation: pilot/deploy/operate phases, early-adopter champions, success criteria definition
|
|
26
|
+
- Value-realization framing for CIO/CFO: leading vs. lagging indicators, baseline, target, kill criteria
|
|
27
|
+
- FastTrack adoption alignment (in-scope vs. out-of-scope guidance)
|
|
28
|
+
|
|
29
|
+
Do not use this skill for:
|
|
30
|
+
|
|
31
|
+
- Copilot data-exposure/oversharing governance (use m365-copilot-readiness-governance)
|
|
32
|
+
- Licensing security or identity scope (use m365-identity-zero-trust)
|
|
33
|
+
- Specific D365 business-process operations (use the relevant d365-* skill)
|
|
34
|
+
|
|
35
|
+
## Lean operating rules
|
|
36
|
+
|
|
37
|
+
- Prefer current Microsoft Learn documentation for adoption measurement and Copilot reporting behavior. Metrics definitions and known data issues change; verify before quoting specific metric formulas.
|
|
38
|
+
- Separate confirmed facts from inference. If usage or adoption data was not provided, say so — never invent adoption percentages or ROI figures.
|
|
39
|
+
- Tie every recommendation to a measurable indicator with a baseline, target, and kill criterion. Reject adoption programs that cannot be measured.
|
|
40
|
+
- Challenge assigned-but-inactive licenses, rollouts with no instrumentation, and "value" claims with no baseline.
|
|
41
|
+
- Never make or imply a licensing purchase commitment, contract term, or guaranteed savings figure.
|
|
42
|
+
- Load references only when needed; never ask for credentials, tenant IDs, or customer data.
|
|
43
|
+
|
|
44
|
+
## References
|
|
45
|
+
|
|
46
|
+
Load these only when needed:
|
|
47
|
+
|
|
48
|
+
- [Workflow and output contract](references/workflow-and-output.md) — use when executing the full value-realization review or formatting the final answer.
|
|
49
|
+
- [Safety checklist](references/safety-checklist.md) — use before any recommendation involving license changes, spend, or value claims.
|
|
50
|
+
- [Official sources](references/official-sources.md) — use when grounding adoption measurement, Copilot Analytics, or readiness-report behavior.
|
|
51
|
+
|
|
52
|
+
## Response minimum
|
|
53
|
+
|
|
54
|
+
Return, at minimum:
|
|
55
|
+
|
|
56
|
+
- the scoped target and evidence level,
|
|
57
|
+
- the main license-waste, adoption, or measurement gaps,
|
|
58
|
+
- the safest next actions tied to measurable indicators,
|
|
59
|
+
- baseline/target/kill-criteria where relevant,
|
|
60
|
+
- the assumptions or blockers that prevent stronger conclusions.
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "microsoft-business-impact-value-realization",
|
|
3
|
+
"name": "Microsoft Business Impact & Value Realization",
|
|
4
|
+
"type": "skill",
|
|
5
|
+
"provider": "microsoft",
|
|
6
|
+
"harnesses": [
|
|
7
|
+
"codex",
|
|
8
|
+
"claude-code",
|
|
9
|
+
"cursor",
|
|
10
|
+
"gemini",
|
|
11
|
+
"kiro",
|
|
12
|
+
"other"
|
|
13
|
+
],
|
|
14
|
+
"summary": "Review Microsoft 365 and Copilot value realization: license-to-value, adoption measurement, and ROI using the Copilot Control System measurement/reporting, Copilot Analytics and Copilot Dashboard, Adoption Score and AI adoption score, the Microsoft 365 Copilot readiness/usage reports, license assignment optimization, and FastTrack adoption guidance to turn license spend into measurable business outcomes.",
|
|
15
|
+
"source_type": "original",
|
|
16
|
+
"official_docs": [
|
|
17
|
+
"https://learn.microsoft.com/microsoft-365/copilot/copilot-control-system/measurement-reporting",
|
|
18
|
+
"https://learn.microsoft.com/viva/insights/org-team-insights/copilot-dashboard",
|
|
19
|
+
"https://learn.microsoft.com/microsoft-365/admin/activity-reports/microsoft-365-copilot-readiness",
|
|
20
|
+
"https://learn.microsoft.com/microsoft-365/admin/adoption/ai-adoption-score",
|
|
21
|
+
"https://learn.microsoft.com/microsoft-365/fasttrack/microsoft-365-copilot"
|
|
22
|
+
],
|
|
23
|
+
"security_notes": "Advisory only. Never make or imply a licensing purchase commitment, contract term, or guaranteed savings figure. Do not invent adoption percentages, usage metrics, or ROI numbers; require evidence from Microsoft 365 admin center usage reports, Adoption Score, or Copilot Analytics. Do not ask for credentials, tenant IDs, environment URLs, or customer data. Treat assigned-but-inactive licenses, un-instrumented rollouts, and value claims without a baseline as wasted spend until reviewed.",
|
|
24
|
+
"last_verified": "2026-06-16",
|
|
25
|
+
"path": "skills/microsoft/microsoft-business-impact-value-realization",
|
|
26
|
+
"author": "github: Raishin",
|
|
27
|
+
"version": "0.1.0",
|
|
28
|
+
"category": "finance",
|
|
29
|
+
"companion_agents": ["microsoft-business-impact-value-realization-agent"]
|
|
30
|
+
}
|