@raishin/vanguard-frontier-agentic 2.11.0 → 2.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +2 -2
- package/.claude-plugin/plugin.json +41 -1
- package/.cursor-plugin/plugin.json +41 -1
- package/.github/plugin/marketplace.json +1 -1
- package/README.md +11 -11
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/AGENT.md +57 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/metadata.json +46 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/AGENT.md +58 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/codex.toml +31 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/metadata.json +40 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/AGENT.md +58 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/metadata.json +45 -0
- package/agents/sap/sap-audit-evidence-packager-agent/AGENT.md +58 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/copilot.agent.md +33 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/cursor.agent.md +31 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/gemini.agent.md +31 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/kiro-ide.agent.md +31 -0
- package/agents/sap/sap-audit-evidence-packager-agent/metadata.json +45 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/AGENT.md +58 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/metadata.json +44 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/AGENT.md +70 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/claude-code.agent.md +51 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/codex.toml +42 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/copilot.agent.md +36 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/cursor.agent.md +33 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/gemini.agent.md +33 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/kiro-ide.agent.md +33 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/metadata.json +41 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/AGENT.md +57 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/metadata.json +42 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/AGENT.md +58 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/codex.toml +31 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/metadata.json +45 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/AGENT.md +59 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/metadata.json +42 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/AGENT.md +60 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/codex.toml +29 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/metadata.json +45 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/AGENT.md +67 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/claude-code.agent.md +46 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/metadata.json +44 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/AGENT.md +58 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/metadata.json +45 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/AGENT.md +59 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/metadata.json +44 -0
- package/agents/sap/sap-finance-fico-controls-agent/AGENT.md +59 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-finance-fico-controls-agent/metadata.json +45 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/AGENT.md +58 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/codex.toml +29 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/metadata.json +39 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/AGENT.md +70 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/claude-code.agent.md +51 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/codex.toml +41 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/copilot.agent.md +36 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/cursor.agent.md +33 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/gemini.agent.md +33 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/kiro-ide.agent.md +33 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/metadata.json +45 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/AGENT.md +58 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/metadata.json +43 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/AGENT.md +59 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/metadata.json +42 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/AGENT.md +70 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/claude-code.agent.md +51 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/codex.toml +41 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/copilot.agent.md +36 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/cursor.agent.md +33 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/gemini.agent.md +33 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/kiro-ide.agent.md +33 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/metadata.json +41 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/AGENT.md +57 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/metadata.json +43 -0
- package/agents/sap/sap-joule-governance-adoption-agent/AGENT.md +59 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-joule-governance-adoption-agent/metadata.json +42 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/AGENT.md +58 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/metadata.json +42 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/AGENT.md +60 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/claude-code.agent.md +40 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/codex.toml +31 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/metadata.json +39 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/AGENT.md +60 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/claude-code.agent.md +40 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/codex.toml +31 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/metadata.json +39 -0
- package/agents/sap/sap-maestro-agent/AGENT.md +60 -0
- package/agents/sap/sap-maestro-agent/harnesses/claude-code.agent.md +36 -0
- package/agents/sap/sap-maestro-agent/harnesses/codex.toml +34 -0
- package/agents/sap/sap-maestro-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-maestro-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-maestro-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-maestro-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-maestro-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-maestro-agent/metadata.json +39 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/AGENT.md +59 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/metadata.json +44 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/AGENT.md +59 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/metadata.json +45 -0
- package/agents/sap/sap-order-to-cash-agent/AGENT.md +59 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-order-to-cash-agent/metadata.json +44 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/AGENT.md +59 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/metadata.json +44 -0
- package/agents/sap/sap-release-change-collision-agent/AGENT.md +59 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-release-change-collision-agent/metadata.json +42 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/AGENT.md +58 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/metadata.json +42 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/AGENT.md +73 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/claude-code.agent.md +54 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/codex.toml +43 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/copilot.agent.md +38 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/cursor.agent.md +35 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/gemini.agent.md +35 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/metadata.json +41 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/AGENT.md +62 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/claude-code.agent.md +41 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/codex.toml +29 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/metadata.json +44 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/AGENT.md +59 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/metadata.json +44 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/AGENT.md +59 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/metadata.json +44 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/AGENT.md +59 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/metadata.json +42 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/AGENT.md +59 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/metadata.json +44 -0
- package/agents/sap/sap-testing-quality-gate-agent/AGENT.md +59 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-testing-quality-gate-agent/metadata.json +42 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/AGENT.md +58 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/metadata.json +42 -0
- package/agents/sap/sap-treasury-cash-risk-agent/AGENT.md +59 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-treasury-cash-risk-agent/metadata.json +44 -0
- package/catalog/agents.json +1323 -0
- package/catalog/asset-integrity.json +2283 -43
- package/catalog/install-roles.json +94 -0
- package/catalog/skill-manifest.json +1770 -3
- package/catalog/skills.json +1912 -1
- package/package.json +1 -1
- package/plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json +1 -1
- package/powers/README.md +3 -2
- package/powers/vanguard-sap/POWER.md +43 -0
- package/schemas/agent.schema.json +1 -0
- package/schemas/skill.schema.json +1 -0
- package/scripts/generate-docs-data.mjs +1 -1
- package/scripts/generate-kiro-powers.mjs +12 -0
- package/skills/claude/add-educational-comments/metadata.json +1 -1
- package/skills/sap/sap-abap-cloud-rap-review/SKILL.md +86 -0
- package/skills/sap/sap-abap-cloud-rap-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-abap-cloud-rap-review/metadata.json +34 -0
- package/skills/sap/sap-abap-cloud-rap-review/references/context7-framework-docs.md +126 -0
- package/skills/sap/sap-abap-cloud-rap-review/references/official-sources.md +95 -0
- package/skills/sap/sap-abap-cloud-rap-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-abap-cloud-rap-review/references/workflow-and-output.md +76 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/SKILL.md +92 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/agents/openai.yaml +11 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/metadata.json +34 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/context7-framework-docs.md +107 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/official-sources.md +91 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/safety-checklist.md +39 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/workflow-and-output.md +75 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/SKILL.md +168 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/metadata.json +35 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/references/official-sources.md +99 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/references/safety-checklist.md +38 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/references/workflow-and-output.md +89 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/SKILL.md +87 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/agents/openai.yaml +11 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/metadata.json +33 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/references/official-sources.md +89 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/references/safety-checklist.md +35 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/references/workflow-and-output.md +70 -0
- package/skills/sap/sap-audit-evidence-packaging/SKILL.md +92 -0
- package/skills/sap/sap-audit-evidence-packaging/agents/openai.yaml +11 -0
- package/skills/sap/sap-audit-evidence-packaging/metadata.json +33 -0
- package/skills/sap/sap-audit-evidence-packaging/references/official-sources.md +92 -0
- package/skills/sap/sap-audit-evidence-packaging/references/safety-checklist.md +38 -0
- package/skills/sap/sap-audit-evidence-packaging/references/workflow-and-output.md +129 -0
- package/skills/sap/sap-btp-governance-review/SKILL.md +84 -0
- package/skills/sap/sap-btp-governance-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-btp-governance-review/metadata.json +34 -0
- package/skills/sap/sap-btp-governance-review/references/official-sources.md +91 -0
- package/skills/sap/sap-btp-governance-review/references/safety-checklist.md +35 -0
- package/skills/sap/sap-btp-governance-review/references/workflow-and-output.md +66 -0
- package/skills/sap/sap-cap-architecture-review/SKILL.md +86 -0
- package/skills/sap/sap-cap-architecture-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-cap-architecture-review/metadata.json +34 -0
- package/skills/sap/sap-cap-architecture-review/references/context7-framework-docs.md +89 -0
- package/skills/sap/sap-cap-architecture-review/references/official-sources.md +93 -0
- package/skills/sap/sap-cap-architecture-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-cap-architecture-review/references/workflow-and-output.md +74 -0
- package/skills/sap/sap-clean-core-debt-review/SKILL.md +84 -0
- package/skills/sap/sap-clean-core-debt-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-clean-core-debt-review/metadata.json +33 -0
- package/skills/sap/sap-clean-core-debt-review/references/context7-framework-docs.md +56 -0
- package/skills/sap/sap-clean-core-debt-review/references/official-sources.md +75 -0
