@raishin/vanguard-frontier-agentic 2.2.0 → 2.5.0

package/catalog/skills.json

@@ -34,7 +34,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review ad-platform audience targeting configurations and AI feature usage for protected-class discrimination risk under Fair Housing Act, ECOA, and EU AI Act Article 5 — proxy segments, algorithmic disparate impact, and missing Special Ad Category declarations.",
+    "summary": "Review ad-platform audience targeting configurations and AI feature usage for protected-class discrimination risk under Fair Housing Act, ECOA, and EU AI Act Article 5 \u2014 proxy segments, algorithmic disparate impact, and missing Special Ad Category declarations.",
     "source_type": "original",
     "official_docs": [
       "https://www.ftc.gov/business-guidance/blog/2023/02/ftcs-ai-related-enforcement-actions",
@@ -69,7 +69,7 @@
       "https://www.alibabacloud.com/help/en/acr",
       "https://www.alibabacloud.com/help/en/asm"
     ],
-    "security_notes": "Require OIDC workload identity for all production workloads — do not approve RAM access key mounting in pods. Require ACR Enterprise vulnerability scanning before deploying images to production clusters. Do not skip Kubernetes version upgrades beyond two minor versions.",
+    "security_notes": "Require OIDC workload identity for all production workloads \u2014 do not approve RAM access key mounting in pods. Require ACR Enterprise vulnerability scanning before deploying images to production clusters. Do not skip Kubernetes version upgrades beyond two minor versions.",
     "last_verified": "2026-05-08",
     "path": "skills/alibaba/alibaba-ack-container-platform-operator",
     "author": "github: Raishin",
@@ -94,7 +94,7 @@
       "https://www.alibabacloud.com/help/en/actiontrail",
       "https://www.alibabacloud.com/help/en/sls"
     ],
-    "security_notes": "Do not delete ActionTrail trails or SLS logstores — audit log destruction may violate MLPS 2.0 retention requirements. Disabling ActionTrail blinds compliance evidence collection.",
+    "security_notes": "Do not delete ActionTrail trails or SLS logstores \u2014 audit log destruction may violate MLPS 2.0 retention requirements. Disabling ActionTrail blinds compliance evidence collection.",
     "last_verified": "2026-05-08",
     "path": "skills/alibaba/alibaba-actiontrail-audit-analyst",
     "author": "github: Raishin",
@@ -139,14 +139,14 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Alibaba Cloud SSL Certificate Service — DV/OV/EV certificate lifecycle, auto-renewal configuration, certificate deployment to SLB/ALB/CDN/OSS, domain validation status, CAA record compliance, and expiry monitoring.",
+    "summary": "Review Alibaba Cloud SSL Certificate Service \u2014 DV/OV/EV certificate lifecycle, auto-renewal configuration, certificate deployment to SLB/ALB/CDN/OSS, domain validation status, CAA record compliance, and expiry monitoring.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/ssl-certificate/latest/what-is-ssl-certificates-service",
       "https://www.alibabacloud.com/help/en/slb/application-load-balancer/user-guide/create-an-https-listener",
       "https://www.alibabacloud.com/help/en/cdn/user-guide/configure-an-ssl-certificate"
     ],
-    "security_notes": "Alibaba Cloud certificate private keys generated on the platform are stored in Alibaba's systems — for maximum security, use CSR-based upload with your own private key generated locally. SLB/ALB HTTPS listeners using TLS 1.0 or 1.1 are non-compliant with PCI-DSS and MLPS 2.0 — enforce TLS 1.2+ via security policy configuration.",
+    "security_notes": "Alibaba Cloud certificate private keys generated on the platform are stored in Alibaba's systems \u2014 for maximum security, use CSR-based upload with your own private key generated locally. SLB/ALB HTTPS listeners using TLS 1.0 or 1.1 are non-compliant with PCI-DSS and MLPS 2.0 \u2014 enforce TLS 1.2+ via security policy configuration.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-certificate-manager-issuer-review",
     "version": "0.1.0",
@@ -165,7 +165,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Pre-change blast radius analysis for Alibaba Cloud — Resource Directory OU scope mapping, RAM policy cascade effects, VPC peering and CEN impact, SLB backend pool changes, RDS connection pool disruption, and safe change sequencing.",
+    "summary": "Pre-change blast radius analysis for Alibaba Cloud \u2014 Resource Directory OU scope mapping, RAM policy cascade effects, VPC peering and CEN impact, SLB backend pool changes, RDS connection pool disruption, and safe change sequencing.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/resource-management/latest/what-is-resource-management",
@@ -173,7 +173,7 @@
       "https://www.alibabacloud.com/help/en/cen/latest/what-is-cen",
       "https://www.alibabacloud.com/help/en/vpc/latest/vpc-peering-connections-overview"
     ],
-    "security_notes": "Alibaba Cloud Resource Directory root account has override capabilities for all member account policies — changes at root level must have explicit dual approval. CEN route changes are near-instantaneous and propagate globally — always test in a staging CEN attachment before applying to production.",
+    "security_notes": "Alibaba Cloud Resource Directory root account has override capabilities for all member account policies \u2014 changes at root level must have explicit dual approval. CEN route changes are near-instantaneous and propagate globally \u2014 always test in a staging CEN attachment before applying to production.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-change-impact-advisor",
     "version": "0.1.0",
@@ -217,7 +217,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Detect and coordinate response to Alibaba Cloud cost anomalies — MaxCompute CU vs on-demand billing mismatch, ECS spot instance interruption cascades, CDN traffic spike billing, OSS API request cost explosions, budget alert → DingTalk notification → remediation playbook.",
+    "summary": "Detect and coordinate response to Alibaba Cloud cost anomalies \u2014 MaxCompute CU vs on-demand billing mismatch, ECS spot instance interruption cascades, CDN traffic spike billing, OSS API request cost explosions, budget alert \u2192 DingTalk notification \u2192 remediation playbook.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/maxcompute/latest/billing-overview",
@@ -225,7 +225,7 @@
       "https://www.alibabacloud.com/help/en/cost-management/latest/overview",
       "https://www.alibabacloud.com/help/en/cdn/user-guide/billing-overview"
     ],
-    "security_notes": "Alibaba Cloud cost data is accessible via the billing API — restrict AccessKey permissions for billing API access to read-only (AliyunBSSReadOnlyAccess). China mainland billing accounts and international accounts cannot be consolidated — separate anomaly monitoring pipelines required for each account type.",
+    "security_notes": "Alibaba Cloud cost data is accessible via the billing API \u2014 restrict AccessKey permissions for billing API access to read-only (AliyunBSSReadOnlyAccess). China mainland billing accounts and international accounts cannot be consolidated \u2014 separate anomaly monitoring pipelines required for each account type.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-cost-anomaly-watch-coordinator",
     "version": "0.1.0",
@@ -269,7 +269,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Coordinate the daily Alibaba Cloud operations standup — cost delta from Cost Manager, ActionTrail anomaly review, ACK pod failure triage, quota utilization warnings, Security Center finding review, and action item assignment.",
+    "summary": "Coordinate the daily Alibaba Cloud operations standup \u2014 cost delta from Cost Manager, ActionTrail anomaly review, ACK pod failure triage, quota utilization warnings, Security Center finding review, and action item assignment.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/cost-management/latest/overview",
@@ -277,7 +277,7 @@
       "https://www.alibabacloud.com/help/en/ack/ack-managed-and-ack-dedicated/user-guide/overview-7",
       "https://www.alibabacloud.com/help/en/security-center/latest/what-is-security-center"
     ],
-    "security_notes": "Alibaba Cloud ActionTrail logs contain API call details that may reveal internal architecture — restrict ActionTrail SLS project access to security team members only. Daily briefing cost data reveals workload scale and spending patterns — distribute briefing reports only to authorized stakeholders.",
+    "security_notes": "Alibaba Cloud ActionTrail logs contain API call details that may reveal internal architecture \u2014 restrict ActionTrail SLS project access to security team members only. Daily briefing cost data reveals workload scale and spending patterns \u2014 distribute briefing reports only to authorized stakeholders.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-daily-operations-briefing-coordinator",
     "version": "0.1.0",
@@ -302,7 +302,7 @@
       "https://www.alibabacloud.com/help/en/rdc",
       "https://www.alibabacloud.com/help/en/acr"
     ],
-    "security_notes": "Do not deploy to production without staging verification. ACR image tags are mutable — use digest-pinned references for production deployments. Flow pipeline rollback requires preserved previous artifact.",
