@raishin/vanguard-frontier-agentic 2.11.0 → 2.13.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +2 -2
- package/.claude-plugin/plugin.json +41 -1
- package/.cursor-plugin/plugin.json +41 -1
- package/.github/plugin/marketplace.json +1 -1
- package/README.md +11 -11
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/AGENT.md +57 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-abap-cloud-rap-reviewer-agent/metadata.json +46 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/AGENT.md +58 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/codex.toml +31 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-ai-core-genai-hub-governance-reviewer-agent/metadata.json +40 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/AGENT.md +58 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-analytics-cloud-planning-governance-agent/metadata.json +45 -0
- package/agents/sap/sap-audit-evidence-packager-agent/AGENT.md +58 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/copilot.agent.md +33 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/cursor.agent.md +31 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/gemini.agent.md +31 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-audit-evidence-packager-agent/harnesses/kiro-ide.agent.md +31 -0
- package/agents/sap/sap-audit-evidence-packager-agent/metadata.json +45 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/AGENT.md +58 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-btp-account-entitlement-governance-reviewer-agent/metadata.json +44 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/AGENT.md +70 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/claude-code.agent.md +51 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/codex.toml +42 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/copilot.agent.md +36 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/cursor.agent.md +33 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/gemini.agent.md +33 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/harnesses/kiro-ide.agent.md +33 -0
- package/agents/sap/sap-btp-entitlement-guarded-operator-agent/metadata.json +41 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/AGENT.md +57 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-cap-architecture-reviewer-agent/metadata.json +42 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/AGENT.md +58 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/codex.toml +31 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-clean-core-debt-reviewer-agent/metadata.json +45 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/AGENT.md +59 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-cloud-alm-sre-incident-agent/metadata.json +42 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/AGENT.md +60 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/claude-code.agent.md +39 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/codex.toml +29 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-custom-code-remediation-reviewer-agent/metadata.json +45 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/AGENT.md +67 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/claude-code.agent.md +46 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-data-migration-cutover-readiness-agent/metadata.json +44 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/AGENT.md +58 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-datasphere-data-product-architect-agent/metadata.json +45 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/AGENT.md +59 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-ewm-tm-logistics-execution-agent/metadata.json +44 -0
- package/agents/sap/sap-finance-fico-controls-agent/AGENT.md +59 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-finance-fico-controls-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-finance-fico-controls-agent/metadata.json +45 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/AGENT.md +58 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/codex.toml +29 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-fiori-ui5-ux-reviewer-agent/metadata.json +39 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/AGENT.md +70 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/claude-code.agent.md +51 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/codex.toml +41 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/copilot.agent.md +36 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/cursor.agent.md +33 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/gemini.agent.md +33 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/harnesses/kiro-ide.agent.md +33 -0
- package/agents/sap/sap-guarded-transport-import-operator-agent/metadata.json +45 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/AGENT.md +58 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-hana-cloud-performance-cost-agent/metadata.json +43 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/AGENT.md +59 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-hypercare-incident-commander-agent/metadata.json +42 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/AGENT.md +70 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/claude-code.agent.md +51 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/codex.toml +41 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/copilot.agent.md +36 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/cursor.agent.md +33 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/gemini.agent.md +33 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/harnesses/kiro-ide.agent.md +33 -0
- package/agents/sap/sap-integration-flow-guarded-operator-agent/metadata.json +41 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/AGENT.md +57 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-integration-suite-reviewer-agent/metadata.json +43 -0
- package/agents/sap/sap-joule-governance-adoption-agent/AGENT.md +59 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-joule-governance-adoption-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-joule-governance-adoption-agent/metadata.json +42 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/AGENT.md +58 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-license-btp-consumption-finops-agent/metadata.json +42 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/AGENT.md +60 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/claude-code.agent.md +40 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/codex.toml +31 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-live-readonly-identity-trust-discovery-agent/metadata.json +39 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/AGENT.md +60 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/claude-code.agent.md +40 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/codex.toml +31 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-live-readonly-landscape-discovery-agent/metadata.json +39 -0
- package/agents/sap/sap-maestro-agent/AGENT.md +60 -0
- package/agents/sap/sap-maestro-agent/harnesses/claude-code.agent.md +36 -0
- package/agents/sap/sap-maestro-agent/harnesses/codex.toml +34 -0
- package/agents/sap/sap-maestro-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-maestro-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-maestro-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-maestro-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-maestro-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-maestro-agent/metadata.json +39 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/AGENT.md +59 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-manufacturing-execution-risk-agent/metadata.json +44 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/AGENT.md +59 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-mdg-master-data-quality-agent/metadata.json +45 -0
- package/agents/sap/sap-order-to-cash-agent/AGENT.md +59 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-order-to-cash-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-order-to-cash-agent/metadata.json +44 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/AGENT.md +59 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-procurement-ariba-value-leakage-agent/metadata.json +44 -0
- package/agents/sap/sap-release-change-collision-agent/AGENT.md +59 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-release-change-collision-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-release-change-collision-agent/metadata.json +42 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/AGENT.md +58 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-rise-sla-vendor-risk-agent/metadata.json +42 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/AGENT.md +73 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/claude-code.agent.md +54 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/codex.toml +43 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/copilot.agent.md +38 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/cursor.agent.md +35 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/gemini.agent.md +35 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/harnesses/kiro-ide.agent.md +35 -0
- package/agents/sap/sap-role-assignment-guarded-operator-agent/metadata.json +41 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/AGENT.md +62 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/claude-code.agent.md +41 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/codex.toml +29 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-s4hana-transformation-architect-agent/metadata.json +44 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/AGENT.md +59 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-security-iam-grc-sod-reviewer-agent/metadata.json +44 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/AGENT.md +59 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-signavio-process-mining-value-agent/metadata.json +44 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/AGENT.md +59 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-successfactors-hr-process-risk-agent/metadata.json +42 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/AGENT.md +59 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-supply-chain-ibp-resilience-agent/metadata.json +44 -0
- package/agents/sap/sap-testing-quality-gate-agent/AGENT.md +59 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-testing-quality-gate-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-testing-quality-gate-agent/metadata.json +42 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/AGENT.md +58 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/claude-code.agent.md +37 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/copilot.agent.md +31 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/cursor.agent.md +29 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/gemini.agent.md +29 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/harnesses/kiro-ide.agent.md +29 -0
- package/agents/sap/sap-transformation-portfolio-triage-agent/metadata.json +42 -0
- package/agents/sap/sap-treasury-cash-risk-agent/AGENT.md +59 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/claude-code.agent.md +38 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/codex.toml +30 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/copilot.agent.md +32 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/cursor.agent.md +30 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/gemini.agent.md +30 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/kiro-cli.agent.json +1 -0
- package/agents/sap/sap-treasury-cash-risk-agent/harnesses/kiro-ide.agent.md +30 -0
- package/agents/sap/sap-treasury-cash-risk-agent/metadata.json +44 -0
- package/catalog/agents.json +1323 -0
- package/catalog/asset-integrity.json +2293 -43
- package/catalog/install-roles.json +94 -0
- package/catalog/skill-manifest.json +1770 -3
- package/catalog/skills.json +1912 -1
- package/package.json +1 -1
- package/plugins/cross-platform-agent-template/.codexignore +7 -0
- package/plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json +1 -1
- package/plugins/vanguard-frontier-agentic/.codexignore +7 -0
- package/powers/README.md +3 -2
- package/powers/vanguard-sap/POWER.md +43 -0
- package/schemas/agent.schema.json +1 -0
- package/schemas/skill.schema.json +1 -0
- package/scripts/generate-docs-data.mjs +1 -1
- package/scripts/generate-kiro-powers.mjs +12 -0
- package/skills/claude/add-educational-comments/metadata.json +1 -1
- package/skills/sap/sap-abap-cloud-rap-review/SKILL.md +86 -0
- package/skills/sap/sap-abap-cloud-rap-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-abap-cloud-rap-review/metadata.json +34 -0
- package/skills/sap/sap-abap-cloud-rap-review/references/context7-framework-docs.md +126 -0
- package/skills/sap/sap-abap-cloud-rap-review/references/official-sources.md +95 -0
- package/skills/sap/sap-abap-cloud-rap-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-abap-cloud-rap-review/references/workflow-and-output.md +76 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/SKILL.md +92 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/agents/openai.yaml +11 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/metadata.json +34 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/context7-framework-docs.md +107 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/official-sources.md +91 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/safety-checklist.md +39 -0
- package/skills/sap/sap-ai-core-generative-ai-hub-governance/references/workflow-and-output.md +75 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/SKILL.md +168 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/metadata.json +35 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/references/official-sources.md +99 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/references/safety-checklist.md +38 -0
- package/skills/sap/sap-ai-governance-security-architecture-protocol/references/workflow-and-output.md +89 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/SKILL.md +87 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/agents/openai.yaml +11 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/metadata.json +33 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/references/official-sources.md +89 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/references/safety-checklist.md +35 -0
- package/skills/sap/sap-analytics-cloud-planning-governance/references/workflow-and-output.md +70 -0
- package/skills/sap/sap-audit-evidence-packaging/SKILL.md +92 -0
- package/skills/sap/sap-audit-evidence-packaging/agents/openai.yaml +11 -0
- package/skills/sap/sap-audit-evidence-packaging/metadata.json +33 -0
- package/skills/sap/sap-audit-evidence-packaging/references/official-sources.md +92 -0
- package/skills/sap/sap-audit-evidence-packaging/references/safety-checklist.md +38 -0
- package/skills/sap/sap-audit-evidence-packaging/references/workflow-and-output.md +129 -0
- package/skills/sap/sap-btp-governance-review/SKILL.md +84 -0
- package/skills/sap/sap-btp-governance-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-btp-governance-review/metadata.json +34 -0
- package/skills/sap/sap-btp-governance-review/references/official-sources.md +91 -0
- package/skills/sap/sap-btp-governance-review/references/safety-checklist.md +35 -0
- package/skills/sap/sap-btp-governance-review/references/workflow-and-output.md +66 -0
- package/skills/sap/sap-cap-architecture-review/SKILL.md +86 -0
- package/skills/sap/sap-cap-architecture-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-cap-architecture-review/metadata.json +34 -0
- package/skills/sap/sap-cap-architecture-review/references/context7-framework-docs.md +89 -0
- package/skills/sap/sap-cap-architecture-review/references/official-sources.md +93 -0
- package/skills/sap/sap-cap-architecture-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-cap-architecture-review/references/workflow-and-output.md +74 -0
- package/skills/sap/sap-clean-core-debt-review/SKILL.md +84 -0
- package/skills/sap/sap-clean-core-debt-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-clean-core-debt-review/metadata.json +33 -0
- package/skills/sap/sap-clean-core-debt-review/references/context7-framework-docs.md +56 -0
- package/skills/sap/sap-clean-core-debt-review/references/official-sources.md +75 -0
- package/skills/sap/sap-clean-core-debt-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-clean-core-debt-review/references/workflow-and-output.md +62 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/SKILL.md +83 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/metadata.json +33 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/references/official-sources.md +89 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/references/safety-checklist.md +39 -0
- package/skills/sap/sap-cloud-alm-sre-incident-review/references/workflow-and-output.md +88 -0
- package/skills/sap/sap-custom-code-remediation-review/SKILL.md +83 -0
- package/skills/sap/sap-custom-code-remediation-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-custom-code-remediation-review/metadata.json +33 -0
- package/skills/sap/sap-custom-code-remediation-review/references/official-sources.md +85 -0
- package/skills/sap/sap-custom-code-remediation-review/references/safety-checklist.md +39 -0
- package/skills/sap/sap-custom-code-remediation-review/references/workflow-and-output.md +83 -0
- package/skills/sap/sap-data-migration-cutover-readiness/SKILL.md +90 -0
- package/skills/sap/sap-data-migration-cutover-readiness/agents/openai.yaml +14 -0
- package/skills/sap/sap-data-migration-cutover-readiness/metadata.json +32 -0
- package/skills/sap/sap-data-migration-cutover-readiness/references/official-sources.md +73 -0
- package/skills/sap/sap-data-migration-cutover-readiness/references/safety-checklist.md +51 -0
- package/skills/sap/sap-data-migration-cutover-readiness/references/workflow-and-output.md +85 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/SKILL.md +162 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/metadata.json +34 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/references/official-sources.md +93 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/references/safety-checklist.md +39 -0
- package/skills/sap/sap-data-privacy-analytics-ai-protocol/references/workflow-and-output.md +78 -0
- package/skills/sap/sap-datasphere-data-product-architecture/SKILL.md +86 -0
- package/skills/sap/sap-datasphere-data-product-architecture/agents/openai.yaml +11 -0
- package/skills/sap/sap-datasphere-data-product-architecture/metadata.json +33 -0
- package/skills/sap/sap-datasphere-data-product-architecture/references/official-sources.md +85 -0
- package/skills/sap/sap-datasphere-data-product-architecture/references/safety-checklist.md +35 -0
- package/skills/sap/sap-datasphere-data-product-architecture/references/workflow-and-output.md +70 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/SKILL.md +90 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/metadata.json +32 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/references/official-sources.md +79 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-ewm-tm-logistics-execution-review/references/workflow-and-output.md +91 -0
- package/skills/sap/sap-finance-fico-controls-review/SKILL.md +91 -0
- package/skills/sap/sap-finance-fico-controls-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-finance-fico-controls-review/metadata.json +33 -0
- package/skills/sap/sap-finance-fico-controls-review/references/official-sources.md +89 -0
- package/skills/sap/sap-finance-fico-controls-review/references/safety-checklist.md +38 -0
- package/skills/sap/sap-finance-fico-controls-review/references/workflow-and-output.md +88 -0
- package/skills/sap/sap-fiori-ui5-ux-review/SKILL.md +87 -0
- package/skills/sap/sap-fiori-ui5-ux-review/agents/openai.yaml +14 -0
- package/skills/sap/sap-fiori-ui5-ux-review/metadata.json +33 -0
- package/skills/sap/sap-fiori-ui5-ux-review/references/context7-framework-docs.md +128 -0
- package/skills/sap/sap-fiori-ui5-ux-review/references/official-sources.md +95 -0
- package/skills/sap/sap-fiori-ui5-ux-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-fiori-ui5-ux-review/references/workflow-and-output.md +96 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/SKILL.md +156 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/agents/openai.yaml +17 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/metadata.json +33 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/references/live-environment-access.md +93 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/references/official-sources.md +75 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/references/safety-checklist.md +57 -0
- package/skills/sap/sap-guarded-btp-entitlement-change/references/workflow-and-output.md +132 -0
- package/skills/sap/sap-guarded-integration-flow-change/SKILL.md +151 -0
- package/skills/sap/sap-guarded-integration-flow-change/agents/openai.yaml +17 -0
- package/skills/sap/sap-guarded-integration-flow-change/metadata.json +33 -0
- package/skills/sap/sap-guarded-integration-flow-change/references/live-environment-access.md +80 -0
- package/skills/sap/sap-guarded-integration-flow-change/references/official-sources.md +73 -0
- package/skills/sap/sap-guarded-integration-flow-change/references/safety-checklist.md +56 -0
- package/skills/sap/sap-guarded-integration-flow-change/references/workflow-and-output.md +122 -0
- package/skills/sap/sap-guarded-role-assignment/SKILL.md +159 -0
- package/skills/sap/sap-guarded-role-assignment/agents/openai.yaml +17 -0
- package/skills/sap/sap-guarded-role-assignment/metadata.json +33 -0
- package/skills/sap/sap-guarded-role-assignment/references/live-environment-access.md +93 -0
- package/skills/sap/sap-guarded-role-assignment/references/official-sources.md +73 -0
- package/skills/sap/sap-guarded-role-assignment/references/safety-checklist.md +57 -0
- package/skills/sap/sap-guarded-role-assignment/references/workflow-and-output.md +133 -0
- package/skills/sap/sap-guarded-transport-import/SKILL.md +144 -0
- package/skills/sap/sap-guarded-transport-import/agents/openai.yaml +14 -0
- package/skills/sap/sap-guarded-transport-import/metadata.json +34 -0
- package/skills/sap/sap-guarded-transport-import/references/live-environment-access.md +81 -0
- package/skills/sap/sap-guarded-transport-import/references/official-sources.md +79 -0
- package/skills/sap/sap-guarded-transport-import/references/safety-checklist.md +52 -0
- package/skills/sap/sap-guarded-transport-import/references/workflow-and-output.md +93 -0
- package/skills/sap/sap-hana-cloud-performance-cost/SKILL.md +87 -0
- package/skills/sap/sap-hana-cloud-performance-cost/agents/openai.yaml +11 -0
- package/skills/sap/sap-hana-cloud-performance-cost/metadata.json +33 -0
- package/skills/sap/sap-hana-cloud-performance-cost/references/context7-framework-docs.md +94 -0
- package/skills/sap/sap-hana-cloud-performance-cost/references/official-sources.md +83 -0
- package/skills/sap/sap-hana-cloud-performance-cost/references/safety-checklist.md +36 -0
- package/skills/sap/sap-hana-cloud-performance-cost/references/workflow-and-output.md +68 -0
- package/skills/sap/sap-hypercare-incident-commander-review/SKILL.md +93 -0
- package/skills/sap/sap-hypercare-incident-commander-review/agents/openai.yaml +14 -0
- package/skills/sap/sap-hypercare-incident-commander-review/metadata.json +31 -0
- package/skills/sap/sap-hypercare-incident-commander-review/references/official-sources.md +63 -0
- package/skills/sap/sap-hypercare-incident-commander-review/references/safety-checklist.md +55 -0
- package/skills/sap/sap-hypercare-incident-commander-review/references/workflow-and-output.md +98 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/SKILL.md +162 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/metadata.json +35 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/references/official-sources.md +99 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/references/safety-checklist.md +36 -0
- package/skills/sap/sap-integration-platform-businessops-protocol/references/workflow-and-output.md +76 -0
- package/skills/sap/sap-integration-suite-review/SKILL.md +87 -0
- package/skills/sap/sap-integration-suite-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-integration-suite-review/metadata.json +33 -0
- package/skills/sap/sap-integration-suite-review/references/context7-framework-docs.md +76 -0
- package/skills/sap/sap-integration-suite-review/references/official-sources.md +79 -0
- package/skills/sap/sap-integration-suite-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-integration-suite-review/references/workflow-and-output.md +78 -0
- package/skills/sap/sap-joule-governance-adoption-review/SKILL.md +83 -0
- package/skills/sap/sap-joule-governance-adoption-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-joule-governance-adoption-review/metadata.json +33 -0
- package/skills/sap/sap-joule-governance-adoption-review/references/official-sources.md +83 -0
- package/skills/sap/sap-joule-governance-adoption-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-joule-governance-adoption-review/references/workflow-and-output.md +81 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/SKILL.md +89 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/metadata.json +32 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/references/official-sources.md +71 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-license-btp-consumption-finops-review/references/workflow-and-output.md +69 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/SKILL.md +142 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/agents/openai.yaml +14 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/metadata.json +34 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/references/live-environment-access.md +151 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/references/official-sources.md +83 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/references/safety-checklist.md +49 -0
- package/skills/sap/sap-live-readonly-identity-trust-discovery/references/workflow-and-output.md +103 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/SKILL.md +135 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/agents/openai.yaml +14 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/metadata.json +34 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/references/live-environment-access.md +111 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/references/official-sources.md +83 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/references/safety-checklist.md +45 -0
- package/skills/sap/sap-live-readonly-landscape-discovery/references/workflow-and-output.md +102 -0
- package/skills/sap/sap-maestro/SKILL.md +81 -0
- package/skills/sap/sap-maestro/agents/openai.yaml +11 -0
- package/skills/sap/sap-maestro/metadata.json +32 -0
- package/skills/sap/sap-maestro/references/official-sources.md +53 -0
- package/skills/sap/sap-maestro/references/safety-checklist.md +39 -0
- package/skills/sap/sap-maestro/references/workflow-and-output.md +73 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/SKILL.md +89 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/metadata.json +32 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/references/official-sources.md +79 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/references/safety-checklist.md +39 -0
- package/skills/sap/sap-manufacturing-execution-risk-review/references/workflow-and-output.md +91 -0
- package/skills/sap/sap-mdg-master-data-quality-review/SKILL.md +85 -0
- package/skills/sap/sap-mdg-master-data-quality-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-mdg-master-data-quality-review/metadata.json +33 -0
- package/skills/sap/sap-mdg-master-data-quality-review/references/official-sources.md +89 -0
- package/skills/sap/sap-mdg-master-data-quality-review/references/safety-checklist.md +37 -0
- package/skills/sap/sap-mdg-master-data-quality-review/references/workflow-and-output.md +91 -0
- package/skills/sap/sap-order-to-cash-review/SKILL.md +89 -0
- package/skills/sap/sap-order-to-cash-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-order-to-cash-review/metadata.json +32 -0
- package/skills/sap/sap-order-to-cash-review/references/official-sources.md +79 -0
- package/skills/sap/sap-order-to-cash-review/references/safety-checklist.md +39 -0
- package/skills/sap/sap-order-to-cash-review/references/workflow-and-output.md +87 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/SKILL.md +90 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/metadata.json +32 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/references/official-sources.md +79 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/references/safety-checklist.md +38 -0
- package/skills/sap/sap-procurement-ariba-value-leakage-review/references/workflow-and-output.md +87 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/SKILL.md +155 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/metadata.json +35 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/references/official-sources.md +99 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/references/safety-checklist.md +36 -0
- package/skills/sap/sap-procurement-license-finops-vendor-protocol/references/workflow-and-output.md +62 -0
- package/skills/sap/sap-release-change-collision-review/SKILL.md +92 -0
- package/skills/sap/sap-release-change-collision-review/agents/openai.yaml +14 -0
- package/skills/sap/sap-release-change-collision-review/metadata.json +31 -0
- package/skills/sap/sap-release-change-collision-review/references/official-sources.md +63 -0
- package/skills/sap/sap-release-change-collision-review/references/safety-checklist.md +51 -0
- package/skills/sap/sap-release-change-collision-review/references/workflow-and-output.md +85 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/SKILL.md +170 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/metadata.json +33 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/references/official-sources.md +89 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/references/safety-checklist.md +39 -0
- package/skills/sap/sap-release-cutover-finance-controls-protocol/references/workflow-and-output.md +98 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/SKILL.md +88 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/metadata.json +32 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/references/official-sources.md +73 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-rise-sla-vendor-risk-review/references/workflow-and-output.md +56 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/SKILL.md +84 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/agents/openai.yaml +14 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/metadata.json +32 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/references/official-sources.md +75 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/references/safety-checklist.md +40 -0
- package/skills/sap/sap-s4hana-transformation-architecture-review/references/workflow-and-output.md +67 -0
- package/skills/sap/sap-security-hr-legal-protocol/SKILL.md +149 -0
- package/skills/sap/sap-security-hr-legal-protocol/agents/openai.yaml +11 -0
- package/skills/sap/sap-security-hr-legal-protocol/metadata.json +34 -0
- package/skills/sap/sap-security-hr-legal-protocol/references/official-sources.md +89 -0
- package/skills/sap/sap-security-hr-legal-protocol/references/safety-checklist.md +38 -0
- package/skills/sap/sap-security-hr-legal-protocol/references/workflow-and-output.md +65 -0
- package/skills/sap/sap-security-iam-grc-sod-review/SKILL.md +86 -0
- package/skills/sap/sap-security-iam-grc-sod-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-security-iam-grc-sod-review/metadata.json +33 -0
- package/skills/sap/sap-security-iam-grc-sod-review/references/official-sources.md +83 -0
- package/skills/sap/sap-security-iam-grc-sod-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-security-iam-grc-sod-review/references/workflow-and-output.md +79 -0
- package/skills/sap/sap-signavio-process-mining-value/SKILL.md +85 -0
- package/skills/sap/sap-signavio-process-mining-value/agents/openai.yaml +11 -0
- package/skills/sap/sap-signavio-process-mining-value/metadata.json +33 -0
- package/skills/sap/sap-signavio-process-mining-value/references/official-sources.md +89 -0
- package/skills/sap/sap-signavio-process-mining-value/references/safety-checklist.md +36 -0
- package/skills/sap/sap-signavio-process-mining-value/references/workflow-and-output.md +91 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/SKILL.md +92 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/metadata.json +33 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/references/official-sources.md +83 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/references/safety-checklist.md +38 -0
- package/skills/sap/sap-successfactors-hr-process-risk-review/references/workflow-and-output.md +86 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/SKILL.md +90 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/metadata.json +32 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/references/official-sources.md +79 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/references/safety-checklist.md +38 -0
- package/skills/sap/sap-supply-chain-ibp-resilience-review/references/workflow-and-output.md +89 -0
- package/skills/sap/sap-testing-quality-gate-review/SKILL.md +92 -0
- package/skills/sap/sap-testing-quality-gate-review/agents/openai.yaml +14 -0
- package/skills/sap/sap-testing-quality-gate-review/metadata.json +31 -0
- package/skills/sap/sap-testing-quality-gate-review/references/official-sources.md +65 -0
- package/skills/sap/sap-testing-quality-gate-review/references/safety-checklist.md +53 -0
- package/skills/sap/sap-testing-quality-gate-review/references/workflow-and-output.md +98 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/SKILL.md +87 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/metadata.json +32 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/references/official-sources.md +71 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/references/safety-checklist.md +36 -0
- package/skills/sap/sap-transformation-portfolio-triage-review/references/workflow-and-output.md +69 -0
- package/skills/sap/sap-treasury-cash-risk-review/SKILL.md +90 -0
- package/skills/sap/sap-treasury-cash-risk-review/agents/openai.yaml +11 -0
- package/skills/sap/sap-treasury-cash-risk-review/metadata.json +32 -0
- package/skills/sap/sap-treasury-cash-risk-review/references/official-sources.md +79 -0
- package/skills/sap/sap-treasury-cash-risk-review/references/safety-checklist.md +38 -0
- package/skills/sap/sap-treasury-cash-risk-review/references/workflow-and-output.md +89 -0
- package/tests/fixtures/sap-maestro-routing/expected/01-clean-core-debt.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/02-landscape-discovery.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/03-live-guard-transport.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/04-adversarial-injection.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/05-adversarial-persona.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/06-ambiguous.json +4 -0
- package/tests/fixtures/sap-maestro-routing/expected/07-secrets-bait.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/08-btp-governance.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/09-integration-suite.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/10-security-sod.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/11-cap-architecture.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/12-abap-cloud-rap.json +7 -0
- package/tests/fixtures/sap-maestro-routing/expected/13-ai-governance.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/14-datasphere.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/15-analytics-cloud.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/16-hana-cloud.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/17-s4hana-transformation.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/18-custom-code-remediation.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/19-data-migration-cutover.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/20-finance-fico.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/21-mdg-master-data.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/22-signavio.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/23-procurement-ariba.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/24-supply-chain-ibp.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/25-order-to-cash.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/26-treasury.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/27-ewm-tm.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/28-manufacturing.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/29-successfactors.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/30-joule.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/31-cloud-alm.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/32-transformation-portfolio.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/33-rise-sla.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/34-license-finops.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/35-testing-quality.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/36-release-collision.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/37-hypercare.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/38-identity-trust.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/39-fiori-ui5.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/40-audit-evidence.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/41-guard-role-assign.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/42-guard-iflow-deploy.json +6 -0
- package/tests/fixtures/sap-maestro-routing/expected/43-guard-entitlement.json +6 -0
- package/tests/fixtures/sap-maestro-routing/inputs/01-clean-core-debt.json +5 -0
- package/tests/fixtures/sap-maestro-routing/inputs/02-landscape-discovery.json +5 -0
- package/tests/fixtures/sap-maestro-routing/inputs/03-live-guard-transport.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/04-adversarial-injection.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/05-adversarial-persona.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/06-ambiguous.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/07-secrets-bait.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/08-btp-governance.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/09-integration-suite.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/10-security-sod.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/11-cap-architecture.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/12-abap-cloud-rap.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/13-ai-governance.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/14-datasphere.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/15-analytics-cloud.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/16-hana-cloud.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/17-s4hana-transformation.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/18-custom-code-remediation.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/19-data-migration-cutover.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/20-finance-fico.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/21-mdg-master-data.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/22-signavio.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/23-procurement-ariba.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/24-supply-chain-ibp.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/25-order-to-cash.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/26-treasury.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/27-ewm-tm.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/28-manufacturing.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/29-successfactors.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/30-joule.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/31-cloud-alm.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/32-transformation-portfolio.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/33-rise-sla.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/34-license-finops.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/35-testing-quality.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/36-release-collision.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/37-hypercare.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/38-identity-trust.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/39-fiori-ui5.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/40-audit-evidence.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/41-guard-role-assign.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/42-guard-iflow-deploy.json +7 -0
- package/tests/fixtures/sap-maestro-routing/inputs/43-guard-entitlement.json +7 -0
- package/tests/fixtures/sap-maestro-routing/taxonomy.json +509 -0
- package/tests/validate-catalog.py +1 -0
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
# Live environment access — SAP Guarded Role Assignment
|
|
2
|
+
|
|
3
|
+
This reference defines credential setup, role requirements, command restrictions by step, and audit log format for guarded role assignment sessions.
|
|
4
|
+
|
|
5
|
+
## Credential requirements
|
|
6
|
+
|
|
7
|
+
### SAP BTP (Role Collection Management)
|
|
8
|
+
|
|
9
|
+
Required authorization for the executing user:
|
|
10
|
+
- Role collection: **User and Role Administrator** scoped to the specific target subaccount only
|
|
11
|
+
- Not permitted: Global Account Administrator (grants cross-subaccount write access)
|
|
12
|
+
- Not permitted: Subaccount Administrator (grants configuration changes beyond role assignment)
|
|
13
|
+
|
|
14
|
+
API token scope (BTP Security API):
|
|
15
|
+
- Minimum: `xs_security.token.client_credentials` with `uaa.resource` scope for the target subaccount
|
|
16
|
+
- Never request organization-level or global account-level token scopes
|
|
17
|
+
|
|
18
|
+
### S/4HANA and SAP NetWeaver (SU01 / PFCG)
|
|
19
|
+
|
|
20
|
+
Required authorization objects for the role assignment user:
|
|
21
|
+
- `S_USER_AGR` with `ACTVT = 03` (display) — for step 8 (read-only current state)
|
|
22
|
+
- `S_USER_AGR` with `ACTVT = 22` (assign roles) — for step 14 (execute approved change), scoped to target client only
|
|
23
|
+
- `S_TCODE`: SU01 (display and change), PFCG (display only for role content inspection), SUIM (display)
|
|
24
|
+
- Not permitted: `SAP_ALL` or any BASIS administrator profile
|
|
25
|
+
- Not permitted: `S_USER_GRP` with ACTVT=01/02 (create/modify user master records) — this skill covers role assignment only, not user creation
|
|
26
|
+
|
|
27
|
+
### SAP Cloud Identity Services (IAS / IPS)
|
|
28
|
+
|
|
29
|
+
Required service account scope:
|
|
30
|
+
- IAS role: **User Administrator** for the specific IAS tenant
|
|
31
|
+
- IPS role: provisioning operator for the specific IPS system
|
|
32
|
+
- Not permitted: Tenant Administrator role (grants IAS system configuration rights)
|
|
33
|
+
- Never store IAS client ID or client secret in any output
|
|
34
|
+
|
|
35
|
+
### SAP Access Control / Cloud Identity Access Governance (SoD checks — step 9 only)
|
|
36
|
+
|
|
37
|
+
Required access:
|
|
38
|
+
- SAP GRC AC: Risk Analyst or Access Request Processor role — read access to SoD risk simulation
|
|
39
|
+
- Cloud IAG: Risk Analyst scope for the relevant business unit
|
|
40
|
+
- Not permitted: GRC System Administrator role (grants ruleset modification rights)
|
|
41
|
+
|
|
42
|
+
## Step-by-step access matrix
|
|
43
|
+
|
|
44
|
+
| Step | Live system access | Access type | Credential scope |
|
|
45
|
+
|------|--------------------|-------------|-----------------|
|
|
46
|
+
| 1–7 | None | Advisory only | Not applicable |
|
|
47
|
+
| 8 | BTP Security API / SU01 / IAS API | Read-only | BTP User+Role Admin GET / S_USER_AGR ACTVT=03 / IAS User Admin GET |
|
|
48
|
+
| 9 | SAP GRC / Cloud IAG / BTP API | Read-only (SoD simulation) | GRC Risk Analyst / Cloud IAG Risk Analyst / BTP User+Role Admin GET |
|
|
49
|
+
| 10–13 | None | Advisory only | Not applicable |
|
|
50
|
+
| 14 | BTP Security API / SU01 / IAS API | Mutating — assignment/revocation only | BTP User+Role Admin PUT/DELETE / S_USER_AGR ACTVT=22 / IAS User Admin PATCH |
|
|
51
|
+
| 15 | BTP Security API / SU01 / IAS API / GRC | Read-only | Same as step 8 + GRC Risk Analyst |
|
|
52
|
+
| 16–17 | None | Reporting only | Not applicable |
|
|
53
|
+
|
|
54
|
+
## Audit log format
|
|
55
|
+
|
|
56
|
+
Every command executed (steps 8, 9, 14, 15) must be logged before execution:
|
|
57
|
+
|
|
58
|
+
```
|
|
59
|
+
[ROLE_ASSIGNMENT_AUDIT_LOG]
|
|
60
|
+
Step: <step number and name>
|
|
61
|
+
Timestamp (UTC): <ISO 8601>
|
|
62
|
+
System: <BTP subaccount GUID OR S/4HANA SID + client OR IAS tenant ID>
|
|
63
|
+
Tool: <BTP Security API | S/4HANA SU01 | SAP IAS API | SAP GRC | Cloud IAG>
|
|
64
|
+
Command/API call: <exact command or API endpoint, credentials omitted>
|
|
65
|
+
Target user(s)/group(s): <list of user IDs or group names>
|
|
66
|
+
Role(s) in scope: <list of role collection names or PFCG role names>
|
|
67
|
+
SoD pre-check result: <passed (no conflicts) | failed (<conflict list>) | not yet run>
|
|
68
|
+
Output summary: <one-line summary>
|
|
69
|
+
Errors/Warnings: <none | list>
|
|
70
|
+
Redactions applied: <yes/no>
|
|
71
|
+
Approval gate cleared: <yes (step 13 documented) | not yet reached>
|
|
72
|
+
```
|
|
73
|
+
|
|
74
|
+
## Pre-execution gate checklist (step 13 → step 14)
|
|
75
|
+
|
|
76
|
+
Before executing any role assignment or revocation command, all of the following must be true:
|
|
77
|
+
|
|
78
|
+
- [ ] Step 1: Role change type, role type, and scope classified
|
|
79
|
+
- [ ] Step 2: Target system, subaccount/client, and tier confirmed
|
|
80
|
+
- [ ] Step 3: Criticality level assigned
|
|
81
|
+
- [ ] Step 4: Requester name and role documented
|
|
82
|
+
- [ ] Step 5: Approver name, role, and identity documented (different from requester)
|
|
83
|
+
- [ ] Step 6: Access request or change management ticket number confirmed
|
|
84
|
+
- [ ] Step 7: Complete role list with target user(s)/group(s) and validity period documented
|
|
85
|
+
- [ ] Step 8: Read-only current role assignment snapshot obtained (live evidence on record)
|
|
86
|
+
- [ ] Step 9: SoD pre-check passed (no Critical or High conflicts); effective-permission diff produced
|
|
87
|
+
- [ ] Step 10: Blast radius document confirmed
|
|
88
|
+
- [ ] Step 11: Rollback procedure documented and confirmed feasible
|
|
89
|
+
- [ ] Step 12: SoD confirmed — requester and approver are different individuals; SoD pre-check result is pass
|
|
90
|
+
- [ ] Step 13: Explicit written approval from authorized approver on record
|
|
91
|
+
|
|
92
|
+
If any item is unchecked, refuse step 14 execution until it is resolved.
|
|
93
|
+
If step 9 returned any SoD conflict, refuse step 14 execution regardless of other steps.
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
# Official sources — SAP Guarded Role Assignment
|
|
2
|
+
|
|
3
|
+
Use this reference when grounding SAP role collection management, PFCG authorization procedures, Cloud Identity Services operations, and GRC/access governance controls.
|
|
4
|
+
|
|
5
|
+
**Evidence level**: documentation-based (SAP Help Portal). Live evidence gathered during steps 8, 9, and 14 is labeled separately as `live evidence` per the audit format in `references/live-environment-access.md`.
|
|
6
|
+
|
|
7
|
+
## SAP BTP Role Collections
|
|
8
|
+
|
|
9
|
+
- SAP BTP role collections and roles in global accounts, directories, and subaccounts
|
|
10
|
+
https://help.sap.com/docs/btp/sap-business-technology-platform/role-collections-and-roles-in-global-accounts-directories-and-subaccounts
|
|
11
|
+
source_owner: SAP SE
|
|
12
|
+
topic_supported: BTP role collection structure, role assignment scopes, global account vs. subaccount role collections, predefined vs. custom role collections
|
|
13
|
+
why_needed: Authoritative source for BTP role collection architecture used in steps 1, 2, 7, 8, and 14 when the target is a BTP subaccount or global account
|
|
14
|
+
evidence_level: primary
|
|
15
|
+
last_verified: 2026-06-19
|
|
16
|
+
|
|
17
|
+
- SAP BTP — assign role collections to users or user groups
|
|
18
|
+
https://help.sap.com/docs/btp/sap-business-technology-platform/assign-role-collections-to-users-or-user-groups
|
|
19
|
+
source_owner: SAP SE
|
|
20
|
+
topic_supported: Step-by-step role collection assignment and revocation procedures for BTP subaccounts; API and cockpit methods; group-based assignment
|
|
21
|
+
why_needed: Defines the exact assignment and revocation operations permitted in step 14 and the read-only inspection methods used in step 8
|
|
22
|
+
evidence_level: primary
|
|
23
|
+
last_verified: 2026-06-19
|
|
24
|
+
|
|
25
|
+
- SAP BTP security in the Cloud Foundry environment
|
|
26
|
+
https://help.sap.com/docs/btp/sap-business-technology-platform/security-in-the-cloud-foundry-environment
|
|
27
|
+
source_owner: SAP SE
|
|
28
|
+
topic_supported: Cloud Foundry org/space role model, role bindings, service instance permissions, scoped authorization patterns
|
|
29
|
+
why_needed: Grounds steps 3 and 10 (criticality and blast radius) for Cloud Foundry environment role assignments, particularly for integration and application runtime access
|
|
30
|
+
evidence_level: primary
|
|
31
|
+
last_verified: 2026-06-19
|
|
32
|
+
|
|
33
|
+
## SAP NetWeaver / S/4HANA PFCG Authorization Management
|
|
34
|
+
|
|
35
|
+
- SAP NetWeaver PFCG role maintenance and authorization management
|
|
36
|
+
https://help.sap.com/docs/SAP_NETWEAVER_750/6dae0b55c6264f94b4e7e5f2e696d5d2/4a31e3fd18b44f7e9e3d2c16cdcd5e31.html
|
|
37
|
+
source_owner: SAP SE
|
|
38
|
+
topic_supported: PFCG transaction, composite role management, user assignment to roles, authorization object maintenance, SU01 user administration
|
|
39
|
+
why_needed: Authoritative source for PFCG-based role assignment procedures and authorization object scope used in steps 8, 9, and 14 for ABAP/S/4HANA targets
|
|
40
|
+
evidence_level: primary
|
|
41
|
+
last_verified: 2026-06-19
|
|
42
|
+
|
|
43
|
+
## SAP Cloud Identity Services (IAS / IPS)
|
|
44
|
+
|
|
45
|
+
- SAP Cloud Identity Services — manage users
|
|
46
|
+
https://help.sap.com/docs/cloud-identity-services/cloud-identity-services/manage-users
|
|
47
|
+
source_owner: SAP SE
|
|
48
|
+
topic_supported: Identity Authentication Service (IAS) user management, user account attributes, role assignments for IAS-managed users
|
|
49
|
+
why_needed: Required for steps 8 and 14 when the target user is managed via SAP IAS and role assignment flows through IAS/IPS provisioning
|
|
50
|
+
evidence_level: primary
|
|
51
|
+
last_verified: 2026-06-19
|
|
52
|
+
|
|
53
|
+
- SAP Cloud Identity Services — manage groups
|
|
54
|
+
https://help.sap.com/docs/cloud-identity-services/cloud-identity-services/manage-groups
|
|
55
|
+
source_owner: SAP SE
|
|
56
|
+
topic_supported: Group creation and management in IAS, group-to-role-collection mapping, IPS group provisioning to target systems
|
|
57
|
+
why_needed: Grounds step 7 (scope documentation) and step 14 when role changes target IAS/IPS groups rather than individual users
|
|
58
|
+
evidence_level: primary
|
|
59
|
+
last_verified: 2026-06-19
|
|
60
|
+
|
|
61
|
+
## SAP Access Control / Cloud Identity Access Governance
|
|
62
|
+
|
|
63
|
+
- SAP Access Control — access risk analysis and SoD management
|
|
64
|
+
https://help.sap.com/docs/SAP_ACCESS_CONTROL/a44f200cb83c4f0fa06c50c73e67e7c8/e5c4e14d9f804a53a1baa2f8d4e12c87.html
|
|
65
|
+
source_owner: SAP SE
|
|
66
|
+
topic_supported: SoD risk analysis, access risk simulation for proposed role assignments, access request workflow, risk remediation and mitigation
|
|
67
|
+
why_needed: Authoritative source for the SoD pre-check methodology used in step 9; defines risk levels, conflict types, and remediation paths; grounds step 12 (SoD verification)
|
|
68
|
+
evidence_level: primary
|
|
69
|
+
last_verified: 2026-06-19
|
|
70
|
+
|
|
71
|
+
## Grounding rule
|
|
72
|
+
|
|
73
|
+
SAP Help Portal documentation describes role management design intent, authorization object requirements, and API specifications. It does not prove which roles are currently assigned to a user in the target system, what SoD conflicts exist in the user's landscape configuration, or whether the target system's GRC ruleset matches the default SAP Access Control rulebook. Users must supply live evidence from steps 8, 9, and 15 for concrete access assessment.
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
# Safety checklist — SAP Guarded Role Assignment
|
|
2
|
+
|
|
3
|
+
Use before every step and unconditionally before step 14 execution.
|
|
4
|
+
|
|
5
|
+
## Non-negotiables
|
|
6
|
+
|
|
7
|
+
- Do not reach step 14 (execute) without a documented approval from an authorized approver on record in this session.
|
|
8
|
+
- Do not allow self-approval. The requester (step 4) and the approver (step 5) must be different individuals. If they are the same, refuse execution.
|
|
9
|
+
- Do not assign any role that produces an SoD conflict identified in step 9 — even with explicit approval from the security owner. SoD conflicts are a hard stop.
|
|
10
|
+
- Do not assign roles not on the approved list from step 7.
|
|
11
|
+
- Do not skip or reorder steps. The sequence is mandatory.
|
|
12
|
+
- Do not use global account administrator or tenant administrator credentials. Use a user with User and Role Administrator scope for the specific target subaccount or system client only.
|
|
13
|
+
- Do not accept, log, echo, or include BTP service keys, IAS client secrets, OAuth tokens, or ABAP logon passwords in any output.
|
|
14
|
+
- Do not attempt self-recovery after a failed assignment without initiating a new 17-step sequence.
|
|
15
|
+
- Do not grant SAP_ALL, Administrator role collections, or any other unrestricted authorization profile under any circumstance — not even temporarily.
|
|
16
|
+
- Do not assign roles without a documented validity period for time-limited access grants.
|
|
17
|
+
|
|
18
|
+
## What people get wrong
|
|
19
|
+
|
|
20
|
+
- **Treating verbal approval as sufficient**: Step 13 requires explicit written approval documented in the session. Verbal or assumed approval does not clear the gate.
|
|
21
|
+
- **Skipping the SoD pre-check because the role seems harmless**: Step 9 is mandatory regardless of role type. Configuration roles can create SoD conflicts with existing financial roles.
|
|
22
|
+
- **Assuming QA user assignments are low risk**: QA systems often replicate production authorization landscapes and run integrated UAT. The full sequence applies.
|
|
23
|
+
- **Batching multiple users without per-user SoD checks**: Each target user may have different existing roles. The SoD pre-check must be run per user, not once for the role collection.
|
|
24
|
+
- **Using the wrong credential scope for assignment**: The executing user must have User and Role Administrator authorization scoped to the target subaccount or client only. Global Account Administrator scope is too broad.
|
|
25
|
+
- **Skipping step 9 because GRC is not available**: If no GRC or Cloud IAG tool is available, document the reason, request a manual SoD review from the security owner, and treat the result as an explicit exception — not a pass.
|
|
26
|
+
- **Treating "temporary access" as an exemption from the sequence**: All assignments — including time-limited ones — require the full 17 steps, with the validity period documented in step 7.
|
|
27
|
+
- **Proceeding when step 15 reveals unintended permissions**: If the post-change effective-permission check shows access beyond the intended scope, stop immediately and execute the rollback plan.
|
|
28
|
+
|
|
29
|
+
## When to push back
|
|
30
|
+
|
|
31
|
+
- Push back when the user asks to "just assign the role" without completing prior steps.
|
|
32
|
+
- Push back when the requester and approver are the same person.
|
|
33
|
+
- Push back when no access request or change management ticket number is provided.
|
|
34
|
+
- Push back when the SoD pre-check returns any Critical or High risk conflict.
|
|
35
|
+
- Push back when the requested role is SAP_ALL, Administrator, or any broadly privileged collection.
|
|
36
|
+
- Push back when the target system is production and no diff of effective permissions has been produced.
|
|
37
|
+
- Push back when post-change verification (step 15) shows unintended access and the user wants to proceed without assessment or rollback.
|
|
38
|
+
- Push back when the user provides a credential with global account administrator or tenant administrator scope.
|
|
39
|
+
|
|
40
|
+
## Evidence labels
|
|
41
|
+
|
|
42
|
+
- `live evidence` — directly observed from a live SAP system; include command, timestamp, system SID or subaccount GUID
|
|
43
|
+
- `documentation-based` — grounded in SAP official docs; no live access
|
|
44
|
+
- `user-provided evidence` — stated, uploaded, or confirmed by the user in this session
|
|
45
|
+
- `inference` — derived reasoning; must always be labeled as such
|
|
46
|
+
|
|
47
|
+
## SoD verification matrix
|
|
48
|
+
|
|
49
|
+
| Role | Can request? | Can approve? |
|
|
50
|
+
|------|-------------|-------------|
|
|
51
|
+
| End user (business process owner) | Yes | No |
|
|
52
|
+
| Functional consultant | Yes | No |
|
|
53
|
+
| Security officer / GRC analyst | No | Yes |
|
|
54
|
+
| Compliance officer | No | Yes |
|
|
55
|
+
| IT manager / project manager | No | Yes (with security owner co-signature for high-criticality roles) |
|
|
56
|
+
| Requester and approver in same person | No — SoD violation | Refuse execution |
|
|
57
|
+
| Automated provisioning without human approver | No | Refuse — human approver required |
|
|
@@ -0,0 +1,133 @@
|
|
|
1
|
+
# Workflow and output contract — SAP Guarded Role Assignment
|
|
2
|
+
|
|
3
|
+
Use this reference for all step-by-step execution, command patterns, and output formatting.
|
|
4
|
+
|
|
5
|
+
## Step execution protocol
|
|
6
|
+
|
|
7
|
+
For each of the 17 steps, the following must be true before advancing to the next:
|
|
8
|
+
|
|
9
|
+
1. The step's required evidence is on record in this session.
|
|
10
|
+
2. The user has confirmed the evidence is accurate.
|
|
11
|
+
3. Any step-specific gate (e.g., SoD pre-check, approval, SoD verification) has been explicitly cleared.
|
|
12
|
+
|
|
13
|
+
If any of these conditions is false, the session pauses at the current step until resolved.
|
|
14
|
+
|
|
15
|
+
## Command patterns by step
|
|
16
|
+
|
|
17
|
+
### Step 8 — Read-only current state
|
|
18
|
+
|
|
19
|
+
#### BTP Security API (read)
|
|
20
|
+
```
|
|
21
|
+
GET /security/v1/subaccounts/{subaccountGuid}/users/{userId}/roleCollections
|
|
22
|
+
GET /security/v1/subaccounts/{subaccountGuid}/groups/{groupId}/roleCollections
|
|
23
|
+
```
|
|
24
|
+
|
|
25
|
+
#### BTP Cockpit (read)
|
|
26
|
+
```
|
|
27
|
+
BTP Cockpit → Subaccount → Security → Users → select user → view role collections
|
|
28
|
+
BTP Cockpit → Subaccount → Security → Role Collections → view assigned users
|
|
29
|
+
```
|
|
30
|
+
|
|
31
|
+
#### S/4HANA PFCG / SU01 (read)
|
|
32
|
+
```
|
|
33
|
+
Transaction SU01 → display user → Roles tab (display assigned roles and validity periods)
|
|
34
|
+
Transaction PFCG → display role → User tab (display assigned users)
|
|
35
|
+
Transaction SUIM → User by roles → display users holding a specific role
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
#### SAP Cloud Identity Services (IAS) API (read)
|
|
39
|
+
```
|
|
40
|
+
GET /service/scim/Users/{userId} (returns group memberships and assigned roles)
|
|
41
|
+
GET /service/scim/Groups/{groupId} (returns group members)
|
|
42
|
+
```
|
|
43
|
+
|
|
44
|
+
### Step 9 — SoD pre-check and diff
|
|
45
|
+
|
|
46
|
+
#### SAP Access Control / Cloud IAG (SoD simulation)
|
|
47
|
+
```
|
|
48
|
+
SAP GRC → Access Management → Access Risk Analysis → Simulate Risk for User
|
|
49
|
+
Input: user ID + proposed role(s) to add
|
|
50
|
+
Output: SoD risk report (Conflict / No Conflict per function pair)
|
|
51
|
+
|
|
52
|
+
Cloud IAG → Risk Analysis → Run Risk Analysis for proposed assignment
|
|
53
|
+
Input: user + proposed role collection / role
|
|
54
|
+
Output: SoD risk level (Critical / High / Medium / Low / None)
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
**If any Critical or High SoD risk is returned: refuse assignment. Document result as step 9 evidence. Do not proceed to step 10.**
|
|
58
|
+
|
|
59
|
+
#### Effective-permission diff (BTP)
|
|
60
|
+
```
|
|
61
|
+
Current role collections: [list from step 8]
|
|
62
|
+
Proposed role collections after change: [step 7 list merged with step 8 state]
|
|
63
|
+
Net-new permissions: [roles added] → [derived authorizations]
|
|
64
|
+
Net-removed permissions: [roles removed] → [derived authorizations]
|
|
65
|
+
```
|
|
66
|
+
|
|
67
|
+
### Step 14 — Execute approved change
|
|
68
|
+
|
|
69
|
+
#### BTP Security API (mutating — step 14 only, after step 13 gate is cleared)
|
|
70
|
+
```
|
|
71
|
+
PUT /security/v1/subaccounts/{subaccountGuid}/users/{userId}/roleCollections
|
|
72
|
+
Body: { "roleCollectionNames": ["<approved role collection 1>", "<approved role collection 2>"] }
|
|
73
|
+
|
|
74
|
+
DELETE /security/v1/subaccounts/{subaccountGuid}/users/{userId}/roleCollections/{roleCollectionName}
|
|
75
|
+
(for revocation of a specific role collection)
|
|
76
|
+
```
|
|
77
|
+
|
|
78
|
+
#### S/4HANA SU01 (mutating — step 14 only)
|
|
79
|
+
```
|
|
80
|
+
Transaction SU01 → change user → Roles tab → add or remove approved roles → save
|
|
81
|
+
Authorization required: S_USER_AGR with ACTVT=22 (change user role assignment)
|
|
82
|
+
Scoped to target client only
|
|
83
|
+
```
|
|
84
|
+
|
|
85
|
+
#### SAP Cloud Identity Services (IAS) API (mutating — step 14 only)
|
|
86
|
+
```
|
|
87
|
+
PATCH /service/scim/Users/{userId}
|
|
88
|
+
Body (assign group): { "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"], "Operations": [{"op": "add", "path": "groups", "value": [{"value": "<groupId>"}]}] }
|
|
89
|
+
Body (remove group): { "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"], "Operations": [{"op": "remove", "path": "groups", "value": [{"value": "<groupId>"}]}] }
|
|
90
|
+
```
|
|
91
|
+
|
|
92
|
+
**Never call mutating endpoints before step 13 approval gate is documented.**
|
|
93
|
+
|
|
94
|
+
## Step completion checklist
|
|
95
|
+
|
|
96
|
+
| Step | Evidence type | Completion marker |
|
|
97
|
+
|------|--------------|------------------|
|
|
98
|
+
| 1 | user-provided / documentation-based | Role change type, role type, and scope confirmed |
|
|
99
|
+
| 2 | user-provided evidence | Target system, subaccount/client, and tier confirmed |
|
|
100
|
+
| 3 | user-provided evidence | Criticality level assigned |
|
|
101
|
+
| 4 | user-provided evidence | Requester name and role on record |
|
|
102
|
+
| 5 | user-provided evidence | Approver name, role, and identity on record |
|
|
103
|
+
| 6 | user-provided evidence | Ticket number confirmed |
|
|
104
|
+
| 7 | user-provided evidence | Role list with target user/group and validity period on record |
|
|
105
|
+
| 8 | live evidence | Current role assignment snapshot from target system |
|
|
106
|
+
| 9 | live evidence or documented exception | SoD pre-check result (pass/fail) and effective-permission diff |
|
|
107
|
+
| 10 | user-provided / inference | Blast radius document confirmed |
|
|
108
|
+
| 11 | user-provided evidence | Rollback procedure confirmed feasible |
|
|
109
|
+
| 12 | user-provided evidence | SoD confirmed: requester ≠ approver; SoD pre-check passed |
|
|
110
|
+
| 13 | user-provided evidence | Explicit approval statement on record |
|
|
111
|
+
| 14 | live evidence | Execution log with timestamp |
|
|
112
|
+
| 15 | live evidence | Post-change role check verified; second SoD check passed |
|
|
113
|
+
| 16 | all of the above | Audit record compiled |
|
|
114
|
+
| 17 | user-provided evidence | Report delivered and acknowledged |
|
|
115
|
+
|
|
116
|
+
## Output contract
|
|
117
|
+
|
|
118
|
+
Return after each step:
|
|
119
|
+
|
|
120
|
+
1. Step number and name
|
|
121
|
+
2. Evidence gathered for this step (labeled by evidence type)
|
|
122
|
+
3. Gate status: cleared / pending / blocked
|
|
123
|
+
4. Next step and what is needed to advance
|
|
124
|
+
5. Refusal marker if any gate condition is unmet (do not advance)
|
|
125
|
+
6. SoD status if step 9 or step 12 (pass / fail / pending)
|
|
126
|
+
|
|
127
|
+
Return after step 17:
|
|
128
|
+
|
|
129
|
+
1. Complete audit record (all 17 steps with evidence and timestamps)
|
|
130
|
+
2. Final change status (success / partial / failed)
|
|
131
|
+
3. Post-change verification result including second SoD check
|
|
132
|
+
4. Rollback status (not needed / standing by / triggered)
|
|
133
|
+
5. Report delivery confirmation
|
|
@@ -0,0 +1,144 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: sap-guarded-transport-import
|
|
3
|
+
description: Execute SAP transport request imports using a mandatory 17-step guarded mutation sequence covering classification, target confirmation, criticality, requester, approver, ticket, scope, read-only current state, diff and dry-run, blast radius, rollback plan, segregation of duties, approval gate, execute approved imports only, verify, audit, and report. Refuse if any step is missing. Use when a confirmed and approved transport import into a non-development SAP system (quality, pre-production, or production) must be executed under traceable controls.
|
|
4
|
+
allowed-tools: Read Grep Glob WebSearch WebFetch Bash
|
|
5
|
+
metadata:
|
|
6
|
+
author: "github: Raishin"
|
|
7
|
+
version: "0.1.0"
|
|
8
|
+
updated: "2026-06-19"
|
|
9
|
+
category: delivery
|
|
10
|
+
lifecycle: experimental
|
|
11
|
+
execution_tier: mutating-runtime
|
|
12
|
+
---
|
|
13
|
+
|
|
14
|
+
# SAP Guarded Transport Import
|
|
15
|
+
|
|
16
|
+
## Purpose
|
|
17
|
+
|
|
18
|
+
Execute SAP transport request imports into non-development systems under a strict 17-step guarded mutation sequence. Every step must be completed, documented, and confirmed before the import execution step is reached. If any step is absent, the import is refused until it is completed. This skill treats every transport import into a quality, pre-production, or production system as a risk-critical mutating operation requiring explicit approval and a documented rollback path.
|
|
19
|
+
|
|
20
|
+
## When to use
|
|
21
|
+
|
|
22
|
+
Use this skill when:
|
|
23
|
+
|
|
24
|
+
- a transport request (TR) must be imported into a quality, pre-production, or production SAP system,
|
|
25
|
+
- a change manager or project lead has confirmed the import is approved and requires traceable execution,
|
|
26
|
+
- post-import verification and audit evidence are required for change management or compliance purposes,
|
|
27
|
+
- the user needs a structured, risk-controlled execution protocol for SAP CTS+, STMS, or cloud transport management imports.
|
|
28
|
+
|
|
29
|
+
## When not to use
|
|
30
|
+
|
|
31
|
+
- When the import target is a development system (DEV) — development imports are lower risk and do not require this full sequence.
|
|
32
|
+
- When the user wants to *plan* a transport without executing — advise on the sequence but do not reach the execution step.
|
|
33
|
+
- When any of the 17 steps cannot be completed — refuse execution until all steps are resolved.
|
|
34
|
+
- When no explicit approval from an authorized approver has been obtained — refuse execution.
|
|
35
|
+
|
|
36
|
+
## Lean operating rules
|
|
37
|
+
|
|
38
|
+
- 17 steps, no shortcuts. The sequence is mandatory and must be completed in order. Steps cannot be skipped or reordered.
|
|
39
|
+
- Refuse before step 13. Never reach the execution step (step 14) without a documented approval from an authorized approver on record in this session.
|
|
40
|
+
- Segregation of duties enforced. The person who requests the transport (step 5) must not be the same person who approves it (step 12). If SoD is violated, refuse execution.
|
|
41
|
+
- Read current state before any change. Step 8 (read-only current state) must be completed before any import is proposed. Do not propose an import on undocumented target state.
|
|
42
|
+
- Dry-run before live execution. Step 9 (diff/dry-run) must precede execution. If the SAP system does not support dry-run for the transport type, document the reason and require enhanced approval.
|
|
43
|
+
- Blast radius documented before execution. Step 10 (blast radius) must list all objects, programs, and business processes potentially affected. Imports with undocumented blast radius are refused.
|
|
44
|
+
- One transport at a time. Do not batch-import multiple transports in a single execution step unless each has completed its own full 17-step sequence.
|
|
45
|
+
- Never hardcode credentials. All system access uses pre-configured RFC destinations, STMS users, or CTS+ API service keys — never credentials in plain text.
|
|
46
|
+
- Evidence labeling mandatory. Every step must produce labeled evidence before the next step proceeds.
|
|
47
|
+
|
|
48
|
+
## The 17-step guarded mutation sequence
|
|
49
|
+
|
|
50
|
+
| Step | Name | Description | Evidence required |
|
|
51
|
+
|------|------|-------------|-------------------|
|
|
52
|
+
| 1 | Classify | Classify the transport type (workbench, customizing, Support Package, cloud transport) and content category (ABAP, Fiori, configuration, master data) | Transport type + content category documented |
|
|
53
|
+
| 2 | Confirm target | Confirm the exact target system (SID, client, environment tier: QA/PPD/PRD) | Target SID, client, and tier confirmed by user |
|
|
54
|
+
| 3 | Criticality assessment | Assess business criticality of the transported objects (financial postings, payroll, integration interfaces, core customizing) | Criticality level: low/medium/high/critical |
|
|
55
|
+
| 4 | Requester confirmation | Confirm the name, role, and authorization of the change requester | Requester name and role documented |
|
|
56
|
+
| 5 | Approver identification | Identify the authorized approver (different person from requester — SoD requirement) | Approver name, role, and authorization level |
|
|
57
|
+
| 6 | Ticket linkage | Link the import to a change management ticket (ITSM reference: ServiceNow, Remedy, SAP Solution Manager, etc.) | Ticket number confirmed |
|
|
58
|
+
| 7 | Scope documentation | Document the complete list of transport requests in the import queue, their descriptions, and interdependencies | TR list with descriptions and sequence |
|
|
59
|
+
| 8 | Read-only current state | Read the current state of the target system: transport queue, import queue status, active objects, last import log | Live evidence from target system (read-only) |
|
|
60
|
+
| 9 | Diff and dry-run | Perform a diff of transported objects against current target system content; run dry-run import if system supports it | Diff output or documented dry-run result |
|
|
61
|
+
| 10 | Blast radius | Document all ABAP programs, configuration entries, Fiori apps, interfaces, and business processes potentially affected | Blast radius document with affected components |
|
|
62
|
+
| 11 | Rollback plan | Document the explicit rollback procedure: which transports to re-import, configuration steps, or system restore path | Rollback procedure documented and confirmed feasible |
|
|
63
|
+
| 12 | SoD verification | Verify that requester (step 4) and approver (step 5) are different authorized individuals; confirm no self-approval | SoD confirmed: requester ≠ approver |
|
|
64
|
+
| 13 | Approval gate | Obtain explicit written approval from the authorized approver for this specific import sequence | Approval statement on record in this session |
|
|
65
|
+
| 14 | Execute approved import | Execute the import for approved transport requests only, in the documented sequence | Import command log with timestamp |
|
|
66
|
+
| 15 | Verify | Verify post-import system state: check import log for errors, run smoke tests, confirm business process availability | Post-import log and verification results |
|
|
67
|
+
| 16 | Audit | Produce complete audit record: all 17 steps, evidence, commands, timestamps, approvals | Audit record |
|
|
68
|
+
| 17 | Report | Deliver final report to requester, approver, and change manager | Report delivered and acknowledged |
|
|
69
|
+
|
|
70
|
+
## Evidence rules
|
|
71
|
+
|
|
72
|
+
Label all data with one of:
|
|
73
|
+
|
|
74
|
+
- `live evidence` — directly observed from a live SAP system in this session (include command, output summary, timestamp)
|
|
75
|
+
- `documentation-based` — grounded in SAP official docs
|
|
76
|
+
- `user-provided evidence` — stated or supplied by the user in this session
|
|
77
|
+
- `inference` — derived reasoning not directly confirmed by live data or official docs; must always be labeled
|
|
78
|
+
|
|
79
|
+
## Live-environment rules
|
|
80
|
+
|
|
81
|
+
**Allowed** (step 8 only — read-only current state):
|
|
82
|
+
- STMS display transactions (read-only transport queue inspection)
|
|
83
|
+
- CTS+ API GET calls to read import queue status
|
|
84
|
+
- SAP Cloud Transport Management Service GET API calls
|
|
85
|
+
- Read-only import log inspection
|
|
86
|
+
|
|
87
|
+
**Allowed** (step 14 only — after all prior steps confirmed):
|
|
88
|
+
- STMS import execution for approved transport requests
|
|
89
|
+
- CTS+ API import trigger for approved requests
|
|
90
|
+
- SAP Cloud Transport Management Service import trigger for approved requests
|
|
91
|
+
|
|
92
|
+
**Forbidden** (all other contexts):
|
|
93
|
+
- Any import command before step 13 approval gate is cleared
|
|
94
|
+
- Any import of a transport not on the approved TR list from step 7
|
|
95
|
+
- Any modification to transport route configuration
|
|
96
|
+
- Any deletion of transport requests from the queue without explicit user instruction
|
|
97
|
+
- Any ABAP system access with developer-level credentials (use transport administrator role only)
|
|
98
|
+
|
|
99
|
+
**Least-privilege credential rules**:
|
|
100
|
+
- STMS: use a user with `S_TRANSPRT` import authorization for the specific target system only; not BASIS administrator
|
|
101
|
+
- CTS+: use a service user with CTS+ transport manager role scoped to the specific transport route
|
|
102
|
+
- SAP Cloud TMS: use a Transport Operator role scoped to the specific transport node; not Transport Administrator with delete rights
|
|
103
|
+
|
|
104
|
+
**Approval gate (step 13)**:
|
|
105
|
+
Before step 14 execution, confirm:
|
|
106
|
+
1. All steps 1–12 are documented and evidence is on record.
|
|
107
|
+
2. The approver from step 5 has provided explicit written approval in this session.
|
|
108
|
+
3. The approver is a different person from the requester.
|
|
109
|
+
4. The approval explicitly names the transport requests to be imported.
|
|
110
|
+
|
|
111
|
+
**Rollback**:
|
|
112
|
+
- The rollback plan from step 11 must be documented before step 14 begins.
|
|
113
|
+
- If post-import verification (step 15) reveals errors, stop immediately and escalate to the approver before any further action.
|
|
114
|
+
- Do not attempt self-recovery imports without a new 17-step sequence.
|
|
115
|
+
|
|
116
|
+
**Post-import (step 15)**:
|
|
117
|
+
- Read the import log for all ERROR, WARNING, and ABAP short dump entries.
|
|
118
|
+
- Run the smoke test or business process check specified in the blast radius document.
|
|
119
|
+
- Document the verification result as `live evidence`.
|
|
120
|
+
|
|
121
|
+
**Audit (step 16)**:
|
|
122
|
+
- Produce a complete record of all 17 steps, evidence gathered, commands executed, timestamps, approval statement, and verification results.
|
|
123
|
+
- Retain audit record for the session and deliver to the approver and change manager.
|
|
124
|
+
|
|
125
|
+
## References
|
|
126
|
+
|
|
127
|
+
Load only when needed:
|
|
128
|
+
|
|
129
|
+
- [Workflow and output contract](references/workflow-and-output.md) — 17-step execution details, command patterns, output format.
|
|
130
|
+
- [Safety checklist](references/safety-checklist.md) — non-negotiables, SoD rules, refusal triggers.
|
|
131
|
+
- [Official sources](references/official-sources.md) — SAP TMS, CTS+, Cloud TMS, STMS docs.
|
|
132
|
+
- [Live environment access](references/live-environment-access.md) — credential setup, STMS/CTS+ role requirements, audit log format.
|
|
133
|
+
|
|
134
|
+
## Response minimum
|
|
135
|
+
|
|
136
|
+
Return, at minimum:
|
|
137
|
+
|
|
138
|
+
- **Problem classification**: transport type, content category, and target environment tier.
|
|
139
|
+
- **Evidence used**: live evidence (with command log) / documentation-based / user-provided / inference.
|
|
140
|
+
- **Risk level**: always risk-critical for non-development targets.
|
|
141
|
+
- **Recommended action**: current step in the 17-step sequence and what is needed to advance.
|
|
142
|
+
- **Refusal / escalation triggers**: refuse if approval gate not cleared; refuse if SoD violated; refuse if any step is missing; refuse if rollback plan is absent.
|
|
143
|
+
- **Business impact**: what changes if the import succeeds; what breaks if it fails.
|
|
144
|
+
- **Next verification step**: which step number is next and what evidence is required.
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
interface:
|
|
2
|
+
display_name: "SAP Guarded Transport Import"
|
|
3
|
+
short_description: "Execute SAP transport imports under a mandatory 17-step guarded mutation sequence — refuses if any step is missing or approval gate is not cleared"
|
|
4
|
+
default_prompt: "Use $sap-guarded-transport-import to execute a SAP transport request import. Begin at step 1 (classify) and advance through all 17 steps in order. Do not reach step 14 (execute) without a documented approval from an authorized approver who is different from the requester. Refuse if any step is skipped, if SoD is violated, or if a rollback plan is absent."
|
|
5
|
+
dependencies:
|
|
6
|
+
tools:
|
|
7
|
+
- type: "cli"
|
|
8
|
+
value: "stms"
|
|
9
|
+
description: "SAP Transport Management System (STMS) — used for read-only queue inspection (step 8) and approved import execution (step 14) using transport administrator role only"
|
|
10
|
+
- type: "api"
|
|
11
|
+
value: "sap-cloud-tms"
|
|
12
|
+
description: "SAP Cloud Transport Management Service API — GET for read-only queue status (step 8), POST import for approved requests only (step 14)"
|
|
13
|
+
policy:
|
|
14
|
+
allow_implicit_invocation: false
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "sap-guarded-transport-import",
|
|
3
|
+
"name": "SAP Guarded Transport Import",
|
|
4
|
+
"type": "skill",
|
|
5
|
+
"provider": "sap",
|
|
6
|
+
"harnesses": [
|
|
7
|
+
"claude-code",
|
|
8
|
+
"codex",
|
|
9
|
+
"cursor",
|
|
10
|
+
"gemini",
|
|
11
|
+
"kiro",
|
|
12
|
+
"other"
|
|
13
|
+
],
|
|
14
|
+
"summary": "Execute SAP transport request imports into quality, pre-production, or production systems using a mandatory 17-step guarded mutation sequence: classify, confirm target, criticality, requester, approver, ticket, scope, read-only current state, diff/dry-run, blast radius, rollback, SoD, approval gate, execute approved only, verify, audit, report. Refuses if any step is missing.",
|
|
15
|
+
"source_type": "original",
|
|
16
|
+
"category": "delivery",
|
|
17
|
+
"official_docs": [
|
|
18
|
+
"https://help.sap.com/docs/cloud-transport-management/sap-cloud-transport-management/what-is-sap-cloud-transport-management",
|
|
19
|
+
"https://help.sap.com/docs/cloud-transport-management/sap-cloud-transport-management/transport-nodes-and-routes",
|
|
20
|
+
"https://help.sap.com/docs/cloud-transport-management/sap-cloud-transport-management/importing-transport-requests",
|
|
21
|
+
"https://help.sap.com/docs/sap-solution-manager/sap-solution-manager/change-request-management",
|
|
22
|
+
"https://help.sap.com/docs/cloud-transport-management/sap-cloud-transport-management/transport-management-system-integration",
|
|
23
|
+
"https://help.sap.com/docs/btp/sap-business-technology-platform/change-management-in-sap-btp",
|
|
24
|
+
"https://help.sap.com/docs/abap-platform/abap-platform/transport-organizer-and-stms",
|
|
25
|
+
"https://help.sap.com/docs/cloud-transport-management/sap-cloud-transport-management/segregation-of-duties-in-transport-management"
|
|
26
|
+
],
|
|
27
|
+
"security_notes": "Mutating operations are gated behind the 17-step sequence. Never execute an import before step 13 approval gate is cleared. Never accept self-approval (SoD: requester must differ from approver). Never use BASIS administrator credentials — use transport administrator role scoped to the target system. Never import transports not on the approved TR list. Never hardcode or accept system credentials, ABAP passwords, or CTS+ service key values in plain text. Refuse any request to skip steps.",
|
|
28
|
+
"last_verified": "2026-06-19",
|
|
29
|
+
"path": "skills/sap/sap-guarded-transport-import",
|
|
30
|
+
"author": "github: Raishin",
|
|
31
|
+
"version": "0.1.0",
|
|
32
|
+
"lifecycle": "experimental",
|
|
33
|
+
"execution_tier": "mutating-runtime"
|
|
34
|
+
}
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
# Live environment access — SAP Guarded Transport Import
|
|
2
|
+
|
|
3
|
+
This reference defines credential setup, role requirements, command restrictions by step, and audit log format for guarded transport import sessions.
|
|
4
|
+
|
|
5
|
+
## Credential requirements
|
|
6
|
+
|
|
7
|
+
### STMS (ABAP Transport Management)
|
|
8
|
+
|
|
9
|
+
Required authorization objects for the transport import user:
|
|
10
|
+
- `S_TRANSPRT` with `ACTVT = 03` (display) — for step 8 (read-only current state)
|
|
11
|
+
- `S_TRANSPRT` with `ACTVT = 42` (import) — for step 14 (execute approved import), scoped to target system only
|
|
12
|
+
- `S_TCODE`: SE10 (display), STMS (display and import), no development transactions
|
|
13
|
+
|
|
14
|
+
Never use:
|
|
15
|
+
- A user with `SAP_ALL` or BASIS administrator profile
|
|
16
|
+
- A developer user (S_DEVELOP with ACTVT 01/02) for transport import execution
|
|
17
|
+
- A user with `S_TRANSPRT ACTVT = 06` (delete) — transport deletion is never permitted by this skill
|
|
18
|
+
|
|
19
|
+
### CTS+ Service User
|
|
20
|
+
|
|
21
|
+
Required role: CTS+ Transport Manager scoped to the specific CTS+ system
|
|
22
|
+
Not permitted: CTS+ System Administrator role (grants transport route modification rights)
|
|
23
|
+
|
|
24
|
+
### SAP Cloud TMS
|
|
25
|
+
|
|
26
|
+
Required role: **Transport Operator** scoped to the specific transport node
|
|
27
|
+
Not permitted: **Transport Administrator** role (grants delete and route configuration rights)
|
|
28
|
+
|
|
29
|
+
OAuth token scope: minimum required for `/v2/nodes/{nodeId}/transportRequests` GET and `/v2/nodes/{nodeId}/transportRequests/{trId}/deploy` POST only.
|
|
30
|
+
|
|
31
|
+
Never request broader scopes. Never store OAuth tokens in plaintext in any output.
|
|
32
|
+
|
|
33
|
+
## Step-by-step access matrix
|
|
34
|
+
|
|
35
|
+
| Step | Live system access | Access type | Credential scope |
|
|
36
|
+
|------|--------------------|-------------|-----------------|
|
|
37
|
+
| 1–7 | None | Advisory only | Not applicable |
|
|
38
|
+
| 8 | STMS / CTS+ / Cloud TMS | Read-only | S_TRANSPRT ACTVT=03 / Cloud TMS Transport Operator GET |
|
|
39
|
+
| 9 | STMS / Cloud TMS (if dry-run supported) | Read-only or dry-run | S_TRANSPRT ACTVT=03 / Cloud TMS Transport Operator GET |
|
|
40
|
+
| 10–13 | None | Advisory only | Not applicable |
|
|
41
|
+
| 14 | STMS / CTS+ / Cloud TMS | Mutating — import only | S_TRANSPRT ACTVT=42 / Cloud TMS Transport Operator POST (approved TRs only) |
|
|
42
|
+
| 15 | STMS / Cloud TMS | Read-only | S_TRANSPRT ACTVT=03 / Cloud TMS Transport Operator GET |
|
|
43
|
+
| 16–17 | None | Reporting only | Not applicable |
|
|
44
|
+
|
|
45
|
+
## Audit log format
|
|
46
|
+
|
|
47
|
+
Every command executed (steps 8, 14, 15) must be logged before execution:
|
|
48
|
+
|
|
49
|
+
```
|
|
50
|
+
[TRANSPORT_AUDIT_LOG]
|
|
51
|
+
Step: <step number and name>
|
|
52
|
+
Timestamp (UTC): <ISO 8601>
|
|
53
|
+
System: <ABAP SID + client OR Cloud TMS node ID>
|
|
54
|
+
Tool: <STMS | CTS+ API | Cloud TMS API>
|
|
55
|
+
Command/API call: <exact command or API endpoint, credentials omitted>
|
|
56
|
+
TR(s) in scope: <list of transport request numbers>
|
|
57
|
+
Output summary: <one-line summary>
|
|
58
|
+
Errors/Warnings: <none | list>
|
|
59
|
+
Redactions applied: <yes/no>
|
|
60
|
+
Approval gate cleared: <yes (step 13 documented) | not yet reached>
|
|
61
|
+
```
|
|
62
|
+
|
|
63
|
+
## Pre-execution gate checklist (step 13 → step 14)
|
|
64
|
+
|
|
65
|
+
Before executing any import command, all of the following must be true:
|
|
66
|
+
|
|
67
|
+
- [ ] Step 1: Transport type and content category classified
|
|
68
|
+
- [ ] Step 2: Target system SID, client, and tier confirmed
|
|
69
|
+
- [ ] Step 3: Criticality level assigned
|
|
70
|
+
- [ ] Step 4: Requester name and role documented
|
|
71
|
+
- [ ] Step 5: Approver name, role, and identity documented
|
|
72
|
+
- [ ] Step 6: Change management ticket number confirmed
|
|
73
|
+
- [ ] Step 7: Complete TR list with descriptions documented
|
|
74
|
+
- [ ] Step 8: Read-only current state snapshot obtained (live evidence on record)
|
|
75
|
+
- [ ] Step 9: Diff/dry-run completed or documented exception on record
|
|
76
|
+
- [ ] Step 10: Blast radius document confirmed
|
|
77
|
+
- [ ] Step 11: Rollback procedure documented and confirmed feasible
|
|
78
|
+
- [ ] Step 12: SoD confirmed — requester and approver are different individuals
|
|
79
|
+
- [ ] Step 13: Explicit written approval from authorized approver on record
|
|
80
|
+
|
|
81
|
+
If any item is unchecked, refuse step 14 execution until it is resolved.
|