- package/skills/sap/sap-clean-core-debt-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-clean-core-debt-review/references/workflow-and-output.md +62 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/SKILL.md +83 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/metadata.json +33 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/references/official-sources.md +89 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/references/safety-checklist.md +39 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/references/workflow-and-output.md +88 -0
- package/skills/sap/sap-custom-code-remediation-review/SKILL.md +83 -0
- package/skills/sap/sap-custom-code-remediation-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-custom-code-remediation-review/metadata.json +33 -0
- package/skills/sap/sap-custom-code-remediation-review/references/official-sources.md +85 -0
- package/skills/sap/sap-custom-code-remediation-review/references/safety-checklist.md +39 -0
- package/skills/sap/sap-custom-code-remediation-review/references/workflow-and-output.md +83 -0
- package/skills/sap/sap-data-migration-cutover-readiness/SKILL.md +90 -0
- package/skills/sap/sap-data-migration-cutover-readiness/agents/openai.yaml +14 -0
- package/skills/sap/sap-data-migration-cutover-readiness/metadata.json +32 -0
- package/skills/sap/sap-data-migration-cutover-readiness/references/official-sources.md +73 -0
- package/skills/sap/sap-data-migration-cutover-readiness/references/safety-checklist.md +51 -0
- package/skills/sap/sap-data-migration-cutover-readiness/references/workflow-and-output.md +85 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/SKILL.md +162 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/metadata.json +34 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/references/official-sources.md +93 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/references/safety-checklist.md +39 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/references/workflow-and-output.md +78 -0
- package/skills/sap/sap-datasphere-data-product-architecture/SKILL.md +86 -0
- package/skills/sap/sap-datasphere-data-product-architecture/agents/openai.yaml +11 -0
- package/skills/sap/sap-datasphere-data-product-architecture/metadata.json +33 -0
- package/skills/sap/sap-datasphere-data-product-architecture/references/official-sources.md +85 -0
- package/skills/sap/sap-datasphere-data-product-architecture/references/safety-checklist.md +35 -0
- package/skills/sap/sap-datasphere-data-product-architecture/references/workflow-and-output.md +70 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/SKILL.md +90 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/metadata.json +32 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/references/official-sources.md +79 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/references/workflow-and-output.md +91 -0
- package/skills/sap/sap-finance-fico-controls-review/SKILL.md +91 -0
- package/skills/sap/sap-finance-fico-controls-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-finance-fico-controls-review/metadata.json +33 -0
- package/skills/sap/sap-finance-fico-controls-review/references/official-sources.md +89 -0
- package/skills/sap/sap-finance-fico-controls-review/references/safety-checklist.md +38 -0
- package/skills/sap/sap-finance-fico-controls-review/references/workflow-and-output.md +88 -0
- package/skills/sap/sap-fiori-ui5-ux-review/SKILL.md +87 -0
- package/skills/sap/sap-fiori-ui5-ux-review/agents/openai.yaml +14 -0
- package/skills/sap/sap-fiori-ui5-ux-review/metadata.json +33 -0
- package/skills/sap/sap-fiori-ui5-ux-review/references/context7-framework-docs.md +128 -0
- package/skills/sap/sap-fiori-ui5-ux-review/references/official-sources.md +95 -0
- package/skills/sap/sap-fiori-ui5-ux-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-fiori-ui5-ux-review/references/workflow-and-output.md +96 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/SKILL.md +156 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/agents/openai.yaml +17 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/metadata.json +33 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/references/live-environment-access.md +93 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/references/official-sources.md +75 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/references/safety-checklist.md +57 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/references/workflow-and-output.md +132 -0
- package/skills/sap/sap-guarded-integration-flow-change/SKILL.md +151 -0
- package/skills/sap/sap-guarded-integration-flow-change/agents/openai.yaml +17 -0
- package/skills/sap/sap-guarded-integration-flow-change/metadata.json +33 -0
- package/skills/sap/sap-guarded-integration-flow-change/references/live-environment-access.md +80 -0
- package/skills/sap/sap-guarded-integration-flow-change/references/official-sources.md +73 -0
- package/skills/sap/sap-guarded-integration-flow-change/references/safety-checklist.md +56 -0
- package/skills/sap/sap-guarded-integration-flow-change/references/workflow-and-output.md +122 -0
- package/skills/sap/sap-guarded-role-assignment/SKILL.md +159 -0
- package/skills/sap/sap-guarded-role-assignment/agents/openai.yaml +17 -0
- package/skills/sap/sap-guarded-role-assignment/metadata.json +33 -0
- package/skills/sap/sap-guarded-role-assignment/references/live-environment-access.md +93 -0
- package/skills/sap/sap-guarded-role-assignment/references/official-sources.md +73 -0
- package/skills/sap/sap-guarded-role-assignment/references/safety-checklist.md +57 -0
- package/skills/sap/sap-guarded-role-assignment/references/workflow-and-output.md +133 -0
- package/skills/sap/sap-guarded-transport-import/SKILL.md +144 -0
- package/skills/sap/sap-guarded-transport-import/agents/openai.yaml +14 -0
- package/skills/sap/sap-guarded-transport-import/metadata.json +34 -0
- package/skills/sap/sap-guarded-transport-import/references/live-environment-access.md +81 -0
- package/skills/sap/sap-guarded-transport-import/references/official-sources.md +79 -0
- package/skills/sap/sap-guarded-transport-import/references/safety-checklist.md +52 -0
- package/skills/sap/sap-guarded-transport-import/references/workflow-and-output.md +93 -0
- package/skills/sap/sap-hana-cloud-performance-cost/SKILL.md +87 -0
- package/skills/sap/sap-hana-cloud-performance-cost/agents/openai.yaml +11 -0
- package/skills/sap/sap-hana-cloud-performance-cost/metadata.json +33 -0
- package/skills/sap/sap-hana-cloud-performance-cost/references/context7-framework-docs.md +94 -0
- package/skills/sap/sap-hana-cloud-performance-cost/references/official-sources.md +83 -0
- package/skills/sap/sap-hana-cloud-performance-cost/references/safety-checklist.md +36 -0
- package/skills/sap/sap-hana-cloud-performance-cost/references/workflow-and-output.md +68 -0
- package/skills/sap/sap-hypercare-incident-commander-review/SKILL.md +93 -0
- package/skills/sap/sap-hypercare-incident-commander-review/agents/openai.yaml +14 -0
- package/skills/sap/sap-hypercare-incident-commander-review/metadata.json +31 -0
- package/skills/sap/sap-hypercare-incident-commander-review/references/official-sources.md +63 -0
- package/skills/sap/sap-hypercare-incident-commander-review/references/safety-checklist.md +55 -0
- package/skills/sap/sap-hypercare-incident-commander-review/references/workflow-and-output.md +98 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/SKILL.md +162 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/metadata.json +35 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/references/official-sources.md +99 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/references/safety-checklist.md +36 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/references/workflow-and-output.md +76 -0
- package/skills/sap/sap-integration-suite-review/SKILL.md +87 -0
- package/skills/sap/sap-integration-suite-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-integration-suite-review/metadata.json +33 -0
- package/skills/sap/sap-integration-suite-review/references/context7-framework-docs.md +76 -0
- package/skills/sap/sap-integration-suite-review/references/official-sources.md +79 -0
- package/skills/sap/sap-integration-suite-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-integration-suite-review/references/workflow-and-output.md +78 -0
- package/skills/sap/sap-joule-governance-adoption-review/SKILL.md +83 -0
- package/skills/sap/sap-joule-governance-adoption-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-joule-governance-adoption-review/metadata.json +33 -0
- package/skills/sap/sap-joule-governance-adoption-review/references/official-sources.md +83 -0
- package/skills/sap/sap-joule-governance-adoption-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-joule-governance-adoption-review/references/workflow-and-output.md +81 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/SKILL.md +89 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/metadata.json +32 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/references/official-sources.md +71 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/references/workflow-and-output.md +69 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/SKILL.md +142 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/agents/openai.yaml +14 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/metadata.json +34 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/references/live-environment-access.md +151 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/references/official-sources.md +83 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/references/safety-checklist.md +49 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/references/workflow-and-output.md +103 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/SKILL.md +135 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/agents/openai.yaml +14 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/metadata.json +34 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/references/live-environment-access.md +111 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/references/official-sources.md +83 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/references/safety-checklist.md +45 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/references/workflow-and-output.md +102 -0
- package/skills/sap/sap-maestro/SKILL.md +81 -0
- package/skills/sap/sap-maestro/agents/openai.yaml +11 -0
- package/skills/sap/sap-maestro/metadata.json +32 -0
- package/skills/sap/sap-maestro/references/official-sources.md +53 -0
- package/skills/sap/sap-maestro/references/safety-checklist.md +39 -0
- package/skills/sap/sap-maestro/references/workflow-and-output.md +73 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/SKILL.md +89 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/metadata.json +32 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/references/official-sources.md +79 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/references/safety-checklist.md +39 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/references/workflow-and-output.md +91 -0
- package/skills/sap/sap-mdg-master-data-quality-review/SKILL.md +85 -0
- package/skills/sap/sap-mdg-master-data-quality-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-mdg-master-data-quality-review/metadata.json +33 -0
- package/skills/sap/sap-mdg-master-data-quality-review/references/official-sources.md +89 -0
- package/skills/sap/sap-mdg-master-data-quality-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-mdg-master-data-quality-review/references/workflow-and-output.md +91 -0
- package/skills/sap/sap-order-to-cash-review/SKILL.md +89 -0
- package/skills/sap/sap-order-to-cash-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-order-to-cash-review/metadata.json +32 -0
- package/skills/sap/sap-order-to-cash-review/references/official-sources.md +79 -0
- package/skills/sap/sap-order-to-cash-review/references/safety-checklist.md +39 -0
- package/skills/sap/sap-order-to-cash-review/references/workflow-and-output.md +87 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/SKILL.md +90 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/metadata.json +32 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/references/official-sources.md +79 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/references/safety-checklist.md +38 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/references/workflow-and-output.md +87 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/SKILL.md +155 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/metadata.json +35 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/references/official-sources.md +99 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/references/safety-checklist.md +36 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/references/workflow-and-output.md +62 -0
- package/skills/sap/sap-release-change-collision-review/SKILL.md +92 -0
- package/skills/sap/sap-release-change-collision-review/agents/openai.yaml +14 -0
- package/skills/sap/sap-release-change-collision-review/metadata.json +31 -0
- package/skills/sap/sap-release-change-collision-review/references/official-sources.md +63 -0
- package/skills/sap/sap-release-change-collision-review/references/safety-checklist.md +51 -0
- package/skills/sap/sap-release-change-collision-review/references/workflow-and-output.md +85 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/SKILL.md +170 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/metadata.json +33 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/references/official-sources.md +89 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/references/safety-checklist.md +39 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/references/workflow-and-output.md +98 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/SKILL.md +88 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/metadata.json +32 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/references/official-sources.md +73 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/references/workflow-and-output.md +56 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/SKILL.md +84 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/agents/openai.yaml +14 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/metadata.json +32 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/references/official-sources.md +75 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/references/safety-checklist.md +40 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/references/workflow-and-output.md +67 -0
- package/skills/sap/sap-security-hr-legal-protocol/SKILL.md +149 -0
- package/skills/sap/sap-security-hr-legal-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-security-hr-legal-protocol/metadata.json +34 -0
- package/skills/sap/sap-security-hr-legal-protocol/references/official-sources.md +89 -0
- package/skills/sap/sap-security-hr-legal-protocol/references/safety-checklist.md +38 -0
- package/skills/sap/sap-security-hr-legal-protocol/references/workflow-and-output.md +65 -0
- package/skills/sap/sap-security-iam-grc-sod-review/SKILL.md +86 -0
- package/skills/sap/sap-security-iam-grc-sod-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-security-iam-grc-sod-review/metadata.json +33 -0
- package/skills/sap/sap-security-iam-grc-sod-review/references/official-sources.md +83 -0
- package/skills/sap/sap-security-iam-grc-sod-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-security-iam-grc-sod-review/references/workflow-and-output.md +79 -0
- package/skills/sap/sap-signavio-process-mining-value/SKILL.md +85 -0
- package/skills/sap/sap-signavio-process-mining-value/agents/openai.yaml +11 -0
- package/skills/sap/sap-signavio-process-mining-value/metadata.json +33 -0
- package/skills/sap/sap-signavio-process-mining-value/references/official-sources.md +89 -0
- package/skills/sap/sap-signavio-process-mining-value/references/safety-checklist.md +36 -0
- package/skills/sap/sap-signavio-process-mining-value/references/workflow-and-output.md +91 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/SKILL.md +92 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/metadata.json +33 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/references/official-sources.md +83 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/references/safety-checklist.md +38 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/references/workflow-and-output.md +86 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/SKILL.md +90 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/metadata.json +32 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/references/official-sources.md +79 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/references/safety-checklist.md +38 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/references/workflow-and-output.md +89 -0
- package/skills/sap/sap-testing-quality-gate-review/SKILL.md +92 -0
- package/skills/sap/sap-testing-quality-gate-review/agents/openai.yaml +14 -0
- package/skills/sap/sap-testing-quality-gate-review/metadata.json +31 -0
- package/skills/sap/sap-testing-quality-gate-review/references/official-sources.md +65 -0
- package/skills/sap/sap-testing-quality-gate-review/references/safety-checklist.md +53 -0
- package/skills/sap/sap-testing-quality-gate-review/references/workflow-and-output.md +98 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/SKILL.md +87 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/metadata.json +32 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/references/official-sources.md +71 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/references/workflow-and-output.md +69 -0
- package/skills/sap/sap-treasury-cash-risk-review/SKILL.md +90 -0
- package/skills/sap/sap-treasury-cash-risk-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-treasury-cash-risk-review/metadata.json +32 -0
- package/skills/sap/sap-treasury-cash-risk-review/references/official-sources.md +79 -0
- package/skills/sap/sap-treasury-cash-risk-review/references/safety-checklist.md +38 -0
- package/skills/sap/sap-treasury-cash-risk-review/references/workflow-and-output.md +89 -0
- package/tests/fixtures/sap-maestro-routing/expected/01-clean-core-debt.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/02-landscape-discovery.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/03-live-guard-transport.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/04-adversarial-injection.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/05-adversarial-persona.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/06-ambiguous.json +4 -0
- package/tests/fixtures/sap-maestro-routing/expected/07-secrets-bait.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/08-btp-governance.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/09-integration-suite.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/10-security-sod.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/11-cap-architecture.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/12-abap-cloud-rap.json +7 -0
- package/tests/fixtures/sap-maestro-routing/expected/13-ai-governance.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/14-datasphere.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/15-analytics-cloud.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/16-hana-cloud.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/17-s4hana-transformation.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/18-custom-code-remediation.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/19-data-migration-cutover.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/20-finance-fico.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/21-mdg-master-data.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/22-signavio.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/23-procurement-ariba.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/24-supply-chain-ibp.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/25-order-to-cash.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/26-treasury.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/27-ewm-tm.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/28-manufacturing.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/29-successfactors.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/30-joule.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/31-cloud-alm.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/32-transformation-portfolio.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/33-rise-sla.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/34-license-finops.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/35-testing-quality.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/36-release-collision.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/37-hypercare.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/38-identity-trust.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/39-fiori-ui5.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/40-audit-evidence.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/41-guard-role-assign.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/42-guard-iflow-deploy.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/43-guard-entitlement.json +6 -0
- package/tests/fixtures/sap-maestro-routing/inputs/01-clean-core-debt.json +5 -0
- package/tests/fixtures/sap-maestro-routing/inputs/02-landscape-discovery.json +5 -0
- package/tests/fixtures/sap-maestro-routing/inputs/03-live-guard-transport.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/04-adversarial-injection.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/05-adversarial-persona.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/06-ambiguous.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/07-secrets-bait.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/08-btp-governance.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/09-integration-suite.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/10-security-sod.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/11-cap-architecture.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/12-abap-cloud-rap.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/13-ai-governance.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/14-datasphere.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/15-analytics-cloud.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/16-hana-cloud.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/17-s4hana-transformation.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/18-custom-code-remediation.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/19-data-migration-cutover.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/20-finance-fico.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/21-mdg-master-data.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/22-signavio.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/23-procurement-ariba.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/24-supply-chain-ibp.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/25-order-to-cash.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/26-treasury.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/27-ewm-tm.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/28-manufacturing.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/29-successfactors.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/30-joule.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/31-cloud-alm.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/32-transformation-portfolio.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/33-rise-sla.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/34-license-finops.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/35-testing-quality.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/36-release-collision.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/37-hypercare.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/38-identity-trust.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/39-fiori-ui5.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/40-audit-evidence.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/41-guard-role-assign.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/42-guard-iflow-deploy.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/43-guard-entitlement.json +7 -0
- package/tests/fixtures/sap-maestro-routing/taxonomy.json +509 -0
- package/tests/validate-catalog.py +1 -0
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@raishin/vanguard-frontier-agentic",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.13.0",
|
|
4
4
|
"description": "Cloud and zero-trust agentic workflow marketplace for skills, agents, rules, MCP references, and compliance-aware architecture.",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"repository": {
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "vanguard-frontier-agentic",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.13.0",
|
|
4
4
|
"description": "Curated marketplace for cloud and zero-trust AI workflows. 331 agents, 286 skills, and rules across AWS, Azure, OCI, GCP, Alibaba Cloud, Huawei Cloud, Kubernetes, and Terraform.",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Raishin",
|
package/powers/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# `powers/` — Kiro Powers
|
|
2
2
|
|
|
3
|
-
This directory holds **
|
|
3
|
+
This directory holds **39 Kiro Powers** for `vanguard-frontier-agentic`, one
|
|
4
4
|
per cloud/platform/IaC provider. Each Power is a directory containing a
|
|
5
5
|
`POWER.md` file with strict-5 frontmatter and steering content.
|
|
6
6
|
|
|
@@ -42,6 +42,7 @@ powers/
|
|
|
42
42
|
├── vanguard-ovhcloud/POWER.md
|
|
43
43
|
├── vanguard-prometheus/POWER.md
|
|
44
44
|
├── vanguard-salesforce/POWER.md
|
|
45
|
+
├── vanguard-sap/POWER.md
|
|
45
46
|
├── vanguard-scaleway/POWER.md
|
|
46
47
|
├── vanguard-sigstore/POWER.md
|
|
47
48
|
├── vanguard-snowflake/POWER.md
|
|
@@ -82,7 +83,7 @@ cd vanguard-frontier-agentic
|
|
|
82
83
|
## How to update
|
|
83
84
|
|
|
84
85
|
```bash
|
|
85
|
-
# Regenerate the
|
|
86
|
+
# Regenerate the 39 Powers from catalog/agents.json + per-provider config:
|
|
86
87
|
npm run kiro-powers:write
|
|
87
88
|
|
|
88
89
|
# Then verify everything is in sync:
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: "vanguard-sap"
|
|
3
|
+
displayName: "Vanguard Frontier — SAP"
|
|
4
|
+
description: "Curated SAP agents for S/4HANA, BTP, Integration Suite, ABAP Cloud, and transport management with clean-core review and guarded mutation gates. Routes via sap-maestro to specialist agents for landscape discovery, clean-core debt review, and guarded transport imports. Transport mutations require named approver, change ticket, target-system confirmation, and completed SoD check before dispatch."
|
|
5
|
+
keywords: ["sap", "s4hana", "btp", "abap", "clean-core", "transport-management", "live-guard"]
|
|
6
|
+
author: "Raishin"
|
|
7
|
+
---
|
|
8
|
+
# Vanguard Frontier — SAP
|
|
9
|
+
|
|
10
|
+
Curated SAP agents for S/4HANA, BTP, Integration Suite, ABAP Cloud, and transport management with clean-core review and guarded mutation gates. Routes via sap-maestro to specialist agents for landscape discovery, clean-core debt review, and guarded transport imports. Transport mutations require named approver, change ticket, target-system confirmation, and completed SoD check before dispatch.
|
|
11
|
+
|
|
12
|
+
## When to engage this Power
|
|
13
|
+
|
|
14
|
+
Activate when the task references SAP services, resources, or operations. Do not activate on unrelated requests — narrow keyword matching is required to avoid false activations (Kiro Powers convention).
|
|
15
|
+
|
|
16
|
+
## Routing pattern
|
|
17
|
+
|
|
18
|
+
- **`sap-maestro-agent`** — classifies and routes the task to the right specialist
|
|
19
|
+
|
|
20
|
+
Use the maestro as the entry point: classify the task, then dispatch to one specialist or a parallel team of specialists. Never have the maestro itself execute a live mutation.
|
|
21
|
+
|
|
22
|
+
## Live-guard agents (gate_mode only)
|
|
23
|
+
|
|
24
|
+
- `sap-live-readonly-identity-trust-discovery-agent` — never auto-dispatched; gate_mode only
|
|
25
|
+
- `sap-live-readonly-landscape-discovery-agent` — never auto-dispatched; gate_mode only
|
|
26
|
+
|
|
27
|
+
Live-guard agents enforce approval, target confirmation, evidence capture, and rollback plans before executing a mutation. They are never auto-dispatched — the maestro must place them in `live-guard-gate` or `runtime-evidence-gate` mode.
|
|
28
|
+
|
|
29
|
+
## Invariants
|
|
30
|
+
|
|
31
|
+
- Never auto-dispatch the transport-import operator agent — require explicit approval, change ticket, named approver, and completed SoD check before any tp or CTS import command.
|
|
32
|
+
- Clean-core debt review is static only — never connects to a live SAP system and never accepts embedded credentials or production system IDs.
|
|
33
|
+
- Landscape discovery agents use read-only roles only (BTP subaccount viewer, CF SpaceAuditor/OrgAuditor, ABAP display user) — refuse any request that maps to a create/update/delete/deploy/assign/rotate action.
|
|
34
|
+
- All SAP API surfaces and release contracts drift between versions; verify current SAP API Business Hub documentation before applying any remediation recommendation.
|
|
35
|
+
|
|
36
|
+
## Where the agents live
|
|
37
|
+
|
|
38
|
+
Agent specs and adapters are part of the [Vanguard Frontier Agentic](https://github.com/Raishin/vanguard-frontier-agentic) marketplace. For this provider, see `agents/sap/` in that repository. All 40 agents in this provider ship a Kiro adapter (`harnesses/kiro-ide.agent.md`, `kiro-cli.agent.json`).
|
|
39
|
+
|
|
40
|
+
## Companion install paths
|
|
41
|
+
|
|
42
|
+
- **Claude Code:** `/plugin marketplace add Raishin/vanguard-frontier-agentic` then `/plugin install vanguard-frontier-agentic@vanguard-frontier-agentic`
|
|
43
|
+
- **Codex / Copilot / Cursor / Gemini CLI / Kiro (file export):** `npx vfa-export-agents --platform <harness> --provider sap --repo .`
|
|
@@ -56,7 +56,7 @@ const taxonomy = [
|
|
|
56
56
|
{ category: 'Infrastructure as Code', providers: ['terraform'] },
|
|
57
57
|
{ category: 'AI & Compute', providers: ['nvidia'] },
|
|
58
58
|
{ category: 'Developer Platforms', providers: ['backstage', 'dotnet', 'generic', 'multi-cloud'] },
|
|
59
|
-
{ category: 'ERP & Finance', providers: ['netsuite', 'accounting', 'finance'] },
|
|
59
|
+
{ category: 'ERP & Finance', providers: ['netsuite', 'accounting', 'finance', 'sap'] },
|
|
60
60
|
{ category: 'Business Functions', providers: ['salesforce', 'legal', 'hr', 'marketing'] },
|
|
61
61
|
{ category: 'Microsoft 365 & Dynamics 365', providers: ['microsoft'] },
|
|
62
62
|
{ category: 'Data & Analytics Platforms', providers: ['databricks', 'snowflake'] },
|
|
@@ -208,6 +208,18 @@ const PROVIDERS = {
|
|
|
208
208
|
"Live-guard agent (salesforce-live-guard-agent) must never be auto-dispatched; require explicit approval, target org confirmation, and rollback plan.",
|
|
209
209
|
],
|
|
210
210
|
},
|
|
211
|
+
sap: {
|
|
212
|
+
displayName: "Vanguard Frontier — SAP",
|
|
213
|
+
description:
|
|
214
|
+
"Curated SAP agents for S/4HANA, BTP, Integration Suite, ABAP Cloud, and transport management with clean-core review and guarded mutation gates. Routes via sap-maestro to specialist agents for landscape discovery, clean-core debt review, and guarded transport imports. Transport mutations require named approver, change ticket, target-system confirmation, and completed SoD check before dispatch.",
|
|
215
|
+
keywords: ["sap", "s4hana", "btp", "abap", "clean-core", "transport-management", "live-guard"],
|
|
216
|
+
invariants: [
|
|
217
|
+
"Never auto-dispatch the transport-import operator agent — require explicit approval, change ticket, named approver, and completed SoD check before any tp or CTS import command.",
|
|
218
|
+
"Clean-core debt review is static only — never connects to a live SAP system and never accepts embedded credentials or production system IDs.",
|
|
219
|
+
"Landscape discovery agents use read-only roles only (BTP subaccount viewer, CF SpaceAuditor/OrgAuditor, ABAP display user) — refuse any request that maps to a create/update/delete/deploy/assign/rotate action.",
|
|
220
|
+
"All SAP API surfaces and release contracts drift between versions; verify current SAP API Business Hub documentation before applying any remediation recommendation.",
|
|
221
|
+
],
|
|
222
|
+
},
|
|
211
223
|
microsoft: {
|
|
212
224
|
displayName: "Vanguard Frontier — Microsoft",
|
|
213
225
|
description:
|
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: sap-abap-cloud-rap-review
|
|
3
|
+
description: Review ABAP Cloud and RESTful ABAP Programming Model (RAP) artifacts for clean-core compliance, released API usage, behavior definition and implementation correctness, CDS view design, BDEF modeling quality, authorization object coverage, and ABAP unit test completeness. Use when assessing RAP business objects on S/4HANA Cloud or BTP ABAP Environment. Does not touch live systems.
|
|
4
|
+
allowed-tools: Read Grep Glob WebSearch WebFetch
|
|
5
|
+
metadata:
|
|
6
|
+
author: "github: Raishin"
|
|
7
|
+
version: "0.1.0"
|
|
8
|
+
updated: "2026-06-19"
|
|
9
|
+
category: architecture
|
|
10
|
+
lifecycle: experimental
|
|
11
|
+
---
|
|
12
|
+
|
|
13
|
+
# SAP ABAP Cloud RAP Review
|
|
14
|
+
|
|
15
|
+
## Purpose
|
|
16
|
+
|
|
17
|
+
Assess the design, correctness, and clean-core compliance of ABAP Cloud and RESTful ABAP Programming Model (RAP) artifacts. Review CDS view hierarchies for correct view type usage (interface, projection, consumption). Review Behavior Definition (BDEF) design for correct implementation type selection (managed vs. unmanaged), draft enablement, authorization master/dependent assignment, and association exposure. Review Behavior Implementation (ABAP classes) for authorization object checks, action implementations, validation completeness, and forbidden language constructs. Assess released API consumption: confirm only C1/C2 released objects are used. Review ABAP unit tests for behavior test double usage, test isolation, and rollback patterns. Does not connect to or mutate any live ABAP system.
|
|
18
|
+
|
|
19
|
+
## When to use
|
|
20
|
+
|
|
21
|
+
Use this skill when the user asks to:
|
|
22
|
+
|
|
23
|
+
- review CDS view definitions for correct view type (data definition, projection, consumption) and annotation completeness (metadata extensions, UI, search, access control),
|
|
24
|
+
- assess Behavior Definition (BDEF) design: managed vs. unmanaged selection, draft enablement, alias assignment, feature control, action and function declarations, association exposure,
|
|
25
|
+
- review Behavior Implementation classes (ZBP_*) for authorization object checks (`AUTHORITY-CHECK`), action method completeness, validation messages, and determination logic,
|
|
26
|
+
- verify released API compliance: confirm only objects with C1 or C2 release contracts are used; flag any consumption of NOT_RELEASED or DEPRECATED SAP objects,
|
|
27
|
+
- assess ABAP Cloud tier compliance: identify forbidden language constructs (dynamic SQL, classic OPEN SQL with client-dependent access, direct access to SAP internal tables),
|
|
28
|
+
- review ABAP unit test quality: behavior test doubles (`if_abap_behv_test_environment`), CDS test environment (`if_cds_test_environment`), test class isolation, and `ROLLBACK ENTITIES` teardown,
|
|
29
|
+
- evaluate RAP business object composition: root vs. child entity hierarchy, composition relationships, UUID-based key design, ETag handling, and total ETag vs. field-level ETag selection.
|
|
30
|
+
|
|
31
|
+
## When not to use
|
|
32
|
+
|
|
33
|
+
- When the request is about CAP (Node.js/Java) side-by-side extensions on BTP — use `sap-cap-architecture-review`.
|
|
34
|
+
- When the request is about legacy ABAP custom code (Z/Y programs, function modules, classic user exits) rather than RAP objects — use `sap-clean-core-debt-review`.
|
|
35
|
+
- When the request requires live ABAP system access, SE80 navigation, or ABAP Test Cockpit execution — this skill accepts only user-provided ABAP source code, CDS DDL files, BDEF definitions, or written descriptions.
|
|
36
|
+
- When the request is about Integration Suite or API Management configuration — use `sap-integration-suite-review`.
|
|
37
|
+
|
|
38
|
+
## Does not touch live systems
|
|
39
|
+
|
|
40
|
+
This skill operates on user-provided ABAP source code snippets, CDS DDL source, BDEF source, metadata extension files, access control definitions, or written descriptions of the RAP object model. It does not connect to any ABAP system, ABAP Development Tools (ADT), SAP S/4HANA system, or BTP ABAP Environment tenant. All live inspection is out of scope.
|
|
41
|
+
|
|
42
|
+
## Lean operating rules
|
|
43
|
+
|
|
44
|
+
- Classify findings before recommending. Every finding must be assigned to a review domain (CDS Views / BDEF / Behavior Implementation / Released API Compliance / ABAP Unit Tests / Object Composition) before remediation is proposed.
|
|
45
|
+
- Released API compliance is non-negotiable in ABAP Cloud. Any ABAP Cloud object that consumes a NOT_RELEASED SAP object is non-compliant. This is a `high` finding with upgrade-blocking risk.
|
|
46
|
+
- Authorization checks must be implemented in the authorization master. For a RAP business object with `authorization master ( global )`, the `CHECK_AUTHORIZATION` method in the behavior implementation class must perform `AUTHORITY-CHECK` for every relevant operation. An absent or pass-through `AUTHORITY-CHECK` simulation left from development is a `critical` finding in production-bound code.
|
|
47
|
+
- Managed RAP is preferred for greenfield transactional objects. An unmanaged RAP implementation for a new transactional business object without explicit justification (e.g., wrapping a legacy function module) is a `medium` finding.
|
|
48
|
+
- Draft must be explicitly enabled in the BDEF. A RAP business object that requires Fiori Elements draft editing but lacks `with draft;` in the BDEF and `draft table` configuration in the CDS view is a `high` finding for UI correctness.
|
|
49
|
+
- ABAP unit tests must use test doubles, not live data. Test methods that execute `MODIFY ENTITIES` or `READ ENTITIES` against a live ABAP system database without a test double environment are `high` findings for test isolation.
|
|
50
|
+
- `ROLLBACK ENTITIES` is required in test teardown. An ABAP unit test class for a RAP business object that modifies test data without `ROLLBACK ENTITIES` in `teardown` is a `medium` finding.
|
|
51
|
+
- Evidence from official SAP ABAP Cloud and RAP documentation takes precedence over inference.
|
|
52
|
+
- Load only the reference needed for the component in scope.
|
|
53
|
+
|
|
54
|
+
## Evidence rules
|
|
55
|
+
|
|
56
|
+
Label all claims with one of:
|
|
57
|
+
|
|
58
|
+
- `documentation-based` — grounded in official SAP ABAP Cloud docs, SAP RAP documentation (help.sap.com/docs/abap-cloud), or SAP Help Portal
|
|
59
|
+
- `user-provided evidence` — ABAP source code, CDS DDL definitions, BDEF source, access control definitions, or written descriptions provided by the user
|
|
60
|
+
- `context7-supplementary` — grounded in RAP openSAP sample code from Context7 (supplementary to official SAP docs; applies for authorization implementation patterns and ABAP unit test patterns)
|
|
61
|
+
- `inference` — derived reasoning not directly confirmed by official docs or user evidence
|
|
62
|
+
|
|
63
|
+
## Live-environment rules
|
|
64
|
+
|
|
65
|
+
**This skill does not touch live systems.** There is no ABAP system RFC connection, ADT API call, SAP S/4HANA OData service call, or BTP ABAP Environment tenant access in this skill's execution path. Users must supply ABAP source code, CDS DDL source, BDEF definitions, or written descriptions for this skill to review.
|
|
66
|
+
|
|
67
|
+
## References
|
|
68
|
+
|
|
69
|
+
Load only when needed:
|
|
70
|
+
|
|
71
|
+
- [Workflow and output contract](references/workflow-and-output.md) — review domain taxonomy, severity classification, output format.
|
|
72
|
+
- [Safety checklist](references/safety-checklist.md) — non-negotiables, common RAP mistakes, when to push back.
|
|
73
|
+
- [Official sources](references/official-sources.md) — SAP ABAP Cloud docs, RAP documentation, released API references, ABAP unit testing.
|
|
74
|
+
- [Context7 framework docs](references/context7-framework-docs.md) — RAP authorization implementation and ABAP unit test patterns (supplementary; applies for behavior implementation and test design).
|
|
75
|
+
|
|
76
|
+
## Response minimum
|
|
77
|
+
|
|
78
|
+
Return, at minimum:
|
|
79
|
+
|
|
80
|
+
- **Problem classification**: review domain(s) in scope and specific finding(s) per domain.
|
|
81
|
+
- **Evidence used**: documentation-based / user-provided evidence / context7-supplementary / inference.
|
|
82
|
+
- **Risk level**: critical (security or data integrity risk) / high (correctness, upgrade-blocking, or operational risk) / medium (governance or maintainability gap) / low (best practice deviation).
|
|
83
|
+
- **Recommended action**: specific remediation per finding (add `AUTHORITY-CHECK`, add `with draft;` to BDEF, replace NOT_RELEASED object with C1 equivalent, add `ROLLBACK ENTITIES` to teardown, etc.).
|
|
84
|
+
- **Refusal / escalation triggers**: if live ABAP system access, ATC execution, or ADT navigation is required to complete the review, state that clearly and do not proceed.
|
|
85
|
+
- **Business impact**: upgrade-blocking risk, security exposure, Fiori UI correctness failure, or test reliability gap.
|
|
86
|
+
- **Next verification step**: validate released API candidates against current SAP API Business Hub release contracts; validate forbidden construct findings against the ABAP Cloud 2.0 tier list for the target system version.
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
interface:
|
|
2
|
+
display_name: "SAP ABAP Cloud RAP Review"
|
|
3
|
+
short_description: "Review ABAP Cloud and RAP artifacts for clean-core compliance, released API usage, BDEF/CDS correctness, authorization checks, and ABAP unit test quality"
|
|
4
|
+
default_prompt: "Use $sap-abap-cloud-rap-review to assess the provided ABAP Cloud or RAP artifacts. Classify findings by domain (CDS Views / BDEF / Behavior Implementation / Released API Compliance / ABAP Unit Tests / Object Composition), assign severity (critical / high / medium / low), state evidence level (documentation-based / user-provided evidence / context7-supplementary / inference), and recommend specific remediation per finding. Flag any pass-through AUTHORITY-CHECK simulations or NOT_RELEASED API consumption as critical or high."
|
|
5
|
+
dependencies:
|
|
6
|
+
tools:
|
|
7
|
+
- type: "web"
|
|
8
|
+
value: "https://api.sap.com/"
|
|
9
|
+
description: "SAP API Business Hub — verify release contracts (C1/C2) for ABAP objects proposed as replacement targets in released API compliance findings"
|
|
10
|
+
policy:
|
|
11
|
+
allow_implicit_invocation: true
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "sap-abap-cloud-rap-review",
|
|
3
|
+
"name": "SAP ABAP Cloud RAP Review",
|
|
4
|
+
"type": "skill",
|
|
5
|
+
"provider": "sap",
|
|
6
|
+
"harnesses": [
|
|
7
|
+
"claude-code",
|
|
8
|
+
"codex",
|
|
9
|
+
"cursor",
|
|
10
|
+
"gemini",
|
|
11
|
+
"kiro",
|
|
12
|
+
"other"
|
|
13
|
+
],
|
|
14
|
+
"summary": "Review ABAP Cloud and RAP artifacts for clean-core compliance, released API usage, behavior definition and implementation correctness, CDS view design, BDEF modeling quality, authorization object coverage, and ABAP unit test completeness. Does not access live systems.",
|
|
15
|
+
"source_type": "original",
|
|
16
|
+
"category": "architecture",
|
|
17
|
+
"official_docs": [
|
|
18
|
+
"https://help.sap.com/docs/abap-cloud/abap-rap/abap-restful-application-programming-model",
|
|
19
|
+
"https://help.sap.com/docs/abap-cloud/abap-cloud/what-is-abap-cloud",
|
|
20
|
+
"https://help.sap.com/docs/abap-cloud/abap-rap/behavior-definition",
|
|
21
|
+
"https://help.sap.com/docs/abap-cloud/abap-rap/cds-data-model",
|
|
22
|
+
"https://help.sap.com/docs/abap-cloud/abap-rap/authorization-control",
|
|
23
|
+
"https://help.sap.com/docs/abap-cloud/abap-rap/draft-handling",
|
|
24
|
+
"https://help.sap.com/docs/abap-cloud/abap-rap/abap-unit-tests-for-rap-business-objects",
|
|
25
|
+
"https://help.sap.com/docs/abap-cloud/abap-cloud/released-abap-object-types",
|
|
26
|
+
"https://api.sap.com/products/SAPS4HANACloud/overview"
|
|
27
|
+
],
|
|
28
|
+
"security_notes": "Does not access live ABAP systems, SAP S/4HANA tenants, BTP ABAP Environment tenants, or ADT. Accepts only user-provided ABAP source code, CDS DDL definitions, BDEF source, or written descriptions. Never request or accept system credentials, RFC destinations, BTP service keys, or client secrets. Authorization findings (missing AUTHORITY-CHECK, pass-through simulation) must be validated in context of the target system's authorization objects before production deployment.",
|
|
29
|
+
"last_verified": "2026-06-19",
|
|
30
|
+
"path": "skills/sap/sap-abap-cloud-rap-review",
|
|
31
|
+
"author": "github: Raishin",
|
|
32
|
+
"version": "0.1.0",
|
|
33
|
+
"lifecycle": "experimental"
|
|
34
|
+
}
|
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
# Context7 framework docs — SAP ABAP Cloud RAP Review
|
|
2
|
+
|
|
3
|
+
**Role**: supplementary. Official SAP ABAP Cloud and RAP documentation (help.sap.com/docs/abap-cloud) is the primary source for all RAP architecture guidance. Context7-sourced RAP openSAP sample code supplements with implementation-level patterns for authorization checks and ABAP unit testing.
|
|
4
|
+
|
|
5
|
+
**Library used**: ABAP RESTful Application Programming Model openSAP Samples
|
|
6
|
+
Context7 library ID: `/sap-samples/abap-platform-rap-opensap`
|
|
7
|
+
Lookup target: RAP behavior definition authorization checks, AUTHORITY-CHECK implementation, ABAP unit test patterns, CDS test environment, ROLLBACK ENTITIES
|
|
8
|
+
Skill: `sap-abap-cloud-rap-review`
|
|
9
|
+
Classification: supplementary
|
|
10
|
+
|
|
11
|
+
---
|
|
12
|
+
|
|
13
|
+
## RAP authorization — AUTHORITY-CHECK for update operations (supplementary)
|
|
14
|
+
|
|
15
|
+
Source: sap-samples/abap-platform-rap-opensap (Context7 `/sap-samples/abap-platform-rap-opensap`)
|
|
16
|
+
Reference: https://github.com/sap-samples/abap-platform-rap-opensap/blob/main/week3/sources/W3U7_CLAS_ZBP_I_RAP_TRAVEL.txt
|
|
17
|
+
|
|
18
|
+
```abap
|
|
19
|
+
METHOD is_update_granted.
|
|
20
|
+
IF has_before_image = abap_true.
|
|
21
|
+
AUTHORITY-CHECK OBJECT 'ZOSTAT####'
|
|
22
|
+
ID 'ZOSTAT####' FIELD travel_status
|
|
23
|
+
ID 'ACTVT' FIELD '02'.
|
|
24
|
+
ELSE.
|
|
25
|
+
AUTHORITY-CHECK OBJECT 'ZOSTAT####'
|
|
26
|
+
ID 'ZOSTAT####' DUMMY
|
|
27
|
+
ID 'ACTVT' FIELD '02'.
|
|
28
|
+
ENDIF.
|
|
29
|
+
update_granted = COND #( WHEN sy-subrc = 0 THEN abap_true ELSE abap_false ).
|
|
30
|
+
|
|
31
|
+
" Simulate full access - for testing purposes only! Needs to be removed for a productive implementation.
|
|
32
|
+
update_granted = abap_true.
|
|
33
|
+
ENDMETHOD.
|
|
34
|
+
```
|
|
35
|
+
|
|
36
|
+
**Relevance**: The `update_granted = abap_true` line is a documented development-only simulation. Any production-bound behavior implementation containing this line without removal is a `critical` finding. The correct production pattern is `AUTHORITY-CHECK` with `sy-subrc = 0` evaluation only — no pass-through override.
|
|
37
|
+
|
|
38
|
+
Activity codes: `'02'` = Update, `'06'` = Delete, `'01'` = Create.
|
|
39
|
+
|
|
40
|
+
---
|
|
41
|
+
|
|
42
|
+
## RAP authorization — operation-level result mapping (supplementary)
|
|
43
|
+
|
|
44
|
+
Source: sap-samples/abap-platform-rap-opensap (Context7 `/sap-samples/abap-platform-rap-opensap`)
|
|
45
|
+
Reference: https://github.com/sap-samples/abap-platform-rap-opensap/blob/main/week3/unit6.md
|
|
46
|
+
|
|
47
|
+
```abap
|
|
48
|
+
APPEND VALUE #( %tky = travel-%tky
|
|
49
|
+
%update = COND #( WHEN update_granted = abap_true THEN if_abap_behv=>auth-allowed ELSE if_abap_behv=>auth-unauthorized )
|
|
50
|
+
%action-acceptTravel = COND #( WHEN update_granted = abap_true THEN if_abap_behv=>auth-allowed ELSE if_abap_behv=>auth-unauthorized )
|
|
51
|
+
%action-rejectTravel = COND #( WHEN update_granted = abap_true THEN if_abap_behv=>auth-allowed ELSE if_abap_behv=>auth-unauthorized )
|
|
52
|
+
%assoc-_Booking = COND #( WHEN update_granted = abap_true THEN if_abap_behv=>auth-allowed ELSE if_abap_behv=>auth-unauthorized )
|
|
53
|
+
%delete = COND #( WHEN delete_granted = abap_true THEN if_abap_behv=>auth-allowed ELSE if_abap_behv=>auth-unauthorized )
|
|
54
|
+
)
|
|
55
|
+
TO result.
|
|
56
|
+
```
|
|
57
|
+
|
|
58
|
+
**Relevance**: The `result` table in `CHECK_AUTHORIZATION` must enumerate all operations (`%update`, `%delete`, `%action-*`, `%assoc-*`) and assign `if_abap_behv=>auth-allowed` or `if_abap_behv=>auth-unauthorized` for each. A missing operation entry results in the RAP framework defaulting to `auth-allowed` for that operation — a silent authorization bypass.
|
|
59
|
+
|
|
60
|
+
---
|
|
61
|
+
|
|
62
|
+
## RAP unit testing — integration test class structure (supplementary)
|
|
63
|
+
|
|
64
|
+
Source: sap-samples/abap-platform-rap-opensap (Context7 `/sap-samples/abap-platform-rap-opensap`)
|
|
65
|
+
Reference: https://github.com/sap-samples/abap-platform-rap-opensap/blob/main/week4/unit3.md
|
|
66
|
+
|
|
67
|
+
```abap
|
|
68
|
+
CLASS ltcl_integration_test DEFINITION FINAL FOR TESTING
|
|
69
|
+
DURATION SHORT
|
|
70
|
+
RISK LEVEL HARMLESS.
|
|
71
|
+
|
|
72
|
+
PRIVATE SECTION.
|
|
73
|
+
CLASS-DATA:
|
|
74
|
+
cds_test_environment TYPE REF TO if_cds_test_environment.
|
|
75
|
+
|
|
76
|
+
CLASS-METHODS:
|
|
77
|
+
class_setup,
|
|
78
|
+
class_teardown.
|
|
79
|
+
METHODS:
|
|
80
|
+
setup,
|
|
81
|
+
teardown.
|
|
82
|
+
METHODS:
|
|
83
|
+
create_travel FOR TESTING RAISING cx_static_check.
|
|
84
|
+
ENDCLASS.
|
|
85
|
+
|
|
86
|
+
CLASS ltcl_integration_test IMPLEMENTATION.
|
|
87
|
+
METHOD class_setup.
|
|
88
|
+
cds_test_environment = cl_cds_test_environment=>create_for_multiple_cds(
|
|
89
|
+
i_for_entities = VALUE #( ( i_for_entity = 'zi_rap_travel_u_####' )
|
|
90
|
+
( i_for_entity = 'zi_rap_booking_u_####' ) )
|
|
91
|
+
).
|
|
92
|
+
ENDMETHOD.
|
|
93
|
+
|
|
94
|
+
METHOD class_teardown.
|
|
95
|
+
cds_test_environment->destroy( ).
|
|
96
|
+
ENDMETHOD.
|
|
97
|
+
|
|
98
|
+
METHOD teardown.
|
|
99
|
+
ROLLBACK ENTITIES.
|
|
100
|
+
cds_test_environment->clear_doubles( ).
|
|
101
|
+
ENDMETHOD.
|
|
102
|
+
ENDCLASS.
|
|
103
|
+
```
|
|
104
|
+
|
|
105
|
+
**Relevance**: Required structural pattern for RAP integration tests:
|
|
106
|
+
- `cl_cds_test_environment=>create_for_multiple_cds()` creates CDS test doubles to avoid live data access.
|
|
107
|
+
- `cds_test_environment->destroy()` in `class_teardown` is mandatory to clean up test doubles.
|
|
108
|
+
- `ROLLBACK ENTITIES` in `teardown` is mandatory to roll back any entity modifications between test methods.
|
|
109
|
+
- Missing any of these constitutes a test isolation finding.
|
|
110
|
+
|
|
111
|
+
---
|
|
112
|
+
|
|
113
|
+
## Scope boundaries for Context7 usage
|
|
114
|
+
|
|
115
|
+
Context7 RAP openSAP sample documentation applies to:
|
|
116
|
+
|
|
117
|
+
- **Authorization implementation**: `AUTHORITY-CHECK` patterns, operation-level result mapping in `CHECK_AUTHORIZATION`
|
|
118
|
+
- **ABAP unit tests**: CDS test environment setup, test class structure, `ROLLBACK ENTITIES` teardown
|
|
119
|
+
|
|
120
|
+
It does not replace official SAP Help Portal guidance for:
|
|
121
|
+
- BDEF syntax and keyword reference (use help.sap.com/docs/abap-cloud/abap-rap/behavior-definition)
|
|
122
|
+
- CDS view type definitions and access control (use help.sap.com/docs/abap-cloud/abap-rap/cds-data-model)
|
|
123
|
+
- Released API release contract verification (use api.sap.com)
|
|
124
|
+
- ABAP Cloud tier-2 forbidden construct list (use help.sap.com/docs/abap-cloud/abap-cloud/what-is-abap-cloud)
|
|
125
|
+
|
|
126
|
+
Always label Context7-sourced guidance as `context7-supplementary` in responses.
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
# Official sources — SAP ABAP Cloud RAP Review
|
|
2
|
+
|
|
3
|
+
Use this reference when grounding RAP behavior definition design, CDS view modeling, authorization control, draft handling, ABAP unit testing, and released API compliance.
|
|
4
|
+
|
|
5
|
+
**Evidence level**: documentation-based (SAP Help Portal — help.sap.com/docs/abap-cloud, SAP API Business Hub). No live-system evidence is collected by this skill.
|
|
6
|
+
|
|
7
|
+
## RAP core documentation
|
|
8
|
+
|
|
9
|
+
- ABAP RESTful Application Programming Model (RAP) — overview
|
|
10
|
+
https://help.sap.com/docs/abap-cloud/abap-rap/abap-restful-application-programming-model
|
|
11
|
+
source_owner: SAP SE
|
|
12
|
+
topic_supported: RAP programming model overview, business object layers, OData service generation, RAP on S/4HANA and BTP ABAP Environment
|
|
13
|
+
why_needed: Primary taxonomy for RAP artifact classification and component role assignment
|
|
14
|
+
evidence_level: primary
|
|
15
|
+
last_verified: 2026-06-19
|
|
16
|
+
|
|
17
|
+
- What is ABAP Cloud
|
|
18
|
+
https://help.sap.com/docs/abap-cloud/abap-cloud/what-is-abap-cloud
|
|
19
|
+
source_owner: SAP SE
|
|
20
|
+
topic_supported: ABAP Cloud programming model tiers, tier-2 compliance rules, forbidden language constructs, object release status
|
|
21
|
+
why_needed: Defines the ABAP Cloud tier compliance rules that govern what is and is not permitted in clean-core RAP objects
|
|
22
|
+
evidence_level: primary
|
|
23
|
+
last_verified: 2026-06-19
|
|
24
|
+
|
|
25
|
+
## Behavior Definition (BDEF)
|
|
26
|
+
|
|
27
|
+
- RAP Behavior Definition
|
|
28
|
+
https://help.sap.com/docs/abap-cloud/abap-rap/behavior-definition
|
|
29
|
+
source_owner: SAP SE
|
|
30
|
+
topic_supported: BDEF syntax, managed vs. unmanaged implementation type, draft enablement (with draft), authorization master/dependent, alias, feature control, action and function declarations, association exposure
|
|
31
|
+
why_needed: Authoritative reference for BDEF correctness review; defines required keywords and their semantics
|
|
32
|
+
evidence_level: primary
|
|
33
|
+
last_verified: 2026-06-19
|
|
34
|
+
|
|
35
|
+
## CDS data model
|
|
36
|
+
|
|
37
|
+
- RAP CDS Data Model
|
|
38
|
+
https://help.sap.com/docs/abap-cloud/abap-rap/cds-data-model
|
|
39
|
+
source_owner: SAP SE
|
|
40
|
+
topic_supported: Interface CDS views (data definitions), projection CDS views, consumption views, CDS metadata extensions, access control (DCL), draft table configuration, UUID key design
|
|
41
|
+
why_needed: Defines the three-layer CDS view hierarchy (interface / projection / consumption) and access control (DCL) patterns; used to classify view type misuse and annotation gaps
|
|
42
|
+
evidence_level: primary
|
|
43
|
+
last_verified: 2026-06-19
|
|
44
|
+
|
|
45
|
+
## Authorization control
|
|
46
|
+
|
|
47
|
+
- RAP Authorization Control
|
|
48
|
+
https://help.sap.com/docs/abap-cloud/abap-rap/authorization-control
|
|
49
|
+
source_owner: SAP SE
|
|
50
|
+
topic_supported: Authorization master and dependent assignment in BDEF, CHECK_AUTHORIZATION method implementation, AUTHORITY-CHECK for RAP operations, instance-based authorization
|
|
51
|
+
why_needed: Defines the RAP authorization model; used to classify missing or pass-through authorization checks
|
|
52
|
+
evidence_level: primary
|
|
53
|
+
last_verified: 2026-06-19
|
|
54
|
+
|
|
55
|
+
## Draft handling
|
|
56
|
+
|
|
57
|
+
- RAP Draft Handling
|
|
58
|
+
https://help.sap.com/docs/abap-cloud/abap-rap/draft-handling
|
|
59
|
+
source_owner: SAP SE
|
|
60
|
+
topic_supported: Draft-enabled entities, draft table configuration, draftActivate action, BeforeSave validation, lock expiry, draft discard, ETag handling
|
|
61
|
+
why_needed: Defines RAP draft implementation requirements; used to identify incomplete draft configuration and missing validation handlers
|
|
62
|
+
evidence_level: primary
|
|
63
|
+
last_verified: 2026-06-19
|
|
64
|
+
|
|
65
|
+
## ABAP unit testing for RAP
|
|
66
|
+
|
|
67
|
+
- ABAP Unit Tests for RAP Business Objects
|
|
68
|
+
https://help.sap.com/docs/abap-cloud/abap-rap/abap-unit-tests-for-rap-business-objects
|
|
69
|
+
source_owner: SAP SE
|
|
70
|
+
topic_supported: if_abap_behv_test_environment, if_cds_test_environment, test class structure, MODIFY ENTITIES test calls, ROLLBACK ENTITIES teardown, test double creation
|
|
71
|
+
why_needed: Defines correct RAP unit test patterns; used to classify missing test doubles and absent teardown methods
|
|
72
|
+
evidence_level: primary
|
|
73
|
+
last_verified: 2026-06-19
|
|
74
|
+
|
|
75
|
+
## Released API compliance
|
|
76
|
+
|
|
77
|
+
- Released ABAP Object Types
|
|
78
|
+
https://help.sap.com/docs/abap-cloud/abap-cloud/released-abap-object-types
|
|
79
|
+
source_owner: SAP SE
|
|
80
|
+
topic_supported: C1/C2 release contract definitions, object release status (RELEASED, NOT_RELEASED, DEPRECATED), what is permitted in ABAP Cloud tier-1 and tier-2
|
|
81
|
+
why_needed: Defines the release contract taxonomy used for classifying NOT_RELEASED API consumption findings
|
|
82
|
+
evidence_level: primary
|
|
83
|
+
last_verified: 2026-06-19
|
|
84
|
+
|
|
85
|
+
- SAP API Business Hub — SAP S/4HANA Cloud product overview and released APIs
|
|
86
|
+
https://api.sap.com/products/SAPS4HANACloud/overview
|
|
87
|
+
source_owner: SAP SE
|
|
88
|
+
topic_supported: C1/C2 released API catalog for S/4HANA and BTP ABAP Environment; used to verify replacement candidates for NOT_RELEASED objects
|
|
89
|
+
why_needed: Authoritative source for confirming which ABAP objects carry a release contract; must be used to validate any proposed replacement API
|
|
90
|
+
evidence_level: primary
|
|
91
|
+
last_verified: 2026-06-19
|
|
92
|
+
|
|
93
|
+
## Grounding rule
|
|
94
|
+
|
|
95
|
+
SAP Help Portal documentation describes design intent, required patterns, and release contracts. It does not prove which objects exist in the user's ABAP system, what their release status is in a specific system version, or whether SAP notes have been applied. Users must supply ABAP source code, CDS DDL definitions, BDEF source, or written descriptions of their RAP object model for concrete assessment.
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# Safety checklist — SAP ABAP Cloud RAP Review
|
|
2
|
+
|
|
3
|
+
Use before making any finding or remediation recommendation, especially for authorization and released API compliance findings.
|
|
4
|
+
|
|
5
|
+
## Non-negotiables
|
|
6
|
+
|
|
7
|
+
- Do not access, connect to, or request access to any live ABAP system, SAP S/4HANA tenant, or BTP ABAP Environment. This skill reviews artifacts only.
|
|
8
|
+
- Do not accept or request system credentials, RFC connection parameters, logon data, BTP service keys, or client secrets.
|
|
9
|
+
- Do not classify `update_granted = abap_true` (simulated full access) as acceptable in production-bound code. This pattern is explicitly documented as a development-only simulation that must be removed before production deployment.
|
|
10
|
+
- Do not validate release contract status from memory alone. Direct the user to verify proposed C1/C2 alternatives on SAP API Business Hub (api.sap.com) for the specific S/4HANA or BTP ABAP Environment version in scope.
|
|
11
|
+
- Do not recommend consuming NOT_RELEASED SAP internal objects as a remediation step, even if they are technically functional. Only C1/C2 released objects are clean-core compliant in ABAP Cloud.
|
|
12
|
+
- Do not classify a RAP business object's authorization coverage as complete without reviewing the `CHECK_AUTHORIZATION` method implementation. A BDEF with `authorization master ( global )` is meaningless if the method contains pass-through logic.
|
|
13
|
+
- Do not confuse RAP managed and unmanaged implementation types. Managed RAP uses the RAP framework for persistence; unmanaged RAP delegates to custom code. The wrong selection affects OData behavior, draft support, and lock handling.
|
|
14
|
+
|
|
15
|
+
## What people get wrong
|
|
16
|
+
|
|
17
|
+
- **Leaving AUTHORITY-CHECK simulation in production**: The `update_granted = abap_true` simulation pattern is a documented development shortcut from openSAP exercises. Any behavior implementation containing this in a production-bound branch is a critical security finding.
|
|
18
|
+
- **Treating `authorization master ( global )` as sufficient**: Declaring `authorization master ( global )` in the BDEF is a structural declaration, not an authorization guarantee. The `CHECK_AUTHORIZATION` method must implement actual `AUTHORITY-CHECK` statements for it to be meaningful.
|
|
19
|
+
- **Assuming draft works without draft table**: `with draft;` in the BDEF requires a matching `draft table` definition in the CDS interface view. Missing the CDS-side draft table causes a runtime error on activation.
|
|
20
|
+
- **Using interface views directly in service bindings**: Interface views should not appear directly in service bindings. The correct pattern is: interface view → projection view → service definition → service binding.
|
|
21
|
+
- **Confusing ROLLBACK WORK and ROLLBACK ENTITIES**: In RAP unit tests, `ROLLBACK ENTITIES` is the correct teardown mechanism, not `ROLLBACK WORK`. Using `ROLLBACK WORK` does not clean up the RAP buffer.
|
|
22
|
+
- **Asserting only initial result in unit tests**: A test that only asserts `assert_initial( failed-travel )` without asserting expected field values provides weak coverage — the test passes even if the result is empty.
|
|
23
|
+
|
|
24
|
+
## When to push back
|
|
25
|
+
|
|
26
|
+
- Push back when the user asks for an authorization compliance ruling without providing the behavior implementation class source code for `CHECK_AUTHORIZATION`.
|
|
27
|
+
- Push back when the user proposes to keep a `update_granted = abap_true` simulation in code that will go to production.
|
|
28
|
+
- Push back when released API compliance is in scope but no ABAP source code or object list is provided for review.
|
|
29
|
+
- Push back when the request involves live ABAP system access, ATC execution, or object navigation — redirect to SAP ABAP Test Cockpit or `sap-clean-core-debt-review` for live object enumeration first.
|
|
30
|
+
- Push back when the user proposes consuming a NOT_RELEASED SAP object as a workaround and presents performance or convenience as justification.
|
|
31
|
+
|
|
32
|
+
## Evidence labels
|
|
33
|
+
|
|
34
|
+
- `documentation-based` — grounded in official SAP ABAP Cloud docs (help.sap.com/docs/abap-cloud) or SAP Help Portal RAP documentation
|
|
35
|
+
- `user-provided evidence` — ABAP source code, CDS DDL, BDEF source, metadata extensions, or written descriptions provided by the user
|
|
36
|
+
- `context7-supplementary` — RAP authorization and unit test patterns from Context7 openSAP sample repository (supplementary to official SAP docs)
|
|
37
|
+
- `inference` — derived reasoning not directly confirmed; must always be labeled as such
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
# Workflow and output contract — SAP ABAP Cloud RAP Review
|
|
2
|
+
|
|
3
|
+
Use this reference for all classification, severity assignment, and output formatting.
|
|
4
|
+
|
|
5
|
+
## Review domain taxonomy
|
|
6
|
+
|
|
7
|
+
| Domain | Scope |
|
|
8
|
+
|--------|-------|
|
|
9
|
+
| `CDS Views` | View type selection (interface/projection/consumption), annotation completeness, metadata extensions, access control (DCL), UUID key design, draft table configuration |
|
|
10
|
+
| `BDEF` | Implementation type (managed/unmanaged), draft enablement, authorization master/dependent, alias, feature control, action/function declarations, association exposure |
|
|
11
|
+
| `Behavior Implementation` | AUTHORITY-CHECK coverage, action method completeness, validation message patterns, determination logic, forbidden language constructs |
|
|
12
|
+
| `Released API Compliance` | C1/C2 contract verification, NOT_RELEASED consumption, DEPRECATED object usage, tier-2 compliance |
|
|
13
|
+
| `ABAP Unit Tests` | Test double usage (if_abap_behv_test_environment / if_cds_test_environment), test class structure, ROLLBACK ENTITIES teardown, CREATE ENTITIES test correctness |
|
|
14
|
+
| `Object Composition` | Root vs. child entity hierarchy, composition relationship completeness, ETag strategy, UUID vs. semantic key trade-offs |
|
|
15
|
+
|
|
16
|
+
## Severity classification
|
|
17
|
+
|
|
18
|
+
| Severity | Meaning | Examples |
|
|
19
|
+
|----------|---------|---------|
|
|
20
|
+
| `critical` | Security breach or data integrity loss risk | AUTHORITY-CHECK simulation left active in production-bound code; authorization master method returning allowed without any check |
|
|
21
|
+
| `high` | Functional, correctness, or upgrade-blocking risk | NOT_RELEASED API consumption; missing `with draft;` on a BO requiring Fiori draft editing; missing draftActivate method; unmanaged RAP with no justification |
|
|
22
|
+
| `medium` | Governance, maintainability, or test isolation gap | ROLLBACK ENTITIES missing in test teardown; CDS metadata extension annotations on wrong view layer; unmanaged implementation where managed would suffice |
|
|
23
|
+
| `low` | Best practice deviation or code quality concern | Inconsistent CDS naming conventions; missing alias in BDEF; action not declared as static where appropriate |
|
|
24
|
+
|
|
25
|
+
## Common finding patterns
|
|
26
|
+
|
|
27
|
+
### BDEF
|
|
28
|
+
- `with draft;` absent on a root entity that requires Fiori Elements draft editing (high)
|
|
29
|
+
- `authorization master ( global )` declared but CHECK_AUTHORIZATION never implemented in the behavior implementation class (critical)
|
|
30
|
+
- `authorization dependent by _ParentAssociation` incorrectly used on the root entity (high — only valid for child entities)
|
|
31
|
+
- Unmanaged BDEF without documented justification on a greenfield BO (medium)
|
|
32
|
+
|
|
33
|
+
### Behavior Implementation
|
|
34
|
+
- `update_granted = abap_true` or `delete_granted = abap_true` hard-coded without actual `AUTHORITY-CHECK` — simulation left from development (critical)
|
|
35
|
+
- `AUTHORITY-CHECK OBJECT` used for update but not for delete (high — asymmetric authorization check)
|
|
36
|
+
- Missing `APPEND VALUE #(...) TO reported-travel` for unauthorized operations — authorization failure not surfaced to the caller (high)
|
|
37
|
+
- Validation method that returns without any `APPEND TO failed` or `APPEND TO reported` (high — silent failure)
|
|
38
|
+
|
|
39
|
+
### CDS Views
|
|
40
|
+
- Interface view directly used in service binding instead of projection view (medium — bypass of projection separation)
|
|
41
|
+
- Access control (DCL) missing on interface view (high for sensitive entities)
|
|
42
|
+
- Draft table not defined on the root CDS interface view while `with draft;` is in the BDEF (high — runtime error)
|
|
43
|
+
- Metadata extension annotations placed on interface view instead of projection view (medium)
|
|
44
|
+
|
|
45
|
+
### Released API Compliance
|
|
46
|
+
- Direct SELECT from SAP standard database table without C1 released CDS view equivalent (high)
|
|
47
|
+
- Consumption of a function module or BAPI with no C1/C2 release contract in ABAP Cloud context (high)
|
|
48
|
+
- Use of DEPRECATED released objects without noting migration path (medium)
|
|
49
|
+
|
|
50
|
+
### ABAP Unit Tests
|
|
51
|
+
- Test class uses `MODIFY ENTITIES` against live data without `cl_cds_test_environment` or `cl_abap_behv_test_environment` double (high)
|
|
52
|
+
- `ROLLBACK ENTITIES` absent in `teardown` method (medium)
|
|
53
|
+
- `cds_test_environment->destroy()` absent in `class_teardown` (medium)
|
|
54
|
+
- Test method asserts only initial result without asserting expected field values (low)
|
|
55
|
+
|
|
56
|
+
## Workflow
|
|
57
|
+
|
|
58
|
+
1. **Receive artifacts** — ABAP source code, CDS DDL files, BDEF source, metadata extensions, access control definitions, or user descriptions.
|
|
59
|
+
2. **Classify each finding** by review domain above.
|
|
60
|
+
3. **Assign severity** (critical / high / medium / low).
|
|
61
|
+
4. **Identify evidence level** (documentation-based / user-provided evidence / context7-supplementary / inference).
|
|
62
|
+
5. **Recommend specific remediation** — ABAP code pattern to apply, BDEF keyword to add, DCL source to create, API Business Hub check to perform.
|
|
63
|
+
6. **Prioritize** — critical and high severity first; released API compliance and authorization before structural findings; test isolation before style.
|
|
64
|
+
7. **Return output** per the output contract below.
|
|
65
|
+
|
|
66
|
+
## Output contract
|
|
67
|
+
|
|
68
|
+
Return:
|
|
69
|
+
|
|
70
|
+
1. Artifacts reviewed and domains in scope
|
|
71
|
+
2. Finding(s) per domain with severity and evidence label
|
|
72
|
+
3. Specific remediation recommendation per finding (with code-level detail from user-provided evidence where available)
|
|
73
|
+
4. Released API compliance summary — list any NOT_RELEASED or DEPRECATED objects with recommended C1/C2 alternatives (to be verified on API Business Hub)
|
|
74
|
+
5. Authorization coverage summary — AUTHORITY-CHECK status for each operation (create/update/delete) per reviewed behavior implementation
|
|
75
|
+
6. Prioritized remediation sequence (critical → high → medium → low)
|
|
76
|
+
7. Escalation trigger if live ABAP system access or ATC execution is required before proceeding
|