+    "security_notes": "Do not deploy to production without staging verification. ACR image tags are mutable \u2014 use digest-pinned references for production deployments. Flow pipeline rollback requires preserved previous artifact.",
     "last_verified": "2026-05-08",
     "path": "skills/alibaba/alibaba-devops-cicd-operator",
     "author": "github: Raishin",
@@ -348,7 +348,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Alibaba Cloud EventBridge, MNS (Message Notification Service), RocketMQ, and MSE event-driven designs — dead-letter queues, message ordering, idempotency, retry storm prevention, schema registry, and consumer group lag monitoring.",
+    "summary": "Review Alibaba Cloud EventBridge, MNS (Message Notification Service), RocketMQ, and MSE event-driven designs \u2014 dead-letter queues, message ordering, idempotency, retry storm prevention, schema registry, and consumer group lag monitoring.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/eventbridge/latest/what-is-eventbridge",
@@ -356,7 +356,7 @@
       "https://www.alibabacloud.com/help/en/apsaramq-for-rocketmq/latest/what-is-rocketmq",
       "https://www.alibabacloud.com/help/en/mse/latest/overview-of-mse"
     ],
-    "security_notes": "Alibaba Cloud EventBridge event buses can be public — restrict event bus policies to specific source services and target endpoints. MNS message bodies may contain sensitive data — use SSE encryption at rest for MNS queues in regulated environments.",
+    "security_notes": "Alibaba Cloud EventBridge event buses can be public \u2014 restrict event bus policies to specific source services and target endpoints. MNS message bodies may contain sensitive data \u2014 use SSE encryption at rest for MNS queues in regulated environments.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-event-driven-architecture-review",
     "version": "0.1.0",
@@ -401,7 +401,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Terraform and ROS (Resource Orchestration Service) changes targeting Alibaba Cloud — blast radius analysis, resource deletion detection, cross-stack dependency impact, Resource Directory scope, and rollback plan completeness.",
+    "summary": "Review Terraform and ROS (Resource Orchestration Service) changes targeting Alibaba Cloud \u2014 blast radius analysis, resource deletion detection, cross-stack dependency impact, Resource Directory scope, and rollback plan completeness.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/resource-orchestration-service/latest/what-is-ros",
@@ -409,7 +409,7 @@
       "https://www.alibabacloud.com/help/en/resource-management/latest/what-is-resource-management",
       "https://www.alibabacloud.com/help/en/oss/user-guide/server-side-encryption"
     ],
-    "security_notes": "Alibaba Cloud Terraform provider state files expose resource attribute details — OSS backend bucket must deny public access and use SSE-KMS. ROS resource deletion protection must be enabled on production stacks — stacks without deletion protection can be destroyed with a single API call.",
+    "security_notes": "Alibaba Cloud Terraform provider state files expose resource attribute details \u2014 OSS backend bucket must deny public access and use SSE-KMS. ROS resource deletion protection must be enabled on production stacks \u2014 stacks without deletion protection can be destroyed with a single API call.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-iac-change-safety-review",
     "version": "0.1.0",
@@ -454,7 +454,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Design Alibaba Cloud landing zone — Resource Management org tree, Cloud SSO, Control Policy (SCP equivalent), multi-account governance baseline, billing account structure, and ActionTrail centralization.",
+    "summary": "Design Alibaba Cloud landing zone \u2014 Resource Management org tree, Cloud SSO, Control Policy (SCP equivalent), multi-account governance baseline, billing account structure, and ActionTrail centralization.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/resource-management",
@@ -507,7 +507,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate live financial authority actions — budget threshold changes, Savings Plan purchases, Reserved Instance commitments. These are committed spend or can trigger immediate service suspension.",
+    "summary": "Gate live financial authority actions \u2014 budget threshold changes, Savings Plan purchases, Reserved Instance commitments. These are committed spend or can trigger immediate service suspension.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/bss"
@@ -531,7 +531,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate KMS key deletion and disable operations — all data encrypted with a deleted CMK becomes permanently and irrecoverably inaccessible.",
+    "summary": "Gate KMS key deletion and disable operations \u2014 all data encrypted with a deleted CMK becomes permanently and irrecoverably inaccessible.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/kms",
@@ -556,7 +556,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate OSS bucket ACL and policy mutations — public-read/write ACL exposes data to internet crawlers within seconds; CN-* cross-border replication requires DSL Article 31 assessment.",
+    "summary": "Gate OSS bucket ACL and policy mutations \u2014 public-read/write ACL exposes data to internet crawlers within seconds; CN-* cross-border replication requires DSL Article 31 assessment.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/oss"
@@ -580,7 +580,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate RAM policy/role mutations — account-wide blast radius, privilege escalation risk, service breakage from accidental denial.",
+    "summary": "Gate RAM policy/role mutations \u2014 account-wide blast radius, privilege escalation risk, service breakage from accidental denial.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/ram",
@@ -605,7 +605,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate RDS/PolarDB instance deletion, spec downgrade, and backup policy removal — database deletion without verified backup is permanently destructive.",
+    "summary": "Gate RDS/PolarDB instance deletion, spec downgrade, and backup policy removal \u2014 database deletion without verified backup is permanently destructive.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/rds",
@@ -629,7 +629,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Traffic engineering for Alibaba Cloud load balancers — CLB (Classic, legacy), ALB (Application Load Balancer, Layer 7 advanced routing), NLB (Network Load Balancer, Layer 4 high throughput), and GA (Global Accelerator) — type selection, health check design, WAF integration, and traffic distribution.",
+    "summary": "Traffic engineering for Alibaba Cloud load balancers \u2014 CLB (Classic, legacy), ALB (Application Load Balancer, Layer 7 advanced routing), NLB (Network Load Balancer, Layer 4 high throughput), and GA (Global Accelerator) \u2014 type selection, health check design, WAF integration, and traffic distribution.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/slb/classic-load-balancer/product-overview/what-is-clb",
@@ -637,7 +637,7 @@
       "https://www.alibabacloud.com/help/en/slb/network-load-balancer/product-overview/what-is-nlb",
       "https://www.alibabacloud.com/help/en/global-accelerator/latest/what-is-global-accelerator"
     ],
-    "security_notes": "CLB instances with public listeners and no WAF integration are exposed directly to the internet — ALB with WAF integration is required for PCI-DSS and MLPS 2.0 Level 3 regulated HTTP workloads. NLB passes client source IP directly to backends — backend security groups must account for this and restrict access from the NLB CIDR range.",
+    "security_notes": "CLB instances with public listeners and no WAF integration are exposed directly to the internet \u2014 ALB with WAF integration is required for PCI-DSS and MLPS 2.0 Level 3 regulated HTTP workloads. NLB passes client source IP directly to backends \u2014 backend security groups must account for this and restrict access from the NLB CIDR range.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-load-balancer-traffic-engineer",
     "version": "0.1.0",
@@ -656,7 +656,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Route Alibaba Cloud tasks to the narrowest specialist or team of specialists from the 27-agent catalog. China-region aware — flags MLPS 2.0, DSL, and PIPL obligations for CN-* workloads. Classifies and dispatches only; never answers Alibaba Cloud questions directly. Never auto-dispatches live-guard agents.",
+    "summary": "Route Alibaba Cloud tasks to the narrowest specialist or team of specialists from the 27-agent catalog. China-region aware \u2014 flags MLPS 2.0, DSL, and PIPL obligations for CN-* workloads. Classifies and dispatches only; never answers Alibaba Cloud questions directly. Never auto-dispatches live-guard agents.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en",
@@ -664,7 +664,7 @@
       "https://www.alibabacloud.com/help/en/vpc",
       "https://www.alibabacloud.com/help/en/ecs"
     ],
-    "security_notes": "Maestro must never auto-dispatch live-guard agents. RAM AdministratorAccess mutations and KMS key deletion are irreversible with account-wide or permanent data-loss blast radius. China mainland regions carry additional DSL/MLPS/PIPL obligations — flag cross-border data transfer and MLPS grading questions before routing.",
+    "security_notes": "Maestro must never auto-dispatch live-guard agents. RAM AdministratorAccess mutations and KMS key deletion are irreversible with account-wide or permanent data-loss blast radius. China mainland regions carry additional DSL/MLPS/PIPL obligations \u2014 flag cross-border data transfer and MLPS grading questions before routing.",
     "last_verified": "2026-05-08",
     "path": "skills/alibaba/alibaba-maestro",
     "author": "github: Raishin",
@@ -716,7 +716,7 @@
       "https://www.alibabacloud.com/help/en/smc",
       "https://www.alibabacloud.com/help/en/dts"
     ],
-    "security_notes": "DTS replication user requires REPLICATION SLAVE privilege — least privilege on source. Never cut over without verifying DTS lag < 5 seconds and backup integrity.",
+    "security_notes": "DTS replication user requires REPLICATION SLAVE privilege \u2014 least privilege on source. Never cut over without verifying DTS lag < 5 seconds and backup integrity.",
     "last_verified": "2026-05-08",
     "path": "skills/alibaba/alibaba-migration-architect",
     "author": "github: Raishin",
@@ -735,7 +735,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Configure and operate Alibaba MSE — Nacos service discovery and configuration management, Sentinel rate limiting and circuit breaking, Seata distributed transactions, and ARMS APM for microservices observability.",
+    "summary": "Configure and operate Alibaba MSE \u2014 Nacos service discovery and configuration management, Sentinel rate limiting and circuit breaking, Seata distributed transactions, and ARMS APM for microservices observability.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/mse",
@@ -760,7 +760,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Design Alibaba Cloud network topology — VPC peering, CEN for multi-VPC/multi-region connectivity, Express Connect for private circuits, SLB/ALB/NLB/CLB load balancer selection, and Smart Access Gateway for branch offices.",
+    "summary": "Design Alibaba Cloud network topology \u2014 VPC peering, CEN for multi-VPC/multi-region connectivity, Express Connect for private circuits, SLB/ALB/NLB/CLB load balancer selection, and Smart Access Gateway for branch offices.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/vpc",
@@ -813,7 +813,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Govern Alibaba Cloud OSS data perimeters — bucket ACL and policy conflict resolution, Block Public Access configuration, cross-account access via RAM role, VPC endpoint binding for private access, WORM (Object Lock), and MLPS 2.0 data residency compliance.",
+    "summary": "Govern Alibaba Cloud OSS data perimeters \u2014 bucket ACL and policy conflict resolution, Block Public Access configuration, cross-account access via RAM role, VPC endpoint binding for private access, WORM (Object Lock), and MLPS 2.0 data residency compliance.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/oss/user-guide/block-public-access",
@@ -821,7 +821,7 @@
       "https://www.alibabacloud.com/help/en/oss/user-guide/use-bucket-policies-to-authorize-other-users-to-access-oss-resources",
       "https://www.alibabacloud.com/help/en/oss/user-guide/oss-interface-for-vpc"
     ],
-    "security_notes": "Alibaba Cloud OSS bucket names are globally unique — a publicly accessible bucket with a guessable name exposes data without authentication. OSS Cross-Region Replication (CRR) to international regions from CN-* buckets containing personal data violates PIPL and may violate MLPS 2.0 — verify replication destination region compliance.",
+    "security_notes": "Alibaba Cloud OSS bucket names are globally unique \u2014 a publicly accessible bucket with a guessable name exposes data without authentication. OSS Cross-Region Replication (CRR) to international regions from CN-* buckets containing personal data violates PIPL and may violate MLPS 2.0 \u2014 verify replication destination region compliance.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-oss-data-perimeter-governor",
     "version": "0.1.0",
@@ -865,7 +865,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Operate PolarDB (MySQL/PG/Oracle) clusters and RDS instances — DAS diagnostics, database proxy, Global Database Network, backup strategy, and performance tuning.",
+    "summary": "Operate PolarDB (MySQL/PG/Oracle) clusters and RDS instances \u2014 DAS diagnostics, database proxy, Global Database Network, backup strategy, and performance tuning.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/polardb",
@@ -897,7 +897,7 @@
       "https://www.alibabacloud.com/help/en/ram",
       "https://www.alibabacloud.com/help/en/resource-management"
     ],
-    "security_notes": "Never request RAM AccessKey/SecretKey or STS tokens. RAM AdministratorAccess is a critical finding. Resource Directory Control Policy overrides all RAM policies in member accounts — test in simulation before enforcement.",
+    "security_notes": "Never request RAM AccessKey/SecretKey or STS tokens. RAM AdministratorAccess is a critical finding. Resource Directory Control Policy overrides all RAM policies in member accounts \u2014 test in simulation before enforcement.",
     "last_verified": "2026-05-08",
     "path": "skills/alibaba/alibaba-ram-iam-review",
     "author": "github: Raishin",
@@ -916,14 +916,14 @@
       "kiro",
       "other"
     ],
-    "summary": "Govern Alibaba Cloud Container Registry (ACR) — Enterprise Edition vs Personal Edition selection, image vulnerability scanning, namespace IAM least privilege, image retention policies, cross-region replication, and supply chain security posture.",
+    "summary": "Govern Alibaba Cloud Container Registry (ACR) \u2014 Enterprise Edition vs Personal Edition selection, image vulnerability scanning, namespace IAM least privilege, image retention policies, cross-region replication, and supply chain security posture.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/acr/product-overview/what-is-container-registry",
       "https://www.alibabacloud.com/help/en/acr/user-guide/configure-image-tag-immutability",
       "https://www.alibabacloud.com/help/en/acr/user-guide/use-image-scanner-to-scan-images"
     ],
-    "security_notes": "ACR Personal Edition namespaces are globally shared — namespace name collisions are possible; use ACR Enterprise Edition with isolated instance for production. Public ACR namespaces in CN-* regions are accessible globally — this creates cross-border data flow implications under Chinese data regulations.",
+    "security_notes": "ACR Personal Edition namespaces are globally shared \u2014 namespace name collisions are possible; use ACR Enterprise Edition with isolated instance for production. Public ACR namespaces in CN-* regions are accessible globally \u2014 this creates cross-border data flow implications under Chinese data regulations.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-registry-artifact-governor",
     "version": "0.1.0",
@@ -942,7 +942,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Alibaba Cloud workload HA and BCDR designs — RDS High-Availability Edition failover, PolarDB Global Database Network, ACK multi-zone, ECS disaster recovery cross-region, RTO/RPO target analysis, and HBR (Hybrid Backup Recovery) coverage.",
+    "summary": "Review Alibaba Cloud workload HA and BCDR designs \u2014 RDS High-Availability Edition failover, PolarDB Global Database Network, ACK multi-zone, ECS disaster recovery cross-region, RTO/RPO target analysis, and HBR (Hybrid Backup Recovery) coverage.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/rds/apsaradb-rds-for-mysql/disaster-recovery-solution",
@@ -951,7 +951,7 @@
       "https://www.alibabacloud.com/help/en/hybrid-backup-recovery/latest/what-is-hbr",
       "https://www.alibabacloud.com/help/en/server-load-balancer/latest/what-is-global-traffic-manager"
     ],
-    "security_notes": "HBR backup vaults in the same region as production provide no DR value for region-level failures — require cross-region vault configuration. PolarDB Global Database Network write routing to primary means regional primary failure requires manual failover promotion — confirm this is documented in runbooks.",
+    "security_notes": "HBR backup vaults in the same region as production provide no DR value for region-level failures \u2014 require cross-region vault configuration. PolarDB Global Database Network write routing to primary means regional primary failure requires manual failover promotion \u2014 confirm this is documented in runbooks.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-resilience-bcdr-review",
     "version": "0.1.0",
@@ -978,7 +978,7 @@
       "https://www.alibabacloud.com/help/en/ddos",
       "https://www.alibabacloud.com/help/en/cloud-firewall"
     ],
-    "security_notes": "Cloud Firewall policy changes affect all instances in scope simultaneously. WAF bypass via IP whitelist requires documented justification. Anti-DDoS tier downgrade during an active attack is blocked. Security Center agent uninstall removes host-level visibility — confirm before removing.",
+    "security_notes": "Cloud Firewall policy changes affect all instances in scope simultaneously. WAF bypass via IP whitelist requires documented justification. Anti-DDoS tier downgrade during an active attack is blocked. Security Center agent uninstall removes host-level visibility \u2014 confirm before removing.",
     "last_verified": "2026-05-08",
     "path": "skills/alibaba/alibaba-security-center-hardening",
     "author": "github: Raishin",
@@ -997,7 +997,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Function Compute 3.0 (FC3), SAE (Serverless App Engine), and EDAS for production readiness — cold start optimization, VPC binding, RAM role injection, ARMS distributed tracing, security group rules, concurrency limits, and SLA-readiness.",
+    "summary": "Review Function Compute 3.0 (FC3), SAE (Serverless App Engine), and EDAS for production readiness \u2014 cold start optimization, VPC binding, RAM role injection, ARMS distributed tracing, security group rules, concurrency limits, and SLA-readiness.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/functioncompute/latest/overview",
@@ -1005,7 +1005,7 @@
       "https://www.alibabacloud.com/help/en/arms/latest/what-is-arms",
       "https://www.alibabacloud.com/help/en/ram/latest/overview-1"
     ],
-    "security_notes": "FC function AccessKey IDs in environment variables are exposed in the FC console to anyone with fc:GetFunction permission — use RAM role binding exclusively. SAE applications in the same namespace share network access unless namespace-level VPC isolation is configured.",
+    "security_notes": "FC function AccessKey IDs in environment variables are exposed in the FC console to anyone with fc:GetFunction permission \u2014 use RAM role binding exclusively. SAE applications in the same namespace share network access unless namespace-level VPC isolation is configured.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-serverless-production-readiness",
     "version": "0.1.0",
@@ -1024,7 +1024,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Design Alibaba Cloud solutions — product selection (PolarDB vs RDS, ACK vs ASK vs SAE, MaxCompute vs AnalyticDB), architecture patterns, landing zone design, and disaster recovery strategies aligned to the Alibaba Well-Architected Framework.",
+    "summary": "Design Alibaba Cloud solutions \u2014 product selection (PolarDB vs RDS, ACK vs ASK vs SAE, MaxCompute vs AnalyticDB), architecture patterns, landing zone design, and disaster recovery strategies aligned to the Alibaba Well-Architected Framework.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/ecs",
@@ -1051,7 +1051,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Coordinate Alibaba Cloud support incidents — case creation with correct severity (紧急/高/中/低), Enterprise Support SLA enforcement, account manager escalation path, status page monitoring for CN-* and international, internal stakeholder communication, and post-incident evidence packaging.",
+    "summary": "Coordinate Alibaba Cloud support incidents \u2014 case creation with correct severity (\u7d27\u6025/\u9ad8/\u4e2d/\u4f4e), Enterprise Support SLA enforcement, account manager escalation path, status page monitoring for CN-* and international, internal stakeholder communication, and post-incident evidence packaging.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/support/user-guide/submit-a-ticket",
@@ -1059,7 +1059,7 @@
       "https://status.aliyun.com/",
       "https://www.alibabacloud.com/help/en/support/user-guide/technical-support-plans"
     ],
-    "security_notes": "Alibaba Cloud support case attachments are stored on Alibaba Cloud infrastructure — never attach files containing customer financial data, personal health information, or unredacted credentials. Enterprise Support SLA breach timestamps must be documented for contractual credit claims.",
+    "security_notes": "Alibaba Cloud support case attachments are stored on Alibaba Cloud infrastructure \u2014 never attach files containing customer financial data, personal health information, or unredacted credentials. Enterprise Support SLA breach timestamps must be documented for contractual credit claims.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-support-incident-coordinator",
     "version": "0.1.0",
@@ -1078,7 +1078,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Triage Alibaba Cloud operational alerts, incidents, and support tickets — P0/P1/P2/P3 classification, Alibaba Cloud Support SLA enforcement, account manager escalation, DingTalk war room coordination, evidence collection from CloudMonitor and SLS, and safe escalation paths.",
+    "summary": "Triage Alibaba Cloud operational alerts, incidents, and support tickets \u2014 P0/P1/P2/P3 classification, Alibaba Cloud Support SLA enforcement, account manager escalation, DingTalk war room coordination, evidence collection from CloudMonitor and SLS, and safe escalation paths.",
     "source_type": "original",
     "official_docs": [
       "https://www.alibabacloud.com/help/en/support/user-guide/submit-a-ticket",
@@ -1086,7 +1086,7 @@
       "https://www.alibabacloud.com/help/en/cms/user-guide/what-is-cloud-monitor",
       "https://www.alibabacloud.com/help/en/sls/user-guide/what-is-log-service"
     ],
-    "security_notes": "Alibaba Cloud support ticket attachments visible to Alibaba support staff — scrub AccessKey IDs, account IDs, customer PII, and unredacted log data before sharing. China mainland support team and international support team are organizationally separate — tickets filed in the wrong region receive slower response.",
+    "security_notes": "Alibaba Cloud support ticket attachments visible to Alibaba support staff \u2014 scrub AccessKey IDs, account IDs, customer PII, and unredacted log data before sharing. China mainland support team and international support team are organizationally separate \u2014 tickets filed in the wrong region receive slower response.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-ticket-triage-escalation-coordinator",
     "version": "0.1.0",
@@ -1113,7 +1113,7 @@
       "https://www.alibabacloud.com/help/en/ecs/user-guide/savings-plans",
       "https://www.alibabacloud.com/help/en/oss/user-guide/lifecycle"
     ],
-    "security_notes": "Read-only advisory. Do not cancel Savings Plans, Reserved Instances, delete snapshots, or stop instances without explicit approval and resource inventory confirmation. Note: CN-* regions and international regions have separate billing accounts — always confirm which account context the analysis applies to.",
+    "security_notes": "Read-only advisory. Do not cancel Savings Plans, Reserved Instances, delete snapshots, or stop instances without explicit approval and resource inventory confirmation. Note: CN-* regions and international regions have separate billing accounts \u2014 always confirm which account context the analysis applies to.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-waf-cost-optimization-review",
     "author": "github: Raishin",
@@ -1168,7 +1168,7 @@
       "https://www.alibabacloud.com/help/en/actiontrail",
       "https://www.alibabacloud.com/help/en/waf"
     ],
-    "security_notes": "Read-only advisory. Do not modify RAM policies, Security Group rules, KMS keys, or ActionTrail configurations without explicit approval. Note: Alibaba Cloud has separate China (CN-*) and international regions with different regulatory scopes — always confirm region before assessing compliance.",
+    "security_notes": "Read-only advisory. Do not modify RAM policies, Security Group rules, KMS keys, or ActionTrail configurations without explicit approval. Note: Alibaba Cloud has separate China (CN-*) and international regions with different regulatory scopes \u2014 always confirm region before assessing compliance.",
     "last_verified": "2026-05-09",
     "path": "skills/alibaba/alibaba-waf-security-review",
     "author": "github: Raishin",
@@ -1187,7 +1187,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review analytics platform configuration — GA4 property settings, BigQuery export schema, custom event-parameter definitions, and user-property declarations — for data-minimization violations, excessive collection, and storage-period over-retention under GDPR Article 5(1)(c) and 5(1)(e) and EU DPA enforcement on GA4.",
+    "summary": "Review analytics platform configuration \u2014 GA4 property settings, BigQuery export schema, custom event-parameter definitions, and user-property declarations \u2014 for data-minimization violations, excessive collection, and storage-period over-retention under GDPR Article 5(1)(c) and 5(1)(e) and EU DPA enforcement on GA4.",
     "source_type": "original",
     "official_docs": [
       "https://gdpr-info.eu/art-5-gdpr/",
@@ -1196,7 +1196,7 @@
       "https://www.garanteprivacy.it/home/docweb/-/docweb-display/docweb/9782874",
       "https://support.google.com/analytics/answer/9019185"
     ],
-    "security_notes": "Read-only static review of sanitized analytics configuration exports and schema definitions only. Never request live analytics data, raw event exports containing real user identifiers, GA4 admin credentials, or BigQuery service-account keys. Findings may indicate cross-border data transfer violations requiring DPA notification — route remediation and legal assessment to qualified privacy counsel before acting on findings.",
+    "security_notes": "Read-only static review of sanitized analytics configuration exports and schema definitions only. Never request live analytics data, raw event exports containing real user identifiers, GA4 admin credentials, or BigQuery service-account keys. Findings may indicate cross-border data transfer violations requiring DPA notification \u2014 route remediation and legal assessment to qualified privacy counsel before acting on findings.",
     "last_verified": "2026-05-17",
     "path": "skills/marketing/analytics-data-minimization-review",
     "author": "github: Raishin",
@@ -1256,7 +1256,7 @@
       "https://argo-cd.readthedocs.io/en/stable/proposals/decouple-application-sync-user-using-impersonation/",
       "https://argo-cd.readthedocs.io/en/stable/operator-manual/argocd-cm-yaml/"
     ],
-    "security_notes": "Sync impersonation is disabled by default — controller runs as cluster-admin on every destination. AppProject sourceRepos and destinations wildcards remove blast-radius bounds. Automated prune+selfHeal on Git divergence is irreversible. ApplicationSet unbounded cluster generators auto-onboard misconfigured clusters.",
+    "security_notes": "Sync impersonation is disabled by default \u2014 controller runs as cluster-admin on every destination. AppProject sourceRepos and destinations wildcards remove blast-radius bounds. Automated prune+selfHeal on Git divergence is irreversible. ApplicationSet unbounded cluster generators auto-onboard misconfigured clusters.",
     "last_verified": "2026-05-01",
     "path": "skills/argocd/argocd-gitops-review",
     "author": "github: Raishin",
@@ -2961,7 +2961,7 @@
       "https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles/security",
       "https://learn.microsoft.com/en-us/azure/key-vault/general/network-security"
     ],
-    "security_notes": "Key Vault Contributor role assigned to cert-manager allows deletion of the Key Vault, management policy changes, and purge of soft-deleted certs — a full management plane compromise. Use Key Vault Certificate Officer (data plane RBAC) instead. Exportable certificates allow private key extraction from Key Vault; use non-exportable certs for cluster-internal mTLS.",
+    "security_notes": "Key Vault Contributor role assigned to cert-manager allows deletion of the Key Vault, management policy changes, and purge of soft-deleted certs \u2014 a full management plane compromise. Use Key Vault Certificate Officer (data plane RBAC) instead. Exportable certificates allow private key extraction from Key Vault; use non-exportable certs for cluster-internal mTLS.",
     "last_verified": "2026-05-02",
     "path": "skills/azure/azure-keyvault-certificate-issuer-review",
     "version": "0.1.0",
@@ -3180,7 +3180,7 @@
       "https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/pim-how-to-activate-role",
       "https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/pim-configure-azure-ad-roles"
     ],
-    "security_notes": "Never activate a PIM role without justification, ticket reference, and MFA confirmation. An agent cannot activate another user's PIM role on their behalf — only the eligible principal may submit. Requires Entra ID P2 or equivalent license.",
+    "security_notes": "Never activate a PIM role without justification, ticket reference, and MFA confirmation. An agent cannot activate another user's PIM role on their behalf \u2014 only the eligible principal may submit. Requires Entra ID P2 or equivalent license.",
     "last_verified": "2026-04-30",
     "path": "skills/azure/azure-live-pim-jit-activation-guard",
     "author": "github: Raishin",
@@ -3724,7 +3724,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review how a CI pipeline runs tests — gating, sharding, parallelism, fail-fast, artifact retention, quarantine wiring, and secret exposure — to verify the test suite actually blocks bad merges. Static review only.",
+    "summary": "Review how a CI pipeline runs tests \u2014 gating, sharding, parallelism, fail-fast, artifact retention, quarantine wiring, and secret exposure \u2014 to verify the test suite actually blocks bad merges. Static review only.",
     "source_type": "original",
     "official_docs": [
       "https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs",
@@ -3733,7 +3733,7 @@
       "https://docs.gitlab.com/ee/ci/yaml/",
       "https://playwright.dev/docs/test-sharding"
     ],
-    "security_notes": "Static review only — reads CI workflow and branch-protection configuration, never triggers or runs pipelines. Flags secret exposure to test jobs on pull_request_target or fork PRs. Never request or accept CI secrets, deploy keys, or registry tokens; ask for sanitized workflow files.",
+    "security_notes": "Static review only \u2014 reads CI workflow and branch-protection configuration, never triggers or runs pipelines. Flags secret exposure to test jobs on pull_request_target or fork PRs. Never request or accept CI secrets, deploy keys, or registry tokens; ask for sanitized workflow files.",
     "last_verified": "2026-05-17",
     "path": "skills/qa/ci-test-pipeline-review",
     "author": "github: Raishin",
@@ -3789,7 +3789,7 @@
       "https://docs.contabo.com/",
       "https://contabo.com/en/vps/"
     ],
-    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes — never cache or log them. Credentials must remain in environment variables. Contabo has no official Terraform provider or SDK; recommend cntb CLI or REST API. Contractual periods (1, 3, 6, 12 months) are binding at instance creation — capacity plans must declare the period and its billing impact. SSH keys are managed as secret IDs; never expose raw key material in plans or API calls.",
+    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes \u2014 never cache or log them. Credentials must remain in environment variables. Contabo has no official Terraform provider or SDK; recommend cntb CLI or REST API. Contractual periods (1, 3, 6, 12 months) are binding at instance creation \u2014 capacity plans must declare the period and its billing impact. SSH keys are managed as secret IDs; never expose raw key material in plans or API calls.",
     "last_verified": "2026-05-10",
     "path": "skills/contabo/contabo-capacity-planner",
     "author": "github: Raishin",
@@ -3815,7 +3815,7 @@
       "https://docs.contabo.com/",
       "https://contabo.com/en/vps/"
     ],
-    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes — never cache or log them. Store CONTABO_CLIENT_ID, CONTABO_CLIENT_SECRET, CONTABO_API_USER, CONTABO_API_PASSWORD in environment variables only. Contabo has no official Terraform provider or SDK; recommend cntb CLI or REST API. Contractual billing periods (1, 3, 6, 12 months) create irreversible obligations — always surface billing impact before any sizing or period recommendation.",
+    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes \u2014 never cache or log them. Store CONTABO_CLIENT_ID, CONTABO_CLIENT_SECRET, CONTABO_API_USER, CONTABO_API_PASSWORD in environment variables only. Contabo has no official Terraform provider or SDK; recommend cntb CLI or REST API. Contractual billing periods (1, 3, 6, 12 months) create irreversible obligations \u2014 always surface billing impact before any sizing or period recommendation.",
     "last_verified": "2026-05-10",
     "path": "skills/contabo/contabo-cost-optimization-analyst",
     "author": "github: Raishin",
@@ -3840,7 +3840,7 @@
       "https://api.contabo.com/",
       "https://docs.contabo.com/"
     ],
-    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes — refresh handling must not log token values. Credentials must remain in environment variables. Contabo has no official Terraform provider or SDK; recommend cntb CLI or REST API with curl + jq. Contractual periods (1, 3, 6, 12 months) are binding at creation — cancellation may incur early-termination billing. x-request-id (UUIDv4) is mandatory for all mutation calls. Hard-stop on any lifecycle action without explicit period acknowledgment and rollback plan.",
+    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes \u2014 refresh handling must not log token values. Credentials must remain in environment variables. Contabo has no official Terraform provider or SDK; recommend cntb CLI or REST API with curl + jq. Contractual periods (1, 3, 6, 12 months) are binding at creation \u2014 cancellation may incur early-termination billing. x-request-id (UUIDv4) is mandatory for all mutation calls. Hard-stop on any lifecycle action without explicit period acknowledgment and rollback plan.",
     "last_verified": "2026-05-10",
     "path": "skills/contabo/contabo-live-instance-lifecycle-guard",
     "author": "github: Raishin",
@@ -3865,7 +3865,7 @@
       "https://api.contabo.com/",
       "https://docs.contabo.com/"
     ],
-    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes — refresh handling must not log token values. Credentials must remain in environment variables. Contabo Object Storage is S3-compatible — S3 access key and secret key must be stored as environment variables, never hardcoded. x-request-id (UUIDv4) is mandatory for Contabo REST API calls. Hard-stop on any bucket deletion without verified backup evidence. Contabo has no official Terraform provider or SDK; recommend cntb CLI or REST API with curl + jq.",
+    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes \u2014 refresh handling must not log token values. Credentials must remain in environment variables. Contabo Object Storage is S3-compatible \u2014 S3 access key and secret key must be stored as environment variables, never hardcoded. x-request-id (UUIDv4) is mandatory for Contabo REST API calls. Hard-stop on any bucket deletion without verified backup evidence. Contabo has no official Terraform provider or SDK; recommend cntb CLI or REST API with curl + jq.",
     "last_verified": "2026-05-10",
     "path": "skills/contabo/contabo-live-storage-operations-guard",
     "author": "github: Raishin",
@@ -3890,7 +3890,7 @@
       "https://api.contabo.com/",
       "https://docs.contabo.com/"
     ],
-    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes — never cache or log them. Credentials must remain in environment variables. The x-request-id UUIDv4 header is mandatory for support traceability. Contabo has no official Terraform provider or SDK; recommend cntb CLI or REST API. Contractual periods (1, 3, 6, 12 months) create billing obligations — never route lifecycle changes without explicit period acknowledgment.",
+    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes \u2014 never cache or log them. Credentials must remain in environment variables. The x-request-id UUIDv4 header is mandatory for support traceability. Contabo has no official Terraform provider or SDK; recommend cntb CLI or REST API. Contractual periods (1, 3, 6, 12 months) create billing obligations \u2014 never route lifecycle changes without explicit period acknowledgment.",
     "last_verified": "2026-05-10",
     "path": "skills/contabo/contabo-maestro",
     "author": "github: Raishin",
@@ -3915,12 +3915,286 @@
       "https://api.contabo.com/",
       "https://docs.contabo.com/"
     ],
-    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes — short TTL reduces exposure window but refresh logic must not log tokens. Credentials must never be hardcoded. SSH keys are referenced via secret IDs — raw private key material must never appear in API payloads, scripts, or recommendations. The x-request-id UUIDv4 header is mandatory for audit traceability.",
+    "security_notes": "OAuth2 password grant tokens expire in ~5 minutes \u2014 short TTL reduces exposure window but refresh logic must not log tokens. Credentials must never be hardcoded. SSH keys are referenced via secret IDs \u2014 raw private key material must never appear in API payloads, scripts, or recommendations. The x-request-id UUIDv4 header is mandatory for audit traceability.",
     "last_verified": "2026-05-10",
     "path": "skills/contabo/contabo-security-hardening",
     "author": "github: Raishin",
     "version": "0.1.0"
   },
+  {
+    "id": "dotnet-aspire-cloud-native-review",
+    "name": ".NET Aspire Cloud-Native Review",
+    "type": "skill",
+    "provider": "dotnet",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Static review of .NET Aspire AppHost and service-defaults projects for cloud-native readiness \u2014 health checks, service dependency wiring, resiliency policies, configuration and secret hygiene, and the boundary to a real deployment platform. Reads source and sanitized configuration only.",
+    "source_type": "original",
+    "official_docs": [
+      "https://learn.microsoft.com/en-us/dotnet/aspire/",
+      "https://learn.microsoft.com/en-us/dotnet/aspire/fundamentals/service-defaults",
+      "https://learn.microsoft.com/en-us/dotnet/aspire/fundamentals/app-host-overview",
+      "https://learn.microsoft.com/en-us/dotnet/aspire/fundamentals/health-checks"
+    ],
+    "security_notes": "Static review only \u2014 reads the AppHost project, ServiceDefaults, the Aspire manifest, and sanitized configuration; never runs the AppHost or deploys. Flags secrets committed in appsettings as critical. Never requests secrets, connection strings, or customer data; ask for sanitized appsettings with placeholders. Note: .NET Aspire APIs evolve quickly \u2014 keep last_verified current.",
+    "last_verified": "2026-05-19",
+    "path": "skills/dotnet/dotnet-aspire-cloud-native-review",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
+  {
+    "id": "dotnet-aspnetcore-api-review",
+    "name": ".NET ASP.NET Core API Review",
+    "type": "skill",
+    "provider": "dotnet",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Static review of ASP.NET Core HTTP API architecture \u2014 middleware ordering, dependency-injection lifetimes, CORS, model validation, API versioning, error responses, rate limiting, and health/readiness boundaries. Reads source and sanitized configuration only.",
+    "source_type": "original",
+    "official_docs": [
+      "https://learn.microsoft.com/en-us/aspnet/core/fundamentals/middleware/",
+      "https://learn.microsoft.com/en-us/aspnet/core/fundamentals/dependency-injection",
+      "https://learn.microsoft.com/en-us/aspnet/core/security/cors",
+      "https://learn.microsoft.com/en-us/aspnet/core/performance/rate-limit",
+      "https://learn.microsoft.com/en-us/aspnet/core/fundamentals/minimal-apis/security"
+    ],
+    "security_notes": "Static review only \u2014 reads source and sanitized configuration, never runs the app or calls endpoints. Never requests secrets, connection strings, tokens, signing keys, or customer data; ask for sanitized appsettings with placeholders.",
+    "last_verified": "2026-05-19",
+    "path": "skills/dotnet/dotnet-aspnetcore-api-review",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
+  {
+    "id": "dotnet-aspnetcore-identity-authz-review",
+    "name": ".NET ASP.NET Core Identity & AuthZ Review",
+    "type": "skill",
+    "provider": "dotnet",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Static review of ASP.NET Core authentication, authorization, identity boundaries, JWT token validation, cookie and session security, and multi-tenant isolation. Reads source and sanitized configuration only \u2014 never runs the app or contacts an identity provider.",
+    "source_type": "original",
+    "official_docs": [
+      "https://learn.microsoft.com/en-us/aspnet/core/security/",
+      "https://learn.microsoft.com/en-us/aspnet/core/security/authentication/configure-jwt-bearer-authentication",
+      "https://learn.microsoft.com/en-us/aspnet/core/security/authorization/introduction",
+      "https://learn.microsoft.com/en-us/aspnet/core/security/authorization/policies",
+      "https://learn.microsoft.com/en-us/aspnet/core/security/authentication/cookie"
+    ],
+    "security_notes": "Static review only \u2014 reads source and sanitized configuration, never runs the application, mints or inspects tokens, or contacts an identity provider. Flags disabled token validation, anonymous state-changing endpoints, and client-supplied tenant claims as critical. Never requests secrets, signing keys, client secrets, tokens, connection strings, tenant identifiers, or customer data.",
+    "last_verified": "2026-05-19",
+    "path": "skills/dotnet/dotnet-aspnetcore-identity-authz-review",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
+  {
+    "id": "dotnet-csharp-runtime-review",
+    "name": ".NET C# & Runtime Review",
+    "type": "skill",
+    "provider": "dotnet",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Static review of C# language and runtime correctness \u2014 nullable reference types, async/await, cancellation, disposal, allocations on hot paths, LINQ misuse, and AOT/trimming hazards. Reads source only; never compiles or runs code.",
+    "source_type": "original",
+    "official_docs": [
+      "https://learn.microsoft.com/en-us/dotnet/csharp/",
+      "https://learn.microsoft.com/en-us/dotnet/standard/asynchronous-programming-patterns/",
+      "https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/builtin-types/nullable-reference-types",
+      "https://learn.microsoft.com/en-us/dotnet/core/diagnostics/debug-threadpool-starvation",
+      "https://learn.microsoft.com/en-us/dotnet/core/deploying/trimming/trim-warnings"
+    ],
+    "security_notes": "Static review only \u2014 reads C# source and project files, never compiles, runs, or instruments code. Never requests secrets, connection strings, tokens, or customer data.",
+    "last_verified": "2026-05-19",
+    "path": "skills/dotnet/dotnet-csharp-runtime-review",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
+  {
+    "id": "dotnet-efcore-data-access-review",
+    "name": ".NET EF Core Data Access Review",
+    "type": "skill",
+    "provider": "dotnet",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Static review of EF Core data access \u2014 DbContext lifetime, N+1 queries, unbounded result sets, raw SQL injection surface, optimistic concurrency tokens, migration discipline, multi-tenant query filters, and connection resiliency. Reads source only.",
+    "source_type": "original",
+    "official_docs": [
+      "https://learn.microsoft.com/en-us/ef/core/",
+      "https://learn.microsoft.com/en-us/ef/core/dbcontext-configuration",
+      "https://learn.microsoft.com/en-us/ef/core/querying/single-split-queries",
+      "https://learn.microsoft.com/en-us/ef/core/miscellaneous/multitenancy",
+      "https://learn.microsoft.com/en-us/ef/core/saving/concurrency"
+    ],
+    "security_notes": "Static review only \u2014 reads DbContext classes, entity configuration, migrations, and query sites; never runs migrations, opens a database connection, or executes SQL. Never requests connection strings, database credentials, or customer data.",
+    "last_verified": "2026-05-19",
+    "path": "skills/dotnet/dotnet-efcore-data-access-review",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
+  {
+    "id": "dotnet-maestro",
+    "name": ".NET Maestro",
+    "type": "skill",
+    "provider": "dotnet",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Router skill for the .NET board. Classifies a .NET task and dispatches the narrowest specialist agent, or a parallel team of up to four for multi-domain tasks. Routes only \u2014 never answers .NET questions itself.",
+    "source_type": "original",
+    "official_docs": [
+      "https://learn.microsoft.com/en-us/dotnet/",
+      "https://learn.microsoft.com/en-us/aspnet/core/",
+      "https://learn.microsoft.com/en-us/ef/core/"
+    ],
+    "security_notes": "Routing only \u2014 performs no review itself, never runs code, never requests secrets, connection strings, tokens, tenant identifiers, or customer data. Every dispatched .NET specialist is static-review.",
+    "last_verified": "2026-05-19",
+    "path": "skills/dotnet/dotnet-maestro",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
+  {
+    "id": "dotnet-observability-otel-review",
+    "name": ".NET Observability & OpenTelemetry Review",
+    "type": "skill",
+    "provider": "dotnet",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Static review of in-application OpenTelemetry wiring in ASP.NET Core \u2014 SDK registration, trace context propagation, structured logging, correlation IDs, metrics instrumentation, sampling, and PII leakage in telemetry. Reads source and sanitized configuration only.",
+    "source_type": "original",
+    "official_docs": [
+      "https://learn.microsoft.com/en-us/dotnet/core/diagnostics/observability-with-otel",
+      "https://learn.microsoft.com/en-us/dotnet/core/extensions/logging",
+      "https://learn.microsoft.com/en-us/aspnet/core/fundamentals/logging/",
+      "https://learn.microsoft.com/en-us/dotnet/core/diagnostics/distributed-tracing"
+    ],
+    "security_notes": "Static review only \u2014 reads OpenTelemetry registration, logging configuration, and instrumentation source; never runs the app or contacts a telemetry backend. Flags PII in spans or logs as critical. Never requests secrets, tokens, or customer data; ask for sanitized appsettings with placeholders.",
+    "last_verified": "2026-05-19",
+    "path": "skills/dotnet/dotnet-observability-otel-review",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
+  {
+    "id": "dotnet-performance-aot-review",
+    "name": ".NET Performance, AOT & Trimming Review",
+    "type": "skill",
+    "provider": "dotnet",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Static, evidence-gated review of .NET performance posture, Native AOT, and trimming readiness \u2014 reflection and serialization hazards, hot-path allocations, and benchmark discipline. Any performance claim with no benchmark artifact is downgraded to inference.",
+    "source_type": "original",
+    "official_docs": [
+      "https://learn.microsoft.com/en-us/dotnet/core/deploying/native-aot/",
+      "https://learn.microsoft.com/en-us/dotnet/core/deploying/trimming/trim-self-contained",
+      "https://learn.microsoft.com/en-us/dotnet/core/deploying/trimming/trim-warnings",
+      "https://learn.microsoft.com/en-us/dotnet/core/diagnostics/"
+    ],
+    "security_notes": "Static review only \u2014 reads project files, benchmark results, trim-warning output, and hot-path source; never runs the application, a benchmark, or a profiler. Never requests secrets or customer data.",
+    "last_verified": "2026-05-19",
+    "path": "skills/dotnet/dotnet-performance-aot-review",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
+  {
+    "id": "dotnet-supply-chain-review",
+    "name": ".NET Supply Chain Review",
+    "type": "skill",
+    "provider": "dotnet",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Static review of .NET CI/CD and NuGet supply-chain integrity \u2014 SDK pinning, package version pinning and lock files, feed trust, fork-PR secret exposure, vulnerability scanning, and build reproducibility. Reads workflow and project configuration only.",
+    "source_type": "original",
+    "official_docs": [
+      "https://learn.microsoft.com/en-us/nuget/",
+      "https://learn.microsoft.com/en-us/nuget/consume-packages/central-package-management",
+      "https://learn.microsoft.com/en-us/dotnet/core/tools/global-json",
+      "https://learn.microsoft.com/en-us/nuget/consume-packages/package-references-in-project-files",
+      "https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions"
+    ],
+    "security_notes": "Static review only \u2014 reads CI workflow files, global.json, Directory.Packages.props, NuGet.config, lock files, and publish profiles; never triggers a pipeline or restores packages. Flags secret exposure to fork-PR builds as critical. Never requests CI secrets, feed credentials, or signing keys.",
+    "last_verified": "2026-05-19",
+    "path": "skills/dotnet/dotnet-supply-chain-review",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
+  {
+    "id": "dotnet-testing-quality-review",
+    "name": ".NET Testing Quality Review",
+    "type": "skill",
+    "provider": "dotnet",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Static review of .NET test suites \u2014 detects assertion-free and tautological tests, over-mocking, coverage theater, weak isolation, flaky patterns, and missing negative or security tests across xUnit, NUnit, and MSTest. Reads test source only; never runs the suite.",
+    "source_type": "original",
+    "official_docs": [
+      "https://learn.microsoft.com/en-us/dotnet/core/testing/",
+      "https://learn.microsoft.com/en-us/dotnet/core/testing/unit-testing-best-practices",
+      "https://learn.microsoft.com/en-us/aspnet/core/test/integration-tests",
+      "https://learn.microsoft.com/en-us/aspnet/core/test/middleware"
+    ],
+    "security_notes": "Static review only \u2014 reads test projects, test source, and coverage configuration; never runs the test suite, a coverage tool, or a test container. Never requests secrets or customer data.",
+    "last_verified": "2026-05-19",
+    "path": "skills/dotnet/dotnet-testing-quality-review",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
   {
     "id": "email-sender-authentication-review",
     "name": "Email Sender Authentication Review",
@@ -3963,7 +4237,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review a marketing AI system description card against EU AI Act Regulation 2024/1689 risk-tier criteria — classify the system, flag documentation obligations (Articles 11, 13, 14, 43), and identify deployment-readiness gaps before the August 2, 2026 full-enforcement date.",
+    "summary": "Review a marketing AI system description card against EU AI Act Regulation 2024/1689 risk-tier criteria \u2014 classify the system, flag documentation obligations (Articles 11, 13, 14, 43), and identify deployment-readiness gaps before the August 2, 2026 full-enforcement date.",
     "source_type": "original",
     "official_docs": [
       "https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32024R1689",
@@ -3972,7 +4246,7 @@
       "https://edpb.europa.eu/our-work-tools/our-documents/guidelines/guidelines-022023-technical-scope-art-22-gdpr_en",
       "https://artificialintelligenceact.eu/the-act/"
     ],
-    "security_notes": "EU AI Act classification determines conformity assessment, CE marking, and EU AI database registration obligations — misclassification is itself a compliance gap. Review works from sanitized AI system description cards only; never request model weights, training datasets, internal performance logs, or vendor system-access credentials. Legal determination of Article 5 prohibited practices is routed to qualified counsel.",
+    "security_notes": "EU AI Act classification determines conformity assessment, CE marking, and EU AI database registration obligations \u2014 misclassification is itself a compliance gap. Review works from sanitized AI system description cards only; never request model weights, training datasets, internal performance logs, or vendor system-access credentials. Legal determination of Article 5 prohibited practices is routed to qualified counsel.",
     "last_verified": "2026-05-17",
     "path": "skills/marketing/eu-ai-act-marketing-system-review",
     "author": "github: Raishin",
@@ -4030,7 +4304,7 @@
       "https://falco.org/docs/install-operate/deployment/",
       "https://github.com/falcosecurity/rules/tree/main/rules"
     ],
-    "security_notes": "Falco with overly broad rule exceptions creates detection blind spots. A rule exception matching an entire process family (java, python, node) or a specific container name completely disables detection for that workload — attackers can exploit known exception patterns.",
+    "security_notes": "Falco with overly broad rule exceptions creates detection blind spots. A rule exception matching an entire process family (java, python, node) or a specific container name completely disables detection for that workload \u2014 attackers can exploit known exception patterns.",
     "last_verified": "2026-05-02",
     "path": "skills/falco/falco-runtime-threat-rules-review",
     "version": "0.1.0",
@@ -4091,7 +4365,7 @@
       "https://www.alibabacloud.com/cloud-computing/pricing",
       "https://cloud.tencent.com/product/cvm/pricing"
     ],
-    "security_notes": "AWS, Azure, OCI, and Scaleway pricing APIs are public and require no authentication. Gandi requires a user-provided API key (never stored by the agent; discarded after single use). Alibaba Cloud and Tencent Cloud pricing is fetched via scrape-based fallback from official pricing pages — no credentials required or accepted.",
+    "security_notes": "AWS, Azure, OCI, and Scaleway pricing APIs are public and require no authentication. Gandi requires a user-provided API key (never stored by the agent; discarded after single use). Alibaba Cloud and Tencent Cloud pricing is fetched via scrape-based fallback from official pricing pages \u2014 no credentials required or accepted.",
     "last_verified": "2026-05-13",
     "path": "skills/finops/finops-cloud-price-advisor",
     "version": "0.2.1",
@@ -4147,7 +4421,7 @@
       "https://fluxcd.io/flux/security/secrets-management/",
       "https://fluxcd.io/flux/installation/configuration/multitenancy/"
     ],
-    "security_notes": "Plaintext Kubernetes Secret manifests committed to a FluxCD Git source are exposed to anyone with repo read access — including CI systems, PR participants, and auditors. GitRepository sources without commit signature verification allow any commit (including injected ones) to deploy to production.",
+    "security_notes": "Plaintext Kubernetes Secret manifests committed to a FluxCD Git source are exposed to anyone with repo read access \u2014 including CI systems, PR participants, and auditors. GitRepository sources without commit signature verification allow any commit (including injected ones) to deploy to production.",
     "last_verified": "2026-05-02",
     "path": "skills/fluxcd/fluxcd-kustomization-helmrelease-review",
     "version": "0.1.0",
@@ -4192,7 +4466,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Design and build AI-powered applications on AlloyDB for PostgreSQL using AlloyDB AI — covering vector search, hybrid search, AI SQL functions, model endpoint management, and the AlloyDB Omni edge runtime.",
+    "summary": "Design and build AI-powered applications on AlloyDB for PostgreSQL using AlloyDB AI \u2014 covering vector search, hybrid search, AI SQL functions, model endpoint management, and the AlloyDB Omni edge runtime.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/alloydb/docs/ai/overview",
@@ -4218,7 +4492,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Operate AlloyDB clusters and Cloud SQL instances — HA configuration, read replicas, connection pooling, maintenance windows, backup strategy, and performance diagnostics.",
+    "summary": "Operate AlloyDB clusters and Cloud SQL instances \u2014 HA configuration, read replicas, connection pooling, maintenance windows, backup strategy, and performance diagnostics.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/alloydb/docs/overview",
@@ -4226,7 +4500,7 @@
       "https://cloud.google.com/sql/docs/postgres/high-availability",
       "https://cloud.google.com/alloydb/docs/auth-proxy/overview"
     ],
-    "security_notes": "Private IP is strongly preferred over public IP for Cloud SQL. AlloyDB is NOT a drop-in replacement for Cloud SQL — backup/restore procedures differ. Always set maintenance windows to off-peak hours.",
+    "security_notes": "Private IP is strongly preferred over public IP for Cloud SQL. AlloyDB is NOT a drop-in replacement for Cloud SQL \u2014 backup/restore procedures differ. Always set maintenance windows to off-peak hours.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-alloydb-cloudsql-dba",
     "author": "github: Raishin",
@@ -4253,7 +4527,7 @@
       "https://cloud.google.com/anthos/fleet-management/docs/fleet-concepts",
       "https://cloud.google.com/service-mesh/docs/overview"
     ],
-    "security_notes": "Policy Controller audit mode detects violations but does not block them — enforcement mode is required for hard compliance guarantees. Connect Gateway enables kubectl access without exposing the Kubernetes API to the internet. ASM mutual TLS must be STRICT mode for zero-trust enforcement.",
+    "security_notes": "Policy Controller audit mode detects violations but does not block them \u2014 enforcement mode is required for hard compliance guarantees. Connect Gateway enables kubectl access without exposing the Kubernetes API to the internet. ASM mutual TLS must be STRICT mode for zero-trust enforcement.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-anthos-multicloud-architect",
     "author": "github: Raishin",
@@ -4272,14 +4546,14 @@
       "kiro",
       "other"
     ],
-    "summary": "Design and operate Apigee X API proxies — rate limiting, OAuth/JWT security policies, quota plans, developer portal setup, and API product management.",
+    "summary": "Design and operate Apigee X API proxies \u2014 rate limiting, OAuth/JWT security policies, quota plans, developer portal setup, and API product management.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/apigee/docs/api-platform/get-started/what-apigee",
       "https://cloud.google.com/apigee/docs/api-platform/security/oauth/oauth-home",
       "https://cloud.google.com/apigee/docs/api-platform/reference/policies/spike-arrest-policy"
     ],
-    "security_notes": "Misconfigured Apigee security policies directly expose backend services. SpikeArrest alone does not protect against sustained load — Quota policy is required. Target servers must be used instead of hardcoded backend URLs. Scoped to Apigee X only; do not conflate with Apigee hybrid or Apigee Edge.",
+    "security_notes": "Misconfigured Apigee security policies directly expose backend services. SpikeArrest alone does not protect against sustained load \u2014 Quota policy is required. Target servers must be used instead of hardcoded backend URLs. Scoped to Apigee X only; do not conflate with Apigee hybrid or Apigee Edge.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-apigee-api-platform-operator",
     "author": "github: Raishin",
@@ -4325,7 +4599,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review GCP Certificate Manager and classic Google-managed TLS certificates — certificate map configuration, DNS authorization, CAA record validation, certificate rotation automation, wildcard vs SAN design, and expiry monitoring.",
+    "summary": "Review GCP Certificate Manager and classic Google-managed TLS certificates \u2014 certificate map configuration, DNS authorization, CAA record validation, certificate rotation automation, wildcard vs SAN design, and expiry monitoring.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/certificate-manager/docs/overview",
@@ -4333,7 +4607,7 @@
       "https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs",
       "https://cloud.google.com/certificate-manager/docs/monitor-certificate-status"
     ],
-    "security_notes": "Classic Google-managed certificates auto-renew but have no visibility into renewal status — Certificate Manager provides explicit certificate status fields. TLS 1.0 and 1.1 are deprecated — GCP LB default SSL policy allows TLS 1.0; create a custom SSL policy requiring TLS 1.2+ for all production load balancers.",
+    "security_notes": "Classic Google-managed certificates auto-renew but have no visibility into renewal status \u2014 Certificate Manager provides explicit certificate status fields. TLS 1.0 and 1.1 are deprecated \u2014 GCP LB default SSL policy allows TLS 1.0; create a custom SSL policy requiring TLS 1.2+ for all production load balancers.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-certificate-manager-issuer-review",
     "version": "0.1.0",
@@ -4352,7 +4626,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Pre-change blast radius analysis for GCP — cross-project resource dependency mapping, org policy cascade effects, Shared VPC peering impact, Service Account impersonation chain analysis, and safe change sequencing.",
+    "summary": "Pre-change blast radius analysis for GCP \u2014 cross-project resource dependency mapping, org policy cascade effects, Shared VPC peering impact, Service Account impersonation chain analysis, and safe change sequencing.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/asset-inventory/docs/overview",
@@ -4361,7 +4635,7 @@
       "https://cloud.google.com/resource-manager/docs/organization-policy/overview",
       "https://cloud.google.com/vpc/docs/vpc-peering"
     ],
-    "security_notes": "Cloud Asset Inventory requires roles/cloudasset.viewