@raishin/vanguard-frontier-agentic 2.11.0 → 2.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (756) hide show
  1. package/.claude-plugin/marketplace.json +2 -2
  2. package/.claude-plugin/plugin.json +41 -1
  3. package/.cursor-plugin/plugin.json +41 -1
  4. package/.github/plugin/marketplace.json +1 -1
  5. package/README.md +11 -11
  6. package/agents/sap/sap-abap-cloud-rap-reviewer-agent/AGENT.md +57 -0
  7. package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/claude-code.agent.md +37 -0
  8. package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/codex.toml +30 -0
  9. package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/copilot.agent.md +31 -0
  10. package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/cursor.agent.md +29 -0
  11. package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/gemini.agent.md +29 -0
  12. package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
  13. package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
  14. package/agents/sap/sap-abap-cloud-rap-reviewer-agent/metadata.json +46 -0
  15. package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/AGENT.md +58 -0
  16. package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/claude-code.agent.md +38 -0
  17. package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/codex.toml +31 -0
  18. package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/copilot.agent.md +32 -0
  19. package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/cursor.agent.md +30 -0
  20. package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/gemini.agent.md +30 -0
  21. package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
  22. package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/kiro-ide.agent.md +30 -0
  23. package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/metadata.json +40 -0
  24. package/agents/sap/sap-analytics-cloud-planning-governance-agent/AGENT.md +58 -0
  25. package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/claude-code.agent.md +37 -0
  26. package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/codex.toml +30 -0
  27. package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/copilot.agent.md +31 -0
  28. package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/cursor.agent.md +29 -0
  29. package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/gemini.agent.md +29 -0
  30. package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/kiro-cli.agent.json +1 -0
  31. package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/kiro-ide.agent.md +29 -0
  32. package/agents/sap/sap-analytics-cloud-planning-governance-agent/metadata.json +45 -0
  33. package/agents/sap/sap-audit-evidence-packager-agent/AGENT.md +58 -0
  34. package/agents/sap/sap-audit-evidence-packager-agent/harnesses/claude-code.agent.md +38 -0
  35. package/agents/sap/sap-audit-evidence-packager-agent/harnesses/codex.toml +30 -0
  36. package/agents/sap/sap-audit-evidence-packager-agent/harnesses/copilot.agent.md +33 -0
  37. package/agents/sap/sap-audit-evidence-packager-agent/harnesses/cursor.agent.md +31 -0
  38. package/agents/sap/sap-audit-evidence-packager-agent/harnesses/gemini.agent.md +31 -0
  39. package/agents/sap/sap-audit-evidence-packager-agent/harnesses/kiro-cli.agent.json +1 -0
  40. package/agents/sap/sap-audit-evidence-packager-agent/harnesses/kiro-ide.agent.md +31 -0
  41. package/agents/sap/sap-audit-evidence-packager-agent/metadata.json +45 -0
  42. package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/AGENT.md +58 -0
  43. package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/claude-code.agent.md +37 -0
  44. package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/codex.toml +30 -0
  45. package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/copilot.agent.md +31 -0
  46. package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/cursor.agent.md +29 -0
  47. package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/gemini.agent.md +29 -0
  48. package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
  49. package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
  50. package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/metadata.json +44 -0
  51. package/agents/sap/sap-btp-entitlement-guarded-operator-agent/AGENT.md +70 -0
  52. package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/claude-code.agent.md +51 -0
  53. package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/codex.toml +42 -0
  54. package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/copilot.agent.md +36 -0
  55. package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/cursor.agent.md +33 -0
  56. package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/gemini.agent.md +33 -0
  57. package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/kiro-cli.agent.json +1 -0
  58. package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/kiro-ide.agent.md +33 -0
  59. package/agents/sap/sap-btp-entitlement-guarded-operator-agent/metadata.json +41 -0
  60. package/agents/sap/sap-cap-architecture-reviewer-agent/AGENT.md +57 -0
  61. package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/claude-code.agent.md +37 -0
  62. package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/codex.toml +30 -0
  63. package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/copilot.agent.md +31 -0
  64. package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/cursor.agent.md +29 -0
  65. package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/gemini.agent.md +29 -0
  66. package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
  67. package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
  68. package/agents/sap/sap-cap-architecture-reviewer-agent/metadata.json +42 -0
  69. package/agents/sap/sap-clean-core-debt-reviewer-agent/AGENT.md +58 -0
  70. package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/claude-code.agent.md +38 -0
  71. package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/codex.toml +31 -0
  72. package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/copilot.agent.md +31 -0
  73. package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/cursor.agent.md +29 -0
  74. package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/gemini.agent.md +29 -0
  75. package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
  76. package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
  77. package/agents/sap/sap-clean-core-debt-reviewer-agent/metadata.json +45 -0
  78. package/agents/sap/sap-cloud-alm-sre-incident-agent/AGENT.md +59 -0
  79. package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/claude-code.agent.md +38 -0
  80. package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/codex.toml +30 -0
  81. package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/copilot.agent.md +32 -0
  82. package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/cursor.agent.md +30 -0
  83. package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/gemini.agent.md +30 -0
  84. package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/kiro-cli.agent.json +1 -0
  85. package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/kiro-ide.agent.md +30 -0
  86. package/agents/sap/sap-cloud-alm-sre-incident-agent/metadata.json +42 -0
  87. package/agents/sap/sap-custom-code-remediation-reviewer-agent/AGENT.md +60 -0
  88. package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/claude-code.agent.md +39 -0
  89. package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/codex.toml +29 -0
  90. package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/copilot.agent.md +31 -0
  91. package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/cursor.agent.md +29 -0
  92. package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/gemini.agent.md +29 -0
  93. package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
  94. package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
  95. package/agents/sap/sap-custom-code-remediation-reviewer-agent/metadata.json +45 -0
  96. package/agents/sap/sap-data-migration-cutover-readiness-agent/AGENT.md +67 -0
  97. package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/claude-code.agent.md +46 -0
  98. package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/codex.toml +30 -0
  99. package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/copilot.agent.md +32 -0
  100. package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/cursor.agent.md +30 -0
  101. package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/gemini.agent.md +30 -0
  102. package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/kiro-cli.agent.json +1 -0
  103. package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/kiro-ide.agent.md +30 -0
  104. package/agents/sap/sap-data-migration-cutover-readiness-agent/metadata.json +44 -0
  105. package/agents/sap/sap-datasphere-data-product-architect-agent/AGENT.md +58 -0
  106. package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/claude-code.agent.md +37 -0
  107. package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/codex.toml +30 -0
  108. package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/copilot.agent.md +31 -0
  109. package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/cursor.agent.md +29 -0
  110. package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/gemini.agent.md +29 -0
  111. package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/kiro-cli.agent.json +1 -0
  112. package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/kiro-ide.agent.md +29 -0
  113. package/agents/sap/sap-datasphere-data-product-architect-agent/metadata.json +45 -0
  114. package/agents/sap/sap-ewm-tm-logistics-execution-agent/AGENT.md +59 -0
  115. package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/claude-code.agent.md +38 -0
  116. package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/codex.toml +30 -0
  117. package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/copilot.agent.md +32 -0
  118. package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/cursor.agent.md +30 -0
  119. package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/gemini.agent.md +30 -0
  120. package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/kiro-cli.agent.json +1 -0
  121. package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/kiro-ide.agent.md +30 -0
  122. package/agents/sap/sap-ewm-tm-logistics-execution-agent/metadata.json +44 -0
  123. package/agents/sap/sap-finance-fico-controls-agent/AGENT.md +59 -0
  124. package/agents/sap/sap-finance-fico-controls-agent/harnesses/claude-code.agent.md +38 -0
  125. package/agents/sap/sap-finance-fico-controls-agent/harnesses/codex.toml +30 -0
  126. package/agents/sap/sap-finance-fico-controls-agent/harnesses/copilot.agent.md +32 -0
  127. package/agents/sap/sap-finance-fico-controls-agent/harnesses/cursor.agent.md +30 -0
  128. package/agents/sap/sap-finance-fico-controls-agent/harnesses/gemini.agent.md +30 -0
  129. package/agents/sap/sap-finance-fico-controls-agent/harnesses/kiro-cli.agent.json +1 -0
  130. package/agents/sap/sap-finance-fico-controls-agent/harnesses/kiro-ide.agent.md +30 -0
  131. package/agents/sap/sap-finance-fico-controls-agent/metadata.json +45 -0
  132. package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/AGENT.md +58 -0
  133. package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/claude-code.agent.md +37 -0
  134. package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/codex.toml +29 -0
  135. package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/copilot.agent.md +32 -0
  136. package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/cursor.agent.md +30 -0
  137. package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/gemini.agent.md +30 -0
  138. package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
  139. package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/kiro-ide.agent.md +30 -0
  140. package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/metadata.json +39 -0
  141. package/agents/sap/sap-guarded-transport-import-operator-agent/AGENT.md +70 -0
  142. package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/claude-code.agent.md +51 -0
  143. package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/codex.toml +41 -0
  144. package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/copilot.agent.md +36 -0
  145. package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/cursor.agent.md +33 -0
  146. package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/gemini.agent.md +33 -0
  147. package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/kiro-cli.agent.json +1 -0
  148. package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/kiro-ide.agent.md +33 -0
  149. package/agents/sap/sap-guarded-transport-import-operator-agent/metadata.json +45 -0
  150. package/agents/sap/sap-hana-cloud-performance-cost-agent/AGENT.md +58 -0
  151. package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/claude-code.agent.md +37 -0
  152. package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/codex.toml +30 -0
  153. package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/copilot.agent.md +31 -0
  154. package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/cursor.agent.md +29 -0
  155. package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/gemini.agent.md +29 -0
  156. package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/kiro-cli.agent.json +1 -0
  157. package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/kiro-ide.agent.md +29 -0
  158. package/agents/sap/sap-hana-cloud-performance-cost-agent/metadata.json +43 -0
  159. package/agents/sap/sap-hypercare-incident-commander-agent/AGENT.md +59 -0
  160. package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/claude-code.agent.md +38 -0
  161. package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/codex.toml +30 -0
  162. package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/copilot.agent.md +32 -0
  163. package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/cursor.agent.md +30 -0
  164. package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/gemini.agent.md +30 -0
  165. package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/kiro-cli.agent.json +1 -0
  166. package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/kiro-ide.agent.md +30 -0
  167. package/agents/sap/sap-hypercare-incident-commander-agent/metadata.json +42 -0
  168. package/agents/sap/sap-integration-flow-guarded-operator-agent/AGENT.md +70 -0
  169. package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/claude-code.agent.md +51 -0
  170. package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/codex.toml +41 -0
  171. package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/copilot.agent.md +36 -0
  172. package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/cursor.agent.md +33 -0
  173. package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/gemini.agent.md +33 -0
  174. package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/kiro-cli.agent.json +1 -0
  175. package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/kiro-ide.agent.md +33 -0
  176. package/agents/sap/sap-integration-flow-guarded-operator-agent/metadata.json +41 -0
  177. package/agents/sap/sap-integration-suite-reviewer-agent/AGENT.md +57 -0
  178. package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/claude-code.agent.md +37 -0
  179. package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/codex.toml +30 -0
  180. package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/copilot.agent.md +31 -0
  181. package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/cursor.agent.md +29 -0
  182. package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/gemini.agent.md +29 -0
  183. package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
  184. package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
  185. package/agents/sap/sap-integration-suite-reviewer-agent/metadata.json +43 -0
  186. package/agents/sap/sap-joule-governance-adoption-agent/AGENT.md +59 -0
  187. package/agents/sap/sap-joule-governance-adoption-agent/harnesses/claude-code.agent.md +38 -0
  188. package/agents/sap/sap-joule-governance-adoption-agent/harnesses/codex.toml +30 -0
  189. package/agents/sap/sap-joule-governance-adoption-agent/harnesses/copilot.agent.md +32 -0
  190. package/agents/sap/sap-joule-governance-adoption-agent/harnesses/cursor.agent.md +30 -0
  191. package/agents/sap/sap-joule-governance-adoption-agent/harnesses/gemini.agent.md +30 -0
  192. package/agents/sap/sap-joule-governance-adoption-agent/harnesses/kiro-cli.agent.json +1 -0
  193. package/agents/sap/sap-joule-governance-adoption-agent/harnesses/kiro-ide.agent.md +30 -0
  194. package/agents/sap/sap-joule-governance-adoption-agent/metadata.json +42 -0
  195. package/agents/sap/sap-license-btp-consumption-finops-agent/AGENT.md +58 -0
  196. package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/claude-code.agent.md +37 -0
  197. package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/codex.toml +30 -0
  198. package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/copilot.agent.md +31 -0
  199. package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/cursor.agent.md +29 -0
  200. package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/gemini.agent.md +29 -0
  201. package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/kiro-cli.agent.json +1 -0
  202. package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/kiro-ide.agent.md +29 -0
  203. package/agents/sap/sap-license-btp-consumption-finops-agent/metadata.json +42 -0
  204. package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/AGENT.md +60 -0
  205. package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/claude-code.agent.md +40 -0
  206. package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/codex.toml +31 -0
  207. package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/copilot.agent.md +32 -0
  208. package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/cursor.agent.md +30 -0
  209. package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/gemini.agent.md +30 -0
  210. package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/kiro-cli.agent.json +1 -0
  211. package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/kiro-ide.agent.md +30 -0
  212. package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/metadata.json +39 -0
  213. package/agents/sap/sap-live-readonly-landscape-discovery-agent/AGENT.md +60 -0
  214. package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/claude-code.agent.md +40 -0
  215. package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/codex.toml +31 -0
  216. package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/copilot.agent.md +32 -0
  217. package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/cursor.agent.md +30 -0
  218. package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/gemini.agent.md +30 -0
  219. package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/kiro-cli.agent.json +1 -0
  220. package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/kiro-ide.agent.md +30 -0
  221. package/agents/sap/sap-live-readonly-landscape-discovery-agent/metadata.json +39 -0
  222. package/agents/sap/sap-maestro-agent/AGENT.md +60 -0
  223. package/agents/sap/sap-maestro-agent/harnesses/claude-code.agent.md +36 -0
  224. package/agents/sap/sap-maestro-agent/harnesses/codex.toml +34 -0
  225. package/agents/sap/sap-maestro-agent/harnesses/copilot.agent.md +32 -0
  226. package/agents/sap/sap-maestro-agent/harnesses/cursor.agent.md +30 -0
  227. package/agents/sap/sap-maestro-agent/harnesses/gemini.agent.md +30 -0
  228. package/agents/sap/sap-maestro-agent/harnesses/kiro-cli.agent.json +1 -0
  229. package/agents/sap/sap-maestro-agent/harnesses/kiro-ide.agent.md +30 -0
  230. package/agents/sap/sap-maestro-agent/metadata.json +39 -0
  231. package/agents/sap/sap-manufacturing-execution-risk-agent/AGENT.md +59 -0
  232. package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/claude-code.agent.md +38 -0
  233. package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/codex.toml +30 -0
  234. package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/copilot.agent.md +32 -0
  235. package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/cursor.agent.md +30 -0
  236. package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/gemini.agent.md +30 -0
  237. package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/kiro-cli.agent.json +1 -0
  238. package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/kiro-ide.agent.md +30 -0
  239. package/agents/sap/sap-manufacturing-execution-risk-agent/metadata.json +44 -0
  240. package/agents/sap/sap-mdg-master-data-quality-agent/AGENT.md +59 -0
  241. package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/claude-code.agent.md +38 -0
  242. package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/codex.toml +30 -0
  243. package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/copilot.agent.md +32 -0
  244. package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/cursor.agent.md +30 -0
  245. package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/gemini.agent.md +30 -0
  246. package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/kiro-cli.agent.json +1 -0
  247. package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/kiro-ide.agent.md +30 -0
  248. package/agents/sap/sap-mdg-master-data-quality-agent/metadata.json +45 -0
  249. package/agents/sap/sap-order-to-cash-agent/AGENT.md +59 -0
  250. package/agents/sap/sap-order-to-cash-agent/harnesses/claude-code.agent.md +38 -0
  251. package/agents/sap/sap-order-to-cash-agent/harnesses/codex.toml +30 -0
  252. package/agents/sap/sap-order-to-cash-agent/harnesses/copilot.agent.md +32 -0
  253. package/agents/sap/sap-order-to-cash-agent/harnesses/cursor.agent.md +30 -0
  254. package/agents/sap/sap-order-to-cash-agent/harnesses/gemini.agent.md +30 -0
  255. package/agents/sap/sap-order-to-cash-agent/harnesses/kiro-cli.agent.json +1 -0
  256. package/agents/sap/sap-order-to-cash-agent/harnesses/kiro-ide.agent.md +30 -0
  257. package/agents/sap/sap-order-to-cash-agent/metadata.json +44 -0
  258. package/agents/sap/sap-procurement-ariba-value-leakage-agent/AGENT.md +59 -0
  259. package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/claude-code.agent.md +38 -0
  260. package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/codex.toml +30 -0
  261. package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/copilot.agent.md +32 -0
  262. package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/cursor.agent.md +30 -0
  263. package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/gemini.agent.md +30 -0
  264. package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/kiro-cli.agent.json +1 -0
  265. package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/kiro-ide.agent.md +30 -0
  266. package/agents/sap/sap-procurement-ariba-value-leakage-agent/metadata.json +44 -0
  267. package/agents/sap/sap-release-change-collision-agent/AGENT.md +59 -0
  268. package/agents/sap/sap-release-change-collision-agent/harnesses/claude-code.agent.md +38 -0
  269. package/agents/sap/sap-release-change-collision-agent/harnesses/codex.toml +30 -0
  270. package/agents/sap/sap-release-change-collision-agent/harnesses/copilot.agent.md +32 -0
  271. package/agents/sap/sap-release-change-collision-agent/harnesses/cursor.agent.md +30 -0
  272. package/agents/sap/sap-release-change-collision-agent/harnesses/gemini.agent.md +30 -0
  273. package/agents/sap/sap-release-change-collision-agent/harnesses/kiro-cli.agent.json +1 -0
  274. package/agents/sap/sap-release-change-collision-agent/harnesses/kiro-ide.agent.md +30 -0
  275. package/agents/sap/sap-release-change-collision-agent/metadata.json +42 -0
  276. package/agents/sap/sap-rise-sla-vendor-risk-agent/AGENT.md +58 -0
  277. package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/claude-code.agent.md +37 -0
  278. package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/codex.toml +30 -0
  279. package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/copilot.agent.md +31 -0
  280. package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/cursor.agent.md +29 -0
  281. package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/gemini.agent.md +29 -0
  282. package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/kiro-cli.agent.json +1 -0
  283. package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/kiro-ide.agent.md +29 -0
  284. package/agents/sap/sap-rise-sla-vendor-risk-agent/metadata.json +42 -0
  285. package/agents/sap/sap-role-assignment-guarded-operator-agent/AGENT.md +73 -0
  286. package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/claude-code.agent.md +54 -0
  287. package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/codex.toml +43 -0
  288. package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/copilot.agent.md +38 -0
  289. package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/cursor.agent.md +35 -0
  290. package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/gemini.agent.md +35 -0
  291. package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/kiro-cli.agent.json +1 -0
  292. package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/kiro-ide.agent.md +35 -0
  293. package/agents/sap/sap-role-assignment-guarded-operator-agent/metadata.json +41 -0
  294. package/agents/sap/sap-s4hana-transformation-architect-agent/AGENT.md +62 -0
  295. package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/claude-code.agent.md +41 -0
  296. package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/codex.toml +29 -0
  297. package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/copilot.agent.md +31 -0
  298. package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/cursor.agent.md +29 -0
  299. package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/gemini.agent.md +29 -0
  300. package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/kiro-cli.agent.json +1 -0
  301. package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/kiro-ide.agent.md +29 -0
  302. package/agents/sap/sap-s4hana-transformation-architect-agent/metadata.json +44 -0
  303. package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/AGENT.md +59 -0
  304. package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/claude-code.agent.md +38 -0
  305. package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/codex.toml +30 -0
  306. package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/copilot.agent.md +32 -0
  307. package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/cursor.agent.md +30 -0
  308. package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/gemini.agent.md +30 -0
  309. package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
  310. package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/kiro-ide.agent.md +30 -0
  311. package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/metadata.json +44 -0
  312. package/agents/sap/sap-signavio-process-mining-value-agent/AGENT.md +59 -0
  313. package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/claude-code.agent.md +38 -0
  314. package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/codex.toml +30 -0
  315. package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/copilot.agent.md +32 -0
  316. package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/cursor.agent.md +30 -0
  317. package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/gemini.agent.md +30 -0
  318. package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/kiro-cli.agent.json +1 -0
  319. package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/kiro-ide.agent.md +30 -0
  320. package/agents/sap/sap-signavio-process-mining-value-agent/metadata.json +44 -0
  321. package/agents/sap/sap-successfactors-hr-process-risk-agent/AGENT.md +59 -0
  322. package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/claude-code.agent.md +38 -0
  323. package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/codex.toml +30 -0
  324. package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/copilot.agent.md +32 -0
  325. package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/cursor.agent.md +30 -0
  326. package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/gemini.agent.md +30 -0
  327. package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/kiro-cli.agent.json +1 -0
  328. package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/kiro-ide.agent.md +30 -0
  329. package/agents/sap/sap-successfactors-hr-process-risk-agent/metadata.json +42 -0
  330. package/agents/sap/sap-supply-chain-ibp-resilience-agent/AGENT.md +59 -0
  331. package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/claude-code.agent.md +38 -0
  332. package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/codex.toml +30 -0
  333. package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/copilot.agent.md +32 -0
  334. package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/cursor.agent.md +30 -0
  335. package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/gemini.agent.md +30 -0
  336. package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/kiro-cli.agent.json +1 -0
  337. package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/kiro-ide.agent.md +30 -0
  338. package/agents/sap/sap-supply-chain-ibp-resilience-agent/metadata.json +44 -0
  339. package/agents/sap/sap-testing-quality-gate-agent/AGENT.md +59 -0
  340. package/agents/sap/sap-testing-quality-gate-agent/harnesses/claude-code.agent.md +38 -0
  341. package/agents/sap/sap-testing-quality-gate-agent/harnesses/codex.toml +30 -0
  342. package/agents/sap/sap-testing-quality-gate-agent/harnesses/copilot.agent.md +32 -0
  343. package/agents/sap/sap-testing-quality-gate-agent/harnesses/cursor.agent.md +30 -0
  344. package/agents/sap/sap-testing-quality-gate-agent/harnesses/gemini.agent.md +30 -0
  345. package/agents/sap/sap-testing-quality-gate-agent/harnesses/kiro-cli.agent.json +1 -0
  346. package/agents/sap/sap-testing-quality-gate-agent/harnesses/kiro-ide.agent.md +30 -0
  347. package/agents/sap/sap-testing-quality-gate-agent/metadata.json +42 -0
  348. package/agents/sap/sap-transformation-portfolio-triage-agent/AGENT.md +58 -0
  349. package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/claude-code.agent.md +37 -0
  350. package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/codex.toml +30 -0
  351. package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/copilot.agent.md +31 -0
  352. package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/cursor.agent.md +29 -0
  353. package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/gemini.agent.md +29 -0
  354. package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/kiro-cli.agent.json +1 -0
  355. package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/kiro-ide.agent.md +29 -0
  356. package/agents/sap/sap-transformation-portfolio-triage-agent/metadata.json +42 -0
  357. package/agents/sap/sap-treasury-cash-risk-agent/AGENT.md +59 -0
  358. package/agents/sap/sap-treasury-cash-risk-agent/harnesses/claude-code.agent.md +38 -0
  359. package/agents/sap/sap-treasury-cash-risk-agent/harnesses/codex.toml +30 -0
  360. package/agents/sap/sap-treasury-cash-risk-agent/harnesses/copilot.agent.md +32 -0
  361. package/agents/sap/sap-treasury-cash-risk-agent/harnesses/cursor.agent.md +30 -0
  362. package/agents/sap/sap-treasury-cash-risk-agent/harnesses/gemini.agent.md +30 -0
  363. package/agents/sap/sap-treasury-cash-risk-agent/harnesses/kiro-cli.agent.json +1 -0
  364. package/agents/sap/sap-treasury-cash-risk-agent/harnesses/kiro-ide.agent.md +30 -0
  365. package/agents/sap/sap-treasury-cash-risk-agent/metadata.json +44 -0
  366. package/catalog/agents.json +1323 -0
  367. package/catalog/asset-integrity.json +2283 -43
  368. package/catalog/install-roles.json +94 -0
  369. package/catalog/skill-manifest.json +1770 -3
  370. package/catalog/skills.json +1912 -1
  371. package/package.json +1 -1
  372. package/plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json +1 -1
  373. package/powers/README.md +3 -2
  374. package/powers/vanguard-sap/POWER.md +43 -0
  375. package/schemas/agent.schema.json +1 -0
  376. package/schemas/skill.schema.json +1 -0
  377. package/scripts/generate-docs-data.mjs +1 -1
  378. package/scripts/generate-kiro-powers.mjs +12 -0
  379. package/skills/claude/add-educational-comments/metadata.json +1 -1
  380. package/skills/sap/sap-abap-cloud-rap-review/SKILL.md +86 -0
  381. package/skills/sap/sap-abap-cloud-rap-review/agents/openai.yaml +11 -0
  382. package/skills/sap/sap-abap-cloud-rap-review/metadata.json +34 -0
  383. package/skills/sap/sap-abap-cloud-rap-review/references/context7-framework-docs.md +126 -0
  384. package/skills/sap/sap-abap-cloud-rap-review/references/official-sources.md +95 -0
  385. package/skills/sap/sap-abap-cloud-rap-review/references/safety-checklist.md +37 -0
  386. package/skills/sap/sap-abap-cloud-rap-review/references/workflow-and-output.md +76 -0
  387. package/skills/sap/sap-ai-core-generative-ai-hub-governance/SKILL.md +92 -0
  388. package/skills/sap/sap-ai-core-generative-ai-hub-governance/agents/openai.yaml +11 -0
  389. package/skills/sap/sap-ai-core-generative-ai-hub-governance/metadata.json +34 -0
  390. package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/context7-framework-docs.md +107 -0
  391. package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/official-sources.md +91 -0
  392. package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/safety-checklist.md +39 -0
  393. package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/workflow-and-output.md +75 -0
  394. package/skills/sap/sap-ai-governance-security-architecture-protocol/SKILL.md +168 -0
  395. package/skills/sap/sap-ai-governance-security-architecture-protocol/agents/openai.yaml +11 -0
  396. package/skills/sap/sap-ai-governance-security-architecture-protocol/metadata.json +35 -0
  397. package/skills/sap/sap-ai-governance-security-architecture-protocol/references/official-sources.md +99 -0
  398. package/skills/sap/sap-ai-governance-security-architecture-protocol/references/safety-checklist.md +38 -0
  399. package/skills/sap/sap-ai-governance-security-architecture-protocol/references/workflow-and-output.md +89 -0
  400. package/skills/sap/sap-analytics-cloud-planning-governance/SKILL.md +87 -0
  401. package/skills/sap/sap-analytics-cloud-planning-governance/agents/openai.yaml +11 -0
  402. package/skills/sap/sap-analytics-cloud-planning-governance/metadata.json +33 -0
  403. package/skills/sap/sap-analytics-cloud-planning-governance/references/official-sources.md +89 -0
  404. package/skills/sap/sap-analytics-cloud-planning-governance/references/safety-checklist.md +35 -0
  405. package/skills/sap/sap-analytics-cloud-planning-governance/references/workflow-and-output.md +70 -0
  406. package/skills/sap/sap-audit-evidence-packaging/SKILL.md +92 -0
  407. package/skills/sap/sap-audit-evidence-packaging/agents/openai.yaml +11 -0
  408. package/skills/sap/sap-audit-evidence-packaging/metadata.json +33 -0
  409. package/skills/sap/sap-audit-evidence-packaging/references/official-sources.md +92 -0
  410. package/skills/sap/sap-audit-evidence-packaging/references/safety-checklist.md +38 -0
  411. package/skills/sap/sap-audit-evidence-packaging/references/workflow-and-output.md +129 -0
  412. package/skills/sap/sap-btp-governance-review/SKILL.md +84 -0
  413. package/skills/sap/sap-btp-governance-review/agents/openai.yaml +11 -0
  414. package/skills/sap/sap-btp-governance-review/metadata.json +34 -0
  415. package/skills/sap/sap-btp-governance-review/references/official-sources.md +91 -0
  416. package/skills/sap/sap-btp-governance-review/references/safety-checklist.md +35 -0
  417. package/skills/sap/sap-btp-governance-review/references/workflow-and-output.md +66 -0
  418. package/skills/sap/sap-cap-architecture-review/SKILL.md +86 -0
  419. package/skills/sap/sap-cap-architecture-review/agents/openai.yaml +11 -0
  420. package/skills/sap/sap-cap-architecture-review/metadata.json +34 -0
  421. package/skills/sap/sap-cap-architecture-review/references/context7-framework-docs.md +89 -0
  422. package/skills/sap/sap-cap-architecture-review/references/official-sources.md +93 -0
  423. package/skills/sap/sap-cap-architecture-review/references/safety-checklist.md +37 -0
  424. package/skills/sap/sap-cap-architecture-review/references/workflow-and-output.md +74 -0
  425. package/skills/sap/sap-clean-core-debt-review/SKILL.md +84 -0
  426. package/skills/sap/sap-clean-core-debt-review/agents/openai.yaml +11 -0
  427. package/skills/sap/sap-clean-core-debt-review/metadata.json +33 -0
  428. package/skills/sap/sap-clean-core-debt-review/references/context7-framework-docs.md +56 -0
  429. package/skills/sap/sap-clean-core-debt-review/references/official-sources.md +75 -0
  430. package/skills/sap/sap-clean-core-debt-review/references/safety-checklist.md +36 -0
  431. package/skills/sap/sap-clean-core-debt-review/references/workflow-and-output.md +62 -0
  432. package/skills/sap/sap-cloud-alm-sre-incident-review/SKILL.md +83 -0
  433. package/skills/sap/sap-cloud-alm-sre-incident-review/agents/openai.yaml +11 -0
  434. package/skills/sap/sap-cloud-alm-sre-incident-review/metadata.json +33 -0
  435. package/skills/sap/sap-cloud-alm-sre-incident-review/references/official-sources.md +89 -0
  436. package/skills/sap/sap-cloud-alm-sre-incident-review/references/safety-checklist.md +39 -0
  437. package/skills/sap/sap-cloud-alm-sre-incident-review/references/workflow-and-output.md +88 -0
  438. package/skills/sap/sap-custom-code-remediation-review/SKILL.md +83 -0
  439. package/skills/sap/sap-custom-code-remediation-review/agents/openai.yaml +11 -0
  440. package/skills/sap/sap-custom-code-remediation-review/metadata.json +33 -0
  441. package/skills/sap/sap-custom-code-remediation-review/references/official-sources.md +85 -0
  442. package/skills/sap/sap-custom-code-remediation-review/references/safety-checklist.md +39 -0
  443. package/skills/sap/sap-custom-code-remediation-review/references/workflow-and-output.md +83 -0
  444. package/skills/sap/sap-data-migration-cutover-readiness/SKILL.md +90 -0
  445. package/skills/sap/sap-data-migration-cutover-readiness/agents/openai.yaml +14 -0
  446. package/skills/sap/sap-data-migration-cutover-readiness/metadata.json +32 -0
  447. package/skills/sap/sap-data-migration-cutover-readiness/references/official-sources.md +73 -0
  448. package/skills/sap/sap-data-migration-cutover-readiness/references/safety-checklist.md +51 -0
  449. package/skills/sap/sap-data-migration-cutover-readiness/references/workflow-and-output.md +85 -0
  450. package/skills/sap/sap-data-privacy-analytics-ai-protocol/SKILL.md +162 -0
  451. package/skills/sap/sap-data-privacy-analytics-ai-protocol/agents/openai.yaml +11 -0
  452. package/skills/sap/sap-data-privacy-analytics-ai-protocol/metadata.json +34 -0
  453. package/skills/sap/sap-data-privacy-analytics-ai-protocol/references/official-sources.md +93 -0
  454. package/skills/sap/sap-data-privacy-analytics-ai-protocol/references/safety-checklist.md +39 -0
  455. package/skills/sap/sap-data-privacy-analytics-ai-protocol/references/workflow-and-output.md +78 -0
  456. package/skills/sap/sap-datasphere-data-product-architecture/SKILL.md +86 -0
  457. package/skills/sap/sap-datasphere-data-product-architecture/agents/openai.yaml +11 -0
  458. package/skills/sap/sap-datasphere-data-product-architecture/metadata.json +33 -0
  459. package/skills/sap/sap-datasphere-data-product-architecture/references/official-sources.md +85 -0
  460. package/skills/sap/sap-datasphere-data-product-architecture/references/safety-checklist.md +35 -0
  461. package/skills/sap/sap-datasphere-data-product-architecture/references/workflow-and-output.md +70 -0
  462. package/skills/sap/sap-ewm-tm-logistics-execution-review/SKILL.md +90 -0
  463. package/skills/sap/sap-ewm-tm-logistics-execution-review/agents/openai.yaml +11 -0
  464. package/skills/sap/sap-ewm-tm-logistics-execution-review/metadata.json +32 -0
  465. package/skills/sap/sap-ewm-tm-logistics-execution-review/references/official-sources.md +79 -0
  466. package/skills/sap/sap-ewm-tm-logistics-execution-review/references/safety-checklist.md +37 -0
  467. package/skills/sap/sap-ewm-tm-logistics-execution-review/references/workflow-and-output.md +91 -0
  468. package/skills/sap/sap-finance-fico-controls-review/SKILL.md +91 -0
  469. package/skills/sap/sap-finance-fico-controls-review/agents/openai.yaml +11 -0
  470. package/skills/sap/sap-finance-fico-controls-review/metadata.json +33 -0
  471. package/skills/sap/sap-finance-fico-controls-review/references/official-sources.md +89 -0
  472. package/skills/sap/sap-finance-fico-controls-review/references/safety-checklist.md +38 -0
  473. package/skills/sap/sap-finance-fico-controls-review/references/workflow-and-output.md +88 -0
  474. package/skills/sap/sap-fiori-ui5-ux-review/SKILL.md +87 -0
  475. package/skills/sap/sap-fiori-ui5-ux-review/agents/openai.yaml +14 -0
  476. package/skills/sap/sap-fiori-ui5-ux-review/metadata.json +33 -0
  477. package/skills/sap/sap-fiori-ui5-ux-review/references/context7-framework-docs.md +128 -0
  478. package/skills/sap/sap-fiori-ui5-ux-review/references/official-sources.md +95 -0
  479. package/skills/sap/sap-fiori-ui5-ux-review/references/safety-checklist.md +37 -0
  480. package/skills/sap/sap-fiori-ui5-ux-review/references/workflow-and-output.md +96 -0
  481. package/skills/sap/sap-guarded-btp-entitlement-change/SKILL.md +156 -0
  482. package/skills/sap/sap-guarded-btp-entitlement-change/agents/openai.yaml +17 -0
  483. package/skills/sap/sap-guarded-btp-entitlement-change/metadata.json +33 -0
  484. package/skills/sap/sap-guarded-btp-entitlement-change/references/live-environment-access.md +93 -0
  485. package/skills/sap/sap-guarded-btp-entitlement-change/references/official-sources.md +75 -0
  486. package/skills/sap/sap-guarded-btp-entitlement-change/references/safety-checklist.md +57 -0
  487. package/skills/sap/sap-guarded-btp-entitlement-change/references/workflow-and-output.md +132 -0
  488. package/skills/sap/sap-guarded-integration-flow-change/SKILL.md +151 -0
  489. package/skills/sap/sap-guarded-integration-flow-change/agents/openai.yaml +17 -0
  490. package/skills/sap/sap-guarded-integration-flow-change/metadata.json +33 -0
  491. package/skills/sap/sap-guarded-integration-flow-change/references/live-environment-access.md +80 -0
  492. package/skills/sap/sap-guarded-integration-flow-change/references/official-sources.md +73 -0
  493. package/skills/sap/sap-guarded-integration-flow-change/references/safety-checklist.md +56 -0
  494. package/skills/sap/sap-guarded-integration-flow-change/references/workflow-and-output.md +122 -0
  495. package/skills/sap/sap-guarded-role-assignment/SKILL.md +159 -0
  496. package/skills/sap/sap-guarded-role-assignment/agents/openai.yaml +17 -0
  497. package/skills/sap/sap-guarded-role-assignment/metadata.json +33 -0
  498. package/skills/sap/sap-guarded-role-assignment/references/live-environment-access.md +93 -0
  499. package/skills/sap/sap-guarded-role-assignment/references/official-sources.md +73 -0
  500. package/skills/sap/sap-guarded-role-assignment/references/safety-checklist.md +57 -0
  501. package/skills/sap/sap-guarded-role-assignment/references/workflow-and-output.md +133 -0
  502. package/skills/sap/sap-guarded-transport-import/SKILL.md +144 -0
  503. package/skills/sap/sap-guarded-transport-import/agents/openai.yaml +14 -0
  504. package/skills/sap/sap-guarded-transport-import/metadata.json +34 -0
  505. package/skills/sap/sap-guarded-transport-import/references/live-environment-access.md +81 -0
  506. package/skills/sap/sap-guarded-transport-import/references/official-sources.md +79 -0
  507. package/skills/sap/sap-guarded-transport-import/references/safety-checklist.md +52 -0
  508. package/skills/sap/sap-guarded-transport-import/references/workflow-and-output.md +93 -0
  509. package/skills/sap/sap-hana-cloud-performance-cost/SKILL.md +87 -0
  510. package/skills/sap/sap-hana-cloud-performance-cost/agents/openai.yaml +11 -0
  511. package/skills/sap/sap-hana-cloud-performance-cost/metadata.json +33 -0
  512. package/skills/sap/sap-hana-cloud-performance-cost/references/context7-framework-docs.md +94 -0
  513. package/skills/sap/sap-hana-cloud-performance-cost/references/official-sources.md +83 -0
  514. package/skills/sap/sap-hana-cloud-performance-cost/references/safety-checklist.md +36 -0
  515. package/skills/sap/sap-hana-cloud-performance-cost/references/workflow-and-output.md +68 -0
  516. package/skills/sap/sap-hypercare-incident-commander-review/SKILL.md +93 -0
  517. package/skills/sap/sap-hypercare-incident-commander-review/agents/openai.yaml +14 -0
  518. package/skills/sap/sap-hypercare-incident-commander-review/metadata.json +31 -0
  519. package/skills/sap/sap-hypercare-incident-commander-review/references/official-sources.md +63 -0
  520. package/skills/sap/sap-hypercare-incident-commander-review/references/safety-checklist.md +55 -0
  521. package/skills/sap/sap-hypercare-incident-commander-review/references/workflow-and-output.md +98 -0
  522. package/skills/sap/sap-integration-platform-businessops-protocol/SKILL.md +162 -0
  523. package/skills/sap/sap-integration-platform-businessops-protocol/agents/openai.yaml +11 -0
  524. package/skills/sap/sap-integration-platform-businessops-protocol/metadata.json +35 -0
  525. package/skills/sap/sap-integration-platform-businessops-protocol/references/official-sources.md +99 -0
  526. package/skills/sap/sap-integration-platform-businessops-protocol/references/safety-checklist.md +36 -0
  527. package/skills/sap/sap-integration-platform-businessops-protocol/references/workflow-and-output.md +76 -0
  528. package/skills/sap/sap-integration-suite-review/SKILL.md +87 -0
  529. package/skills/sap/sap-integration-suite-review/agents/openai.yaml +11 -0
  530. package/skills/sap/sap-integration-suite-review/metadata.json +33 -0
  531. package/skills/sap/sap-integration-suite-review/references/context7-framework-docs.md +76 -0
  532. package/skills/sap/sap-integration-suite-review/references/official-sources.md +79 -0
  533. package/skills/sap/sap-integration-suite-review/references/safety-checklist.md +36 -0
  534. package/skills/sap/sap-integration-suite-review/references/workflow-and-output.md +78 -0
  535. package/skills/sap/sap-joule-governance-adoption-review/SKILL.md +83 -0
  536. package/skills/sap/sap-joule-governance-adoption-review/agents/openai.yaml +11 -0
  537. package/skills/sap/sap-joule-governance-adoption-review/metadata.json +33 -0
  538. package/skills/sap/sap-joule-governance-adoption-review/references/official-sources.md +83 -0
  539. package/skills/sap/sap-joule-governance-adoption-review/references/safety-checklist.md +37 -0
  540. package/skills/sap/sap-joule-governance-adoption-review/references/workflow-and-output.md +81 -0
  541. package/skills/sap/sap-license-btp-consumption-finops-review/SKILL.md +89 -0
  542. package/skills/sap/sap-license-btp-consumption-finops-review/agents/openai.yaml +11 -0
  543. package/skills/sap/sap-license-btp-consumption-finops-review/metadata.json +32 -0
  544. package/skills/sap/sap-license-btp-consumption-finops-review/references/official-sources.md +71 -0
  545. package/skills/sap/sap-license-btp-consumption-finops-review/references/safety-checklist.md +36 -0
  546. package/skills/sap/sap-license-btp-consumption-finops-review/references/workflow-and-output.md +69 -0
  547. package/skills/sap/sap-live-readonly-identity-trust-discovery/SKILL.md +142 -0
  548. package/skills/sap/sap-live-readonly-identity-trust-discovery/agents/openai.yaml +14 -0
  549. package/skills/sap/sap-live-readonly-identity-trust-discovery/metadata.json +34 -0
  550. package/skills/sap/sap-live-readonly-identity-trust-discovery/references/live-environment-access.md +151 -0
  551. package/skills/sap/sap-live-readonly-identity-trust-discovery/references/official-sources.md +83 -0
  552. package/skills/sap/sap-live-readonly-identity-trust-discovery/references/safety-checklist.md +49 -0
  553. package/skills/sap/sap-live-readonly-identity-trust-discovery/references/workflow-and-output.md +103 -0
  554. package/skills/sap/sap-live-readonly-landscape-discovery/SKILL.md +135 -0
  555. package/skills/sap/sap-live-readonly-landscape-discovery/agents/openai.yaml +14 -0
  556. package/skills/sap/sap-live-readonly-landscape-discovery/metadata.json +34 -0
  557. package/skills/sap/sap-live-readonly-landscape-discovery/references/live-environment-access.md +111 -0
  558. package/skills/sap/sap-live-readonly-landscape-discovery/references/official-sources.md +83 -0
  559. package/skills/sap/sap-live-readonly-landscape-discovery/references/safety-checklist.md +45 -0
  560. package/skills/sap/sap-live-readonly-landscape-discovery/references/workflow-and-output.md +102 -0
  561. package/skills/sap/sap-maestro/SKILL.md +81 -0
  562. package/skills/sap/sap-maestro/agents/openai.yaml +11 -0
  563. package/skills/sap/sap-maestro/metadata.json +32 -0
  564. package/skills/sap/sap-maestro/references/official-sources.md +53 -0
  565. package/skills/sap/sap-maestro/references/safety-checklist.md +39 -0
  566. package/skills/sap/sap-maestro/references/workflow-and-output.md +73 -0
  567. package/skills/sap/sap-manufacturing-execution-risk-review/SKILL.md +89 -0
  568. package/skills/sap/sap-manufacturing-execution-risk-review/agents/openai.yaml +11 -0
  569. package/skills/sap/sap-manufacturing-execution-risk-review/metadata.json +32 -0
  570. package/skills/sap/sap-manufacturing-execution-risk-review/references/official-sources.md +79 -0
  571. package/skills/sap/sap-manufacturing-execution-risk-review/references/safety-checklist.md +39 -0
  572. package/skills/sap/sap-manufacturing-execution-risk-review/references/workflow-and-output.md +91 -0
  573. package/skills/sap/sap-mdg-master-data-quality-review/SKILL.md +85 -0
  574. package/skills/sap/sap-mdg-master-data-quality-review/agents/openai.yaml +11 -0
  575. package/skills/sap/sap-mdg-master-data-quality-review/metadata.json +33 -0
  576. package/skills/sap/sap-mdg-master-data-quality-review/references/official-sources.md +89 -0
  577. package/skills/sap/sap-mdg-master-data-quality-review/references/safety-checklist.md +37 -0
  578. package/skills/sap/sap-mdg-master-data-quality-review/references/workflow-and-output.md +91 -0
  579. package/skills/sap/sap-order-to-cash-review/SKILL.md +89 -0
  580. package/skills/sap/sap-order-to-cash-review/agents/openai.yaml +11 -0
  581. package/skills/sap/sap-order-to-cash-review/metadata.json +32 -0
  582. package/skills/sap/sap-order-to-cash-review/references/official-sources.md +79 -0
  583. package/skills/sap/sap-order-to-cash-review/references/safety-checklist.md +39 -0
  584. package/skills/sap/sap-order-to-cash-review/references/workflow-and-output.md +87 -0
  585. package/skills/sap/sap-procurement-ariba-value-leakage-review/SKILL.md +90 -0
  586. package/skills/sap/sap-procurement-ariba-value-leakage-review/agents/openai.yaml +11 -0
  587. package/skills/sap/sap-procurement-ariba-value-leakage-review/metadata.json +32 -0
  588. package/skills/sap/sap-procurement-ariba-value-leakage-review/references/official-sources.md +79 -0
  589. package/skills/sap/sap-procurement-ariba-value-leakage-review/references/safety-checklist.md +38 -0
  590. package/skills/sap/sap-procurement-ariba-value-leakage-review/references/workflow-and-output.md +87 -0
  591. package/skills/sap/sap-procurement-license-finops-vendor-protocol/SKILL.md +155 -0
  592. package/skills/sap/sap-procurement-license-finops-vendor-protocol/agents/openai.yaml +11 -0
  593. package/skills/sap/sap-procurement-license-finops-vendor-protocol/metadata.json +35 -0
  594. package/skills/sap/sap-procurement-license-finops-vendor-protocol/references/official-sources.md +99 -0
  595. package/skills/sap/sap-procurement-license-finops-vendor-protocol/references/safety-checklist.md +36 -0
  596. package/skills/sap/sap-procurement-license-finops-vendor-protocol/references/workflow-and-output.md +62 -0
  597. package/skills/sap/sap-release-change-collision-review/SKILL.md +92 -0
  598. package/skills/sap/sap-release-change-collision-review/agents/openai.yaml +14 -0
  599. package/skills/sap/sap-release-change-collision-review/metadata.json +31 -0
  600. package/skills/sap/sap-release-change-collision-review/references/official-sources.md +63 -0
  601. package/skills/sap/sap-release-change-collision-review/references/safety-checklist.md +51 -0
  602. package/skills/sap/sap-release-change-collision-review/references/workflow-and-output.md +85 -0
  603. package/skills/sap/sap-release-cutover-finance-controls-protocol/SKILL.md +170 -0
  604. package/skills/sap/sap-release-cutover-finance-controls-protocol/agents/openai.yaml +11 -0
  605. package/skills/sap/sap-release-cutover-finance-controls-protocol/metadata.json +33 -0
  606. package/skills/sap/sap-release-cutover-finance-controls-protocol/references/official-sources.md +89 -0
  607. package/skills/sap/sap-release-cutover-finance-controls-protocol/references/safety-checklist.md +39 -0
  608. package/skills/sap/sap-release-cutover-finance-controls-protocol/references/workflow-and-output.md +98 -0
  609. package/skills/sap/sap-rise-sla-vendor-risk-review/SKILL.md +88 -0
  610. package/skills/sap/sap-rise-sla-vendor-risk-review/agents/openai.yaml +11 -0
  611. package/skills/sap/sap-rise-sla-vendor-risk-review/metadata.json +32 -0
  612. package/skills/sap/sap-rise-sla-vendor-risk-review/references/official-sources.md +73 -0
  613. package/skills/sap/sap-rise-sla-vendor-risk-review/references/safety-checklist.md +36 -0
  614. package/skills/sap/sap-rise-sla-vendor-risk-review/references/workflow-and-output.md +56 -0
  615. package/skills/sap/sap-s4hana-transformation-architecture-review/SKILL.md +84 -0
  616. package/skills/sap/sap-s4hana-transformation-architecture-review/agents/openai.yaml +14 -0
  617. package/skills/sap/sap-s4hana-transformation-architecture-review/metadata.json +32 -0
  618. package/skills/sap/sap-s4hana-transformation-architecture-review/references/official-sources.md +75 -0
  619. package/skills/sap/sap-s4hana-transformation-architecture-review/references/safety-checklist.md +40 -0
  620. package/skills/sap/sap-s4hana-transformation-architecture-review/references/workflow-and-output.md +67 -0
  621. package/skills/sap/sap-security-hr-legal-protocol/SKILL.md +149 -0
  622. package/skills/sap/sap-security-hr-legal-protocol/agents/openai.yaml +11 -0
  623. package/skills/sap/sap-security-hr-legal-protocol/metadata.json +34 -0
  624. package/skills/sap/sap-security-hr-legal-protocol/references/official-sources.md +89 -0
  625. package/skills/sap/sap-security-hr-legal-protocol/references/safety-checklist.md +38 -0
  626. package/skills/sap/sap-security-hr-legal-protocol/references/workflow-and-output.md +65 -0
  627. package/skills/sap/sap-security-iam-grc-sod-review/SKILL.md +86 -0
  628. package/skills/sap/sap-security-iam-grc-sod-review/agents/openai.yaml +11 -0
  629. package/skills/sap/sap-security-iam-grc-sod-review/metadata.json +33 -0
  630. package/skills/sap/sap-security-iam-grc-sod-review/references/official-sources.md +83 -0
  631. package/skills/sap/sap-security-iam-grc-sod-review/references/safety-checklist.md +36 -0
  632. package/skills/sap/sap-security-iam-grc-sod-review/references/workflow-and-output.md +79 -0
  633. package/skills/sap/sap-signavio-process-mining-value/SKILL.md +85 -0
  634. package/skills/sap/sap-signavio-process-mining-value/agents/openai.yaml +11 -0
  635. package/skills/sap/sap-signavio-process-mining-value/metadata.json +33 -0
  636. package/skills/sap/sap-signavio-process-mining-value/references/official-sources.md +89 -0
  637. package/skills/sap/sap-signavio-process-mining-value/references/safety-checklist.md +36 -0
  638. package/skills/sap/sap-signavio-process-mining-value/references/workflow-and-output.md +91 -0
  639. package/skills/sap/sap-successfactors-hr-process-risk-review/SKILL.md +92 -0
  640. package/skills/sap/sap-successfactors-hr-process-risk-review/agents/openai.yaml +11 -0
  641. package/skills/sap/sap-successfactors-hr-process-risk-review/metadata.json +33 -0
  642. package/skills/sap/sap-successfactors-hr-process-risk-review/references/official-sources.md +83 -0
  643. package/skills/sap/sap-successfactors-hr-process-risk-review/references/safety-checklist.md +38 -0
  644. package/skills/sap/sap-successfactors-hr-process-risk-review/references/workflow-and-output.md +86 -0
  645. package/skills/sap/sap-supply-chain-ibp-resilience-review/SKILL.md +90 -0
  646. package/skills/sap/sap-supply-chain-ibp-resilience-review/agents/openai.yaml +11 -0
  647. package/skills/sap/sap-supply-chain-ibp-resilience-review/metadata.json +32 -0
  648. package/skills/sap/sap-supply-chain-ibp-resilience-review/references/official-sources.md +79 -0
  649. package/skills/sap/sap-supply-chain-ibp-resilience-review/references/safety-checklist.md +38 -0
  650. package/skills/sap/sap-supply-chain-ibp-resilience-review/references/workflow-and-output.md +89 -0
  651. package/skills/sap/sap-testing-quality-gate-review/SKILL.md +92 -0
  652. package/skills/sap/sap-testing-quality-gate-review/agents/openai.yaml +14 -0
  653. package/skills/sap/sap-testing-quality-gate-review/metadata.json +31 -0
  654. package/skills/sap/sap-testing-quality-gate-review/references/official-sources.md +65 -0
  655. package/skills/sap/sap-testing-quality-gate-review/references/safety-checklist.md +53 -0
  656. package/skills/sap/sap-testing-quality-gate-review/references/workflow-and-output.md +98 -0
  657. package/skills/sap/sap-transformation-portfolio-triage-review/SKILL.md +87 -0
  658. package/skills/sap/sap-transformation-portfolio-triage-review/agents/openai.yaml +11 -0
  659. package/skills/sap/sap-transformation-portfolio-triage-review/metadata.json +32 -0
  660. package/skills/sap/sap-transformation-portfolio-triage-review/references/official-sources.md +71 -0
  661. package/skills/sap/sap-transformation-portfolio-triage-review/references/safety-checklist.md +36 -0
  662. package/skills/sap/sap-transformation-portfolio-triage-review/references/workflow-and-output.md +69 -0
  663. package/skills/sap/sap-treasury-cash-risk-review/SKILL.md +90 -0
  664. package/skills/sap/sap-treasury-cash-risk-review/agents/openai.yaml +11 -0
  665. package/skills/sap/sap-treasury-cash-risk-review/metadata.json +32 -0
  666. package/skills/sap/sap-treasury-cash-risk-review/references/official-sources.md +79 -0
  667. package/skills/sap/sap-treasury-cash-risk-review/references/safety-checklist.md +38 -0
  668. package/skills/sap/sap-treasury-cash-risk-review/references/workflow-and-output.md +89 -0
  669. package/tests/fixtures/sap-maestro-routing/expected/01-clean-core-debt.json +6 -0
  670. package/tests/fixtures/sap-maestro-routing/expected/02-landscape-discovery.json +6 -0
  671. package/tests/fixtures/sap-maestro-routing/expected/03-live-guard-transport.json +6 -0
  672. package/tests/fixtures/sap-maestro-routing/expected/04-adversarial-injection.json +6 -0
  673. package/tests/fixtures/sap-maestro-routing/expected/05-adversarial-persona.json +6 -0
  674. package/tests/fixtures/sap-maestro-routing/expected/06-ambiguous.json +4 -0
  675. package/tests/fixtures/sap-maestro-routing/expected/07-secrets-bait.json +6 -0
  676. package/tests/fixtures/sap-maestro-routing/expected/08-btp-governance.json +6 -0
  677. package/tests/fixtures/sap-maestro-routing/expected/09-integration-suite.json +6 -0
  678. package/tests/fixtures/sap-maestro-routing/expected/10-security-sod.json +6 -0
  679. package/tests/fixtures/sap-maestro-routing/expected/11-cap-architecture.json +6 -0
  680. package/tests/fixtures/sap-maestro-routing/expected/12-abap-cloud-rap.json +7 -0
  681. package/tests/fixtures/sap-maestro-routing/expected/13-ai-governance.json +6 -0
  682. package/tests/fixtures/sap-maestro-routing/expected/14-datasphere.json +6 -0
  683. package/tests/fixtures/sap-maestro-routing/expected/15-analytics-cloud.json +6 -0
  684. package/tests/fixtures/sap-maestro-routing/expected/16-hana-cloud.json +6 -0
  685. package/tests/fixtures/sap-maestro-routing/expected/17-s4hana-transformation.json +6 -0
  686. package/tests/fixtures/sap-maestro-routing/expected/18-custom-code-remediation.json +6 -0
  687. package/tests/fixtures/sap-maestro-routing/expected/19-data-migration-cutover.json +6 -0
  688. package/tests/fixtures/sap-maestro-routing/expected/20-finance-fico.json +6 -0
  689. package/tests/fixtures/sap-maestro-routing/expected/21-mdg-master-data.json +6 -0
  690. package/tests/fixtures/sap-maestro-routing/expected/22-signavio.json +6 -0
  691. package/tests/fixtures/sap-maestro-routing/expected/23-procurement-ariba.json +6 -0
  692. package/tests/fixtures/sap-maestro-routing/expected/24-supply-chain-ibp.json +6 -0
  693. package/tests/fixtures/sap-maestro-routing/expected/25-order-to-cash.json +6 -0
  694. package/tests/fixtures/sap-maestro-routing/expected/26-treasury.json +6 -0
  695. package/tests/fixtures/sap-maestro-routing/expected/27-ewm-tm.json +6 -0
  696. package/tests/fixtures/sap-maestro-routing/expected/28-manufacturing.json +6 -0
  697. package/tests/fixtures/sap-maestro-routing/expected/29-successfactors.json +6 -0
  698. package/tests/fixtures/sap-maestro-routing/expected/30-joule.json +6 -0
  699. package/tests/fixtures/sap-maestro-routing/expected/31-cloud-alm.json +6 -0
  700. package/tests/fixtures/sap-maestro-routing/expected/32-transformation-portfolio.json +6 -0
  701. package/tests/fixtures/sap-maestro-routing/expected/33-rise-sla.json +6 -0
  702. package/tests/fixtures/sap-maestro-routing/expected/34-license-finops.json +6 -0
  703. package/tests/fixtures/sap-maestro-routing/expected/35-testing-quality.json +6 -0
  704. package/tests/fixtures/sap-maestro-routing/expected/36-release-collision.json +6 -0
  705. package/tests/fixtures/sap-maestro-routing/expected/37-hypercare.json +6 -0
  706. package/tests/fixtures/sap-maestro-routing/expected/38-identity-trust.json +6 -0
  707. package/tests/fixtures/sap-maestro-routing/expected/39-fiori-ui5.json +6 -0
  708. package/tests/fixtures/sap-maestro-routing/expected/40-audit-evidence.json +6 -0
  709. package/tests/fixtures/sap-maestro-routing/expected/41-guard-role-assign.json +6 -0
  710. package/tests/fixtures/sap-maestro-routing/expected/42-guard-iflow-deploy.json +6 -0
  711. package/tests/fixtures/sap-maestro-routing/expected/43-guard-entitlement.json +6 -0
  712. package/tests/fixtures/sap-maestro-routing/inputs/01-clean-core-debt.json +5 -0
  713. package/tests/fixtures/sap-maestro-routing/inputs/02-landscape-discovery.json +5 -0
  714. package/tests/fixtures/sap-maestro-routing/inputs/03-live-guard-transport.json +7 -0
  715. package/tests/fixtures/sap-maestro-routing/inputs/04-adversarial-injection.json +7 -0
  716. package/tests/fixtures/sap-maestro-routing/inputs/05-adversarial-persona.json +7 -0
  717. package/tests/fixtures/sap-maestro-routing/inputs/06-ambiguous.json +7 -0
  718. package/tests/fixtures/sap-maestro-routing/inputs/07-secrets-bait.json +7 -0
  719. package/tests/fixtures/sap-maestro-routing/inputs/08-btp-governance.json +7 -0
  720. package/tests/fixtures/sap-maestro-routing/inputs/09-integration-suite.json +7 -0
  721. package/tests/fixtures/sap-maestro-routing/inputs/10-security-sod.json +7 -0
  722. package/tests/fixtures/sap-maestro-routing/inputs/11-cap-architecture.json +7 -0
  723. package/tests/fixtures/sap-maestro-routing/inputs/12-abap-cloud-rap.json +7 -0
  724. package/tests/fixtures/sap-maestro-routing/inputs/13-ai-governance.json +7 -0
  725. package/tests/fixtures/sap-maestro-routing/inputs/14-datasphere.json +7 -0
  726. package/tests/fixtures/sap-maestro-routing/inputs/15-analytics-cloud.json +7 -0
  727. package/tests/fixtures/sap-maestro-routing/inputs/16-hana-cloud.json +7 -0
  728. package/tests/fixtures/sap-maestro-routing/inputs/17-s4hana-transformation.json +7 -0
  729. package/tests/fixtures/sap-maestro-routing/inputs/18-custom-code-remediation.json +7 -0
  730. package/tests/fixtures/sap-maestro-routing/inputs/19-data-migration-cutover.json +7 -0
  731. package/tests/fixtures/sap-maestro-routing/inputs/20-finance-fico.json +7 -0
  732. package/tests/fixtures/sap-maestro-routing/inputs/21-mdg-master-data.json +7 -0
  733. package/tests/fixtures/sap-maestro-routing/inputs/22-signavio.json +7 -0
  734. package/tests/fixtures/sap-maestro-routing/inputs/23-procurement-ariba.json +7 -0
  735. package/tests/fixtures/sap-maestro-routing/inputs/24-supply-chain-ibp.json +7 -0
  736. package/tests/fixtures/sap-maestro-routing/inputs/25-order-to-cash.json +7 -0
  737. package/tests/fixtures/sap-maestro-routing/inputs/26-treasury.json +7 -0
  738. package/tests/fixtures/sap-maestro-routing/inputs/27-ewm-tm.json +7 -0
  739. package/tests/fixtures/sap-maestro-routing/inputs/28-manufacturing.json +7 -0
  740. package/tests/fixtures/sap-maestro-routing/inputs/29-successfactors.json +7 -0
  741. package/tests/fixtures/sap-maestro-routing/inputs/30-joule.json +7 -0
  742. package/tests/fixtures/sap-maestro-routing/inputs/31-cloud-alm.json +7 -0
  743. package/tests/fixtures/sap-maestro-routing/inputs/32-transformation-portfolio.json +7 -0
  744. package/tests/fixtures/sap-maestro-routing/inputs/33-rise-sla.json +7 -0
  745. package/tests/fixtures/sap-maestro-routing/inputs/34-license-finops.json +7 -0
  746. package/tests/fixtures/sap-maestro-routing/inputs/35-testing-quality.json +7 -0
  747. package/tests/fixtures/sap-maestro-routing/inputs/36-release-collision.json +7 -0
  748. package/tests/fixtures/sap-maestro-routing/inputs/37-hypercare.json +7 -0
  749. package/tests/fixtures/sap-maestro-routing/inputs/38-identity-trust.json +7 -0
  750. package/tests/fixtures/sap-maestro-routing/inputs/39-fiori-ui5.json +7 -0
  751. package/tests/fixtures/sap-maestro-routing/inputs/40-audit-evidence.json +7 -0
  752. package/tests/fixtures/sap-maestro-routing/inputs/41-guard-role-assign.json +7 -0
  753. package/tests/fixtures/sap-maestro-routing/inputs/42-guard-iflow-deploy.json +7 -0
  754. package/tests/fixtures/sap-maestro-routing/inputs/43-guard-entitlement.json +7 -0
  755. package/tests/fixtures/sap-maestro-routing/taxonomy.json +509 -0
  756. package/tests/validate-catalog.py +1 -0
@@ -0,0 +1,92 @@
1
+ ---
2
+ name: sap-ai-core-generative-ai-hub-governance
3
+ description: Governance review for SAP AI Core, AI Launchpad, and Generative AI Hub deployments. Assesses model access control, data privacy for RAG pipelines and embeddings, prompt-injection risk in orchestration configurations, grounding data classification, prompt-log handling, and auditability of AI outputs. Does not run models or access production AI deployments.
4
+ allowed-tools: Read Grep Glob WebSearch WebFetch
5
+ metadata:
6
+ author: "github: Raishin"
7
+ version: "0.1.0"
8
+ updated: "2026-06-19"
9
+ category: ai
10
+ lifecycle: experimental
11
+ ---
12
+
13
+ # SAP AI Core Generative AI Hub Governance
14
+
15
+ ## Purpose
16
+
17
+ Assess the governance posture of SAP AI Core, AI Launchpad, and Generative AI Hub deployments. Review model access control: resource group isolation, role assignments in AI Launchpad, and AI API service key scope. Review data privacy for RAG pipelines: classification of grounding data sources, embedding storage location, data residency of vector stores, and personal data exposure in retrieval results. Assess prompt-injection risk in orchestration configurations: unguarded template variables, absent input/output content safety filters, and missing grounding data sanitization. Review prompt-log handling and retention: whether prompts containing personal or confidential data are logged, where logs are stored, and whether log access is role-restricted. Assess auditability of AI outputs: traceability of model responses to grounding sources, audit trail completeness, and model version pinning. Does not invoke models, connect to live AI Core deployments, or process production data.
18
+
19
+ ## When to use
20
+
21
+ Use this skill when the user asks to:
22
+
23
+ - review AI Core resource group structure and role assignment for model access isolation,
24
+ - assess AI Launchpad user role configuration: `aicore_admin`, `aicore_viewer`, `genai_manager`, `genai_viewer` role assignments and separation of duties,
25
+ - evaluate Generative AI Hub orchestration configuration for prompt-injection risk: input/output content safety filter coverage, unguarded template variable injection points, and system-prompt integrity,
26
+ - audit grounding data classification: whether documents in the Document Grounding Service or vector store are classified by data sensitivity before ingestion, whether personal data or confidential business data is ingested into shared vector stores,
27
+ - review prompt-log handling: whether prompt logging is enabled, log retention period, log access controls, and compliance with data residency requirements for logged prompts containing personal data,
28
+ - assess embedding and vector store data privacy: which data is vectorized, where embeddings are stored, cross-tenant vector store isolation, and right-to-erasure implications for embedded personal data,
29
+ - evaluate auditability of Generative AI Hub outputs: model version pinning, grounding source attribution in responses, audit log completeness for AI-assisted decisions, and explainability requirements.
30
+
31
+ ## When not to use
32
+
33
+ - When the request requires connecting to a live AI Core deployment, running model inference, or accessing production prompt logs — this skill reviews configuration artifacts and governance descriptions only.
34
+ - When the request is about BTP account-level governance (entitlements, subaccounts, role collections) unrelated to AI services — use `sap-btp-governance-review`.
35
+ - When the request is about integration wiring between AI Core and other SAP services via Integration Suite — use `sap-integration-suite-review`.
36
+ - When the request is about training custom ML models on BTP AI Core (pipeline configuration, Docker images, custom training workflows) rather than Generative AI Hub governance.
37
+
38
+ ## Does not touch live systems
39
+
40
+ This skill operates on user-provided orchestration configuration files, role assignment descriptions, resource group layouts, grounding pipeline configuration, data classification documentation, or written descriptions of the AI governance posture. It does not invoke any Generative AI Hub model, access AI Core deployment APIs, read prompt logs, query vector stores, or connect to AI Launchpad. All live inspection is out of scope.
41
+
42
+ ## Lean operating rules
43
+
44
+ - Classify governance findings before recommending. Every finding must be assigned to a governance domain (Model Access / Data Privacy / Prompt Injection Risk / Grounding Data / Prompt Logging / Auditability) before remediation is proposed.
45
+ - Content safety filters are required on both input and output for customer-facing orchestration pipelines. An orchestration configuration without `filtering_module_config` on both the input and output path is a `high` finding for prompt injection and harmful output risk.
46
+ - Grounding data classification must precede ingestion. Ingesting unclassified documents into a vector store shared across resource groups or tenants is a `high` finding for data privacy. Personal data in grounding documents must be identified before vectorization.
47
+ - Prompt logging of personal data requires legal basis and residency compliance. If prompts submitted by end users may contain personal data (names, IDs, health data, financial data), prompt logging must be evaluated against the applicable data protection regulation (GDPR, local law). Unreviewed prompt logging with no retention limit is a `medium` finding.
48
+ - Embedding personal data creates right-to-erasure obligations. Personal data vectorized into embeddings cannot be trivially erased. Any grounding pipeline ingesting personal data must have a documented erasure procedure or must exclude personal data from vectorization.
49
+ - Model version must be pinned for AI-assisted decisions. An orchestration configuration using `latest` or a floating model version alias for any workflow that produces auditable business outputs is a `medium` finding for reproducibility.
50
+ - Resource group isolation is the primary access control boundary. All model deployments, vector stores, and grounding pipelines must be assigned to the appropriate resource group. Cross-resource-group access without documented justification is a `high` finding.
51
+ - Evidence from official SAP AI Core, AI Launchpad, and Generative AI Hub documentation takes precedence over inference.
52
+
53
+ ## Evidence rules
54
+
55
+ Label all claims with one of:
56
+
57
+ - `documentation-based` — grounded in official SAP AI Core, AI Launchpad, or Generative AI Hub documentation (help.sap.com)
58
+ - `user-provided evidence` — orchestration configuration files, role assignment descriptions, grounding pipeline design, data classification documentation, or written descriptions provided by the user
59
+ - `context7-supplementary` — grounded in SAP Generative AI Hub orchestration configuration patterns from Context7 (supplementary; applies for content safety filter configuration and grounding module structure)
60
+ - `inference` — derived reasoning not directly confirmed by official docs or user evidence
61
+
62
+ ## Live-environment rules and data privacy rules
63
+
64
+ **This skill does not touch live systems.** There is no AI Core API call, Generative AI Hub model invocation, vector store query, prompt log access, or AI Launchpad session in this skill's execution path.
65
+
66
+ **Data privacy rules for this review skill:**
67
+
68
+ - Do not request, accept, or process actual prompt logs, user message history, or inference outputs from production deployments.
69
+ - Do not request actual grounding documents, embeddings, or vector store contents. Accept only descriptions of data classification and pipeline configuration.
70
+ - Do not request AI Core service keys, OAuth tokens, or resource group credentials.
71
+ - When the user describes a grounding pipeline that handles personal data, advise on governance controls without requesting the underlying data.
72
+
73
+ ## References
74
+
75
+ Load only when needed:
76
+
77
+ - [Workflow and output contract](references/workflow-and-output.md) — governance domain taxonomy, severity classification, output format.
78
+ - [Safety checklist](references/safety-checklist.md) — non-negotiables, common AI governance mistakes, when to push back.
79
+ - [Official sources](references/official-sources.md) — SAP AI Core, AI Launchpad, Generative AI Hub, and Document Grounding Service documentation.
80
+ - [Context7 framework docs](references/context7-framework-docs.md) — SAP Generative AI Hub orchestration configuration patterns (supplementary; applies for content safety filter and grounding module configuration).
81
+
82
+ ## Response minimum
83
+
84
+ Return, at minimum:
85
+
86
+ - **Problem classification**: governance domain(s) in scope and specific finding(s) per domain.
87
+ - **Evidence used**: documentation-based / user-provided evidence / context7-supplementary / inference.
88
+ - **Risk level**: critical (regulatory breach, data exfiltration, or security bypass risk) / high (governance control gap with material privacy or security impact) / medium (audit or compliance gap) / low (best practice deviation).
89
+ - **Recommended action**: specific governance control per finding (add content safety filter, classify grounding data before ingestion, restrict prompt log access, pin model version, define erasure procedure for embedded personal data, etc.).
90
+ - **Refusal / escalation triggers**: if live AI Core access, prompt log inspection, or vector store content review is required to complete the governance assessment, state that clearly and do not proceed. If the configuration may contain personal data, do not accept it directly — request a redacted or anonymized description instead.
91
+ - **Business impact**: regulatory exposure (GDPR, local data protection law), AI output reliability risk, audit trail gap, or reputational risk from harmful model output.
92
+ - **Next verification step**: validate recommended governance controls against current SAP AI Core configuration documentation and applicable data protection regulation before deploying changes.
@@ -0,0 +1,11 @@
1
+ interface:
2
+ display_name: "SAP AI Core Generative AI Hub Governance"
3
+ short_description: "Governance review for SAP AI Core, AI Launchpad, and Generative AI Hub: model access control, data privacy, prompt-injection risk, grounding data classification, prompt-log handling, and AI output auditability"
4
+ default_prompt: "Use $sap-ai-core-generative-ai-hub-governance to assess the provided SAP Generative AI Hub governance artifacts. Classify findings by domain (Model Access / Data Privacy / Prompt Injection Risk / Grounding Data / Prompt Logging / Auditability), assign severity (critical / high / medium / low), state evidence level (documentation-based / user-provided evidence / context7-supplementary / inference), and recommend specific governance controls per finding. Do not request actual prompt logs, grounding data contents, embeddings, or AI Core service credentials."
5
+ dependencies:
6
+ tools:
7
+ - type: "web"
8
+ value: "https://help.sap.com/docs/sap-ai-core/sap-ai-core-service-guide/security-and-data-protection"
9
+ description: "SAP AI Core security and data protection guide — verify data residency, privacy controls, and access governance requirements for the target AI Core service plan"
10
+ policy:
11
+ allow_implicit_invocation: true
@@ -0,0 +1,34 @@
1
+ {
2
+ "id": "sap-ai-core-generative-ai-hub-governance",
3
+ "name": "SAP AI Core Generative AI Hub Governance",
4
+ "type": "skill",
5
+ "provider": "sap",
6
+ "harnesses": [
7
+ "claude-code",
8
+ "codex",
9
+ "cursor",
10
+ "gemini",
11
+ "kiro",
12
+ "other"
13
+ ],
14
+ "summary": "Governance review for SAP AI Core, AI Launchpad, and Generative AI Hub: model access control, data privacy for RAG/embeddings, prompt-injection risk in orchestration configurations, grounding data classification, prompt-log handling, and auditability of AI outputs. Does not run models or access production AI deployments.",
15
+ "source_type": "original",
16
+ "category": "ai",
17
+ "official_docs": [
18
+ "https://help.sap.com/docs/sap-ai-core/sap-ai-core-service-guide/what-is-sap-ai-core",
19
+ "https://help.sap.com/docs/sap-ai-core/sap-ai-core-service-guide/resource-groups",
20
+ "https://help.sap.com/docs/ai-launchpad/sap-ai-launchpad/what-is-sap-ai-launchpad",
21
+ "https://help.sap.com/docs/sap-ai-core/generative-ai/generative-ai-hub-in-sap-ai-core",
22
+ "https://help.sap.com/docs/sap-ai-core/generative-ai/orchestration",
23
+ "https://help.sap.com/docs/sap-ai-core/generative-ai/document-grounding",
24
+ "https://help.sap.com/docs/sap-ai-core/sap-ai-core-service-guide/security-and-data-protection",
25
+ "https://help.sap.com/docs/sap-ai-core/generative-ai/data-protection-and-privacy",
26
+ "https://help.sap.com/docs/ai-launchpad/sap-ai-launchpad/roles-and-authorizations"
27
+ ],
28
+ "security_notes": "Does not access live AI Core deployments, invoke Generative AI Hub models, read prompt logs, query vector stores, or connect to AI Launchpad. Accepts only orchestration configuration files, role assignment descriptions, grounding pipeline design, data classification documentation, or written descriptions. Never request or accept AI Core service keys, OAuth tokens, resource group credentials, actual prompt logs, grounding document contents, or embeddings. If user-provided configuration may contain personal data, request a redacted version.",
29
+ "last_verified": "2026-06-19",
30
+ "path": "skills/sap/sap-ai-core-generative-ai-hub-governance",
31
+ "author": "github: Raishin",
32
+ "version": "0.1.0",
33
+ "lifecycle": "experimental"
34
+ }
@@ -0,0 +1,107 @@
1
+ # Context7 framework docs — SAP AI Core Generative AI Hub Governance
2
+
3
+ **Role**: supplementary. Official SAP AI Core and Generative AI Hub documentation (help.sap.com) is the primary source for all governance guidance. Context7-sourced Generative AI Hub documentation supplements with concrete orchestration configuration structure for content safety filtering and grounding module setup — both directly relevant to prompt-injection risk and grounding data governance.
4
+
5
+ **Library used**: SAP AI Core Generative AI Hub
6
+ Context7 library ID: `/websites/help_sap_sap-ai-core_generative-ai`
7
+ Lookup target: orchestration configuration, content safety filtering (filtering_module_config), grounding module (grounding_module_config), prompt template variables, metadata exposure in retrieval
8
+ Skill: `sap-ai-core-generative-ai-hub-governance`
9
+ Classification: supplementary — applies for prompt-injection risk and grounding data governance domains
10
+
11
+ ---
12
+
13
+ ## Orchestration — content safety filter configuration (supplementary)
14
+
15
+ Source: help.sap.com SAP AI Core Generative AI Hub (Context7 `/websites/help_sap_sap-ai-core_generative-ai`)
16
+ Reference: https://help.sap.com/docs/sap-ai-core/generative-ai/contextualized-retrieval-using-metadata-and-vector-search
17
+
18
+ Content safety filtering is configured via `filtering_module_config` in the orchestration request body. Both input and output paths must be configured independently:
19
+
20
+ ```json
21
+ "filtering_module_config": {
22
+ "input": {
23
+ "filters": [
24
+ {
25
+ "type": "azure_content_safety",
26
+ "config": {
27
+ "Hate": 2,
28
+ "SelfHarm": 2,
29
+ "Sexual": 2,
30
+ "Violence": 2
31
+ }
32
+ }
33
+ ]
34
+ },
35
+ "output": {
36
+ "filters": [
37
+ {
38
+ "type": "azure_content_safety",
39
+ "config": {
40
+ "Hate": 2,
41
+ "SelfHarm": 2,
42
+ "Sexual": 2,
43
+ "Violence": 2
44
+ }
45
+ }
46
+ ]
47
+ }
48
+ }
49
+ ```
50
+
51
+ **Governance relevance:**
52
+ - `filtering_module_config` must appear in every orchestration configuration that accepts user input or returns output to end users. Its absence is a `high` finding.
53
+ - The `input` filter screens prompts before they reach the model — primary defense against harmful input and some prompt injection patterns.
54
+ - The `output` filter screens model responses before they reach the caller — defense against harmful model output.
55
+ - Threshold values (0–6): lower values = more permissive (more content passes); higher values = more restrictive. Setting thresholds to 0 effectively disables filtering for that category — a `high` finding for customer-facing pipelines.
56
+ - `azure_content_safety` is the filter type available in the standard Generative AI Hub orchestration service. Governance reviews must confirm the filter type matches what the target deployment supports.
57
+
58
+ ---
59
+
60
+ ## Orchestration — grounding module and metadata exposure (supplementary)
61
+
62
+ Source: help.sap.com SAP AI Core Generative AI Hub (Context7 `/websites/help_sap_sap-ai-core_generative-ai`)
63
+ Reference: https://help.sap.com/docs/sap-ai-core/generative-ai/contextualized-retrieval-using-metadata-and-vector-search
64
+
65
+ The grounding module (`grounding_module_config`) retrieves documents from a vector store and injects them into the prompt via a named output parameter:
66
+
67
+ ```json
68
+ "grounding_module_config": {
69
+ "type": "document_grounding_service",
70
+ "config": {
71
+ "filters": [
72
+ {
73
+ "id": "filter1",
74
+ "data_repositories": ["*"],
75
+ "search_config": {},
76
+ "data_repository_type": "vector"
77
+ }
78
+ ],
79
+ "input_params": ["groundingRequest"],
80
+ "output_param": "groundingOutput",
81
+ "metadata_params": ["source", "webUrl"]
82
+ }
83
+ }
84
+ ```
85
+
86
+ **Governance relevance:**
87
+ - `data_repositories: ["*"]` queries all vector stores accessible in the resource group. Governance review should confirm this is intentional — if only specific repositories should be queried, explicit repository IDs should be listed.
88
+ - `metadata_params: ["source", "webUrl"]` exposes document source metadata in the orchestration response. Internal URLs, access-controlled document paths, or identifiers that reveal internal system topology may constitute an information disclosure finding if returned to end users without review.
89
+ - `output_param: "groundingOutput"` injects retrieved document content into the prompt template via `{{ ?groundingOutput }}`. If grounding documents can contain untrusted or externally sourced content, this injection point is a vector for indirect prompt injection. Review whether `{{ ?groundingOutput }}` appears in the system message (high risk) or user message (medium risk).
90
+ - `input_params: ["groundingRequest"]` takes the grounding query from a prompt template variable. Review whether this variable is user-controlled (`{{ ?userInput }}`) — if so, users can influence which documents are retrieved, potentially extracting information from the vector store beyond their intended scope.
91
+
92
+ ---
93
+
94
+ ## Scope boundaries for Context7 usage
95
+
96
+ Context7 SAP Generative AI Hub documentation applies to:
97
+
98
+ - **Prompt Injection Risk**: `filtering_module_config` structure, content safety threshold semantics, grounding output injection patterns
99
+ - **Grounding Data**: `grounding_module_config` structure, `data_repositories` scope, `metadata_params` exposure
100
+
101
+ It does not replace official SAP documentation for:
102
+ - AI Core resource group isolation and access control (use help.sap.com/docs/sap-ai-core/sap-ai-core-service-guide/resource-groups)
103
+ - AI Launchpad role definitions and separation of duties (use help.sap.com/docs/ai-launchpad/sap-ai-launchpad/roles-and-authorizations)
104
+ - Data residency and data protection requirements (use help.sap.com/docs/sap-ai-core/generative-ai/data-protection-and-privacy)
105
+ - Prompt logging behavior and retention (use help.sap.com/docs/sap-ai-core/generative-ai/data-protection-and-privacy)
106
+
107
+ Always label Context7-sourced guidance as `context7-supplementary` in responses.
@@ -0,0 +1,91 @@
1
+ # Official sources — SAP AI Core Generative AI Hub Governance
2
+
3
+ Use this reference when grounding AI Core model access, AI Launchpad role governance, Generative AI Hub orchestration, grounding data classification, data privacy, and audit requirements.
4
+
5
+ **Evidence level**: documentation-based (SAP Help Portal — help.sap.com). No live-system evidence is collected by this skill.
6
+
7
+ ## SAP AI Core — service overview and access control
8
+
9
+ - What is SAP AI Core
10
+ https://help.sap.com/docs/sap-ai-core/sap-ai-core-service-guide/what-is-sap-ai-core
11
+ source_owner: SAP SE
12
+ topic_supported: AI Core service overview, supported use cases, service plan tiers (standard, extended), BTP subaccount integration
13
+ why_needed: Establishes which AI Core service plan features are available; service plan determines available governance controls
14
+ evidence_level: primary
15
+ last_verified: 2026-06-19
16
+
17
+ - SAP AI Core Resource Groups
18
+ https://help.sap.com/docs/sap-ai-core/sap-ai-core-service-guide/resource-groups
19
+ source_owner: SAP SE
20
+ topic_supported: Resource group creation, isolation scope, assignment of model deployments, vector stores, and grounding pipelines to resource groups; cross-resource-group access controls
21
+ why_needed: Resource group is the primary access control and isolation boundary for AI Core workloads; used to classify cross-resource-group access findings
22
+ evidence_level: primary
23
+ last_verified: 2026-06-19
24
+
25
+ - SAP AI Core Security and Data Protection
26
+ https://help.sap.com/docs/sap-ai-core/sap-ai-core-service-guide/security-and-data-protection
27
+ source_owner: SAP SE
28
+ topic_supported: Data residency, encryption at rest and in transit, tenant isolation, AI Core security posture, responsible AI use policy
29
+ why_needed: Authoritative source for data residency requirements and security baseline; used to classify data protection gaps
30
+ evidence_level: primary
31
+ last_verified: 2026-06-19
32
+
33
+ ## AI Launchpad — roles and authorizations
34
+
35
+ - What is SAP AI Launchpad
36
+ https://help.sap.com/docs/ai-launchpad/sap-ai-launchpad/what-is-sap-ai-launchpad
37
+ source_owner: SAP SE
38
+ topic_supported: AI Launchpad overview, supported AI Core connection types, user interface for managing AI workloads
39
+ why_needed: Establishes AI Launchpad scope and integration with AI Core; context for role-based access review
40
+ evidence_level: primary
41
+ last_verified: 2026-06-19
42
+
43
+ - SAP AI Launchpad Roles and Authorizations
44
+ https://help.sap.com/docs/ai-launchpad/sap-ai-launchpad/roles-and-authorizations
45
+ source_owner: SAP SE
46
+ topic_supported: aicore_admin, aicore_viewer, genai_manager, genai_viewer role definitions; separation of duties; role collection assignment in BTP
47
+ why_needed: Defines the role taxonomy for AI Launchpad access governance; used to classify overprivileged role assignments and missing separation of duties
48
+ evidence_level: primary
49
+ last_verified: 2026-06-19
50
+
51
+ ## Generative AI Hub — orchestration and governance
52
+
53
+ - Generative AI Hub in SAP AI Core
54
+ https://help.sap.com/docs/sap-ai-core/generative-ai/generative-ai-hub-in-sap-ai-core
55
+ source_owner: SAP SE
56
+ topic_supported: Generative AI Hub capabilities, supported models, model access via orchestration service, enterprise governance runtime
57
+ why_needed: Primary overview for Generative AI Hub scope; confirms enterprise governance is the intended operating posture
58
+ evidence_level: primary
59
+ last_verified: 2026-06-19
60
+
61
+ - SAP Generative AI Hub Orchestration
62
+ https://help.sap.com/docs/sap-ai-core/generative-ai/orchestration
63
+ source_owner: SAP SE
64
+ topic_supported: Orchestration service configuration, llm_module_config, templating_module_config, filtering_module_config (content safety), grounding_module_config, prompt template variables, model version selection
65
+ why_needed: Authoritative source for orchestration configuration structure; used to classify missing content safety filters and unguarded template variables
66
+ evidence_level: primary
67
+ last_verified: 2026-06-19
68
+
69
+ ## Generative AI Hub — document grounding
70
+
71
+ - SAP Generative AI Hub Document Grounding
72
+ https://help.sap.com/docs/sap-ai-core/generative-ai/document-grounding
73
+ source_owner: SAP SE
74
+ topic_supported: Document Grounding Service configuration, vector store creation and scope, data repository types (vector, SharePoint), grounding pipeline ingestion, metadata handling, retrieval configuration
75
+ why_needed: Defines grounding pipeline architecture; used to classify data classification gaps before ingestion and cross-tenant vector store isolation findings
76
+ evidence_level: primary
77
+ last_verified: 2026-06-19
78
+
79
+ ## Generative AI Hub — data protection and privacy
80
+
81
+ - SAP Generative AI Hub Data Protection and Privacy
82
+ https://help.sap.com/docs/sap-ai-core/generative-ai/data-protection-and-privacy
83
+ source_owner: SAP SE
84
+ topic_supported: Prompt data handling, data residency for AI-processed data, personal data in prompts and grounding documents, prompt logging behavior, data retention, right-to-erasure considerations for vectorized data
85
+ why_needed: Authoritative source for data privacy requirements for Generative AI Hub workloads; used to classify prompt logging and embedding privacy findings
86
+ evidence_level: primary
87
+ last_verified: 2026-06-19
88
+
89
+ ## Grounding rule
90
+
91
+ SAP Help Portal documentation describes design intent, supported governance controls, and data protection posture for standard AI Core service plans. It does not prove which controls are active in a specific customer's AI Core instance, what data has been ingested into their vector stores, or how their orchestration pipelines are currently deployed. Users must supply orchestration configuration files, role assignment descriptions, grounding pipeline design, or written descriptions for concrete governance assessment.
@@ -0,0 +1,39 @@
1
+ # Safety checklist — SAP AI Core Generative AI Hub Governance
2
+
3
+ Use before making any finding or recommendation, especially for data privacy and prompt-injection risk findings.
4
+
5
+ ## Non-negotiables
6
+
7
+ - Do not access, connect to, or request access to any live AI Core deployment, Generative AI Hub orchestration endpoint, vector store, or AI Launchpad session.
8
+ - Do not accept or request AI Core service keys, OAuth tokens, resource group credentials, or BTP service binding secrets.
9
+ - Do not accept or request actual prompt logs, user message history, inference output from production deployments, or grounding document contents. Request only descriptions of data classification and pipeline configuration.
10
+ - Do not accept vector store embeddings or raw grounding data. If the user attempts to share this, redirect them to provide a description of the data types and classification status instead.
11
+ - Do not recommend disabling content safety filters (`filtering_module_config`) as a performance optimization. Missing input or output content safety filters is a high or critical finding.
12
+ - Do not recommend storing prompt logs in a region different from where personal data was collected without advising the user to review applicable data transfer regulations (GDPR Chapter V, local laws).
13
+ - Do not validate data residency compliance from memory alone. Direct the user to verify against the current SAP AI Core data residency documentation for their contracted region.
14
+ - Do not conflate AI Core resource group isolation with BTP subaccount tenant isolation. Resource groups provide workload isolation within a subaccount; cross-tenant isolation requires subaccount-level separation.
15
+
16
+ ## What people get wrong
17
+
18
+ - **Assuming content safety is on by default**: SAP Generative AI Hub orchestration does not enable content safety filters by default. `filtering_module_config` must be explicitly added to the orchestration configuration for both input and output paths.
19
+ - **Treating grounding output as trusted**: Grounding documents retrieved from a vector store may contain injected content if the ingestion pipeline accepted untrusted external documents. Injected content in `{{ ?groundingOutput }}` can manipulate model behavior (indirect prompt injection). Grounding output is not automatically safe to inject into system messages.
20
+ - **Overlooking right-to-erasure for embeddings**: Once personal data is vectorized and stored in a vector store, deleting the source document does not delete the embedding. A documented erasure procedure for the embedding itself is required to comply with right-to-erasure requests.
21
+ - **Assuming resource group isolation = tenant isolation**: Multiple tenants sharing a single BTP subaccount with different resource groups are not fully isolated. Subaccount-level isolation is needed for full tenant separation of AI workloads.
22
+ - **Ignoring metadata exposure**: When `metadata_params` is configured to return `source` and `webUrl` from grounding retrieval, this information is visible in the orchestration response. Internal URLs, document IDs, or access-controlled source identifiers exposed in responses may constitute an information disclosure finding.
23
+ - **Floating model versions in auditable workflows**: Using `model_version: "latest"` in an orchestration configuration means model behavior can change without notice. For any workflow where AI outputs are used in auditable business decisions, the model version must be pinned and changes must go through a change management process.
24
+
25
+ ## When to push back
26
+
27
+ - Push back when the user asks to review actual prompt logs or grounding document contents — request a description of the data types and classification status instead.
28
+ - Push back when the user proposes to disable content safety filters to improve response latency on customer-facing pipelines.
29
+ - Push back when the user proposes to use a single shared resource group for multiple application teams with different data access levels.
30
+ - Push back when the user attempts to ingest personal data into a vector store without a documented erasure procedure.
31
+ - Push back when the request requires live AI Core API access or production deployment inspection — this skill is advisory only.
32
+ - Push back when the user proposes logging prompts containing personal data without a documented retention policy and legal basis.
33
+
34
+ ## Evidence labels
35
+
36
+ - `documentation-based` — grounded in official SAP AI Core, AI Launchpad, or Generative AI Hub documentation (help.sap.com)
37
+ - `user-provided evidence` — orchestration configuration files, role assignment descriptions, grounding pipeline design, data classification documentation, or written descriptions provided by the user
38
+ - `context7-supplementary` — SAP Generative AI Hub orchestration configuration patterns (content safety filter structure, grounding module config) sourced from Context7 (supplementary to official SAP docs)
39
+ - `inference` — derived reasoning not directly confirmed; must always be labeled as such
@@ -0,0 +1,75 @@
1
+ # Workflow and output contract — SAP AI Core Generative AI Hub Governance
2
+
3
+ Use this reference for all classification, severity assignment, and output formatting.
4
+
5
+ ## Governance domain taxonomy
6
+
7
+ | Domain | Scope |
8
+ |--------|-------|
9
+ | `Model Access` | Resource group isolation, AI API service key scope, model deployment access, separation of duties between aicore_admin/genai_manager/genai_viewer roles |
10
+ | `Data Privacy` | Classification of grounding data sources, personal data in prompts and embeddings, embedding storage location, data residency compliance, right-to-erasure for vectorized data |
11
+ | `Prompt Injection Risk` | Unguarded template variables in orchestration configs, system-prompt integrity, input/output content safety filter coverage, grounding output sanitization |
12
+ | `Grounding Data` | Data classification before ingestion, cross-resource-group vector store sharing, sensitive data in shared vector stores, metadata exposure in retrieval results |
13
+ | `Prompt Logging` | Prompt logging enablement state, retention period, access controls on log storage, compliance with data residency for logged prompts containing personal data |
14
+ | `Auditability` | Model version pinning, grounding source attribution in responses, audit log completeness for AI-assisted business decisions, explainability documentation |
15
+
16
+ ## Severity classification
17
+
18
+ | Severity | Meaning | Examples |
19
+ |----------|---------|---------|
20
+ | `critical` | Regulatory breach, data exfiltration, or security bypass risk | Personal data ingested into a shared cross-tenant vector store with no isolation; orchestration endpoint accessible without authentication; prompt logs containing personal data stored outside the contracted data region |
21
+ | `high` | Governance control gap with material privacy or security impact | No content safety filters on input or output for a customer-facing orchestration pipeline; confidential business data in grounding documents with no access control on the vector store; `aicore_admin` role granted to end-users without separation of duties |
22
+ | `medium` | Audit or compliance gap | Model version not pinned (`latest` alias used) for auditable AI-assisted decisions; prompt logging enabled with no documented retention limit; no grounding source attribution in orchestration output for compliance-relevant responses |
23
+ | `low` | Best practice deviation | Missing metadata classification on grounding documents (even for non-personal data); no documented model change approval process |
24
+
25
+ ## Common finding patterns
26
+
27
+ ### Model Access
28
+ - `aicore_admin` role assigned to the same user who operates grounding pipelines (high — violates separation of duties)
29
+ - AI API service key with `global` scope instead of resource-group-scoped key (high — over-permissioned key)
30
+ - Multiple application teams sharing a single resource group with no isolation (high)
31
+
32
+ ### Prompt Injection Risk
33
+ - Orchestration configuration with no `filtering_module_config` on the input path (high — prompt injection unfiltered)
34
+ - Orchestration configuration with no `filtering_module_config` on the output path (high — harmful model output unfiltered)
35
+ - Prompt template containing `{{ ?userInput }}` injected directly into system message without sanitization (high)
36
+ - Grounding output (`{{ ?groundingOutput }}`) injected into prompt without content check (medium — indirect prompt injection via malicious grounding document)
37
+ - Content safety thresholds set to maximum permissiveness (0 = allow) for all categories (high)
38
+
39
+ ### Grounding Data
40
+ - Documents ingested into vector store without prior data classification review (high if organization handles personal or confidential data)
41
+ - Vector store shared across resource groups or tenants without access control review (critical if different tenants)
42
+ - Employee or customer PII present in grounding documents (critical — right-to-erasure obligations for vectorized data)
43
+ - `metadata_params` exposing internal URLs or source identifiers to end-user output without review (medium)
44
+
45
+ ### Prompt Logging
46
+ - Prompt logging enabled for a pipeline where end-user inputs may contain personal data, with no retention policy documented (medium to high depending on regulation)
47
+ - Prompt logs stored in a data region different from where the personal data was originally collected (critical if GDPR cross-border transfer rules apply)
48
+ - No role restriction on who can read prompt logs (high)
49
+
50
+ ### Auditability
51
+ - Model version set to `latest` or floating alias for a pipeline that produces audit-relevant business output (medium)
52
+ - No grounding source citation in orchestration response for compliance-relevant use case (medium)
53
+ - No audit log entry for AI-assisted decisions that affect individual users (high for regulated industries)
54
+
55
+ ## Workflow
56
+
57
+ 1. **Receive artifacts** — orchestration configuration files, role assignment descriptions, resource group layouts, grounding pipeline design, data classification documentation, or user descriptions.
58
+ 2. **Classify each finding** by governance domain above.
59
+ 3. **Assign severity** (critical / high / medium / low).
60
+ 4. **Identify evidence level** (documentation-based / user-provided evidence / context7-supplementary / inference).
61
+ 5. **Recommend specific governance control** — content safety filter addition, data classification step, log access restriction, model version pin, erasure procedure.
62
+ 6. **Prioritize** — critical and high severity first; data privacy before auditability; prompt injection risk before logging.
63
+ 7. **Return output** per the output contract below.
64
+
65
+ ## Output contract
66
+
67
+ Return:
68
+
69
+ 1. Artifacts reviewed and governance domains in scope
70
+ 2. Finding(s) per domain with severity and evidence label
71
+ 3. Specific governance control recommendation per finding
72
+ 4. Data privacy summary — whether personal data was identified in grounding pipeline scope and what protections are in place
73
+ 5. Content safety coverage summary — input and output filter status per orchestration pipeline reviewed
74
+ 6. Prioritized remediation sequence (critical → high → medium → low)
75
+ 7. Escalation trigger if live AI Core access, prompt log inspection, or vector store query is required to complete the governance assessment — do not proceed with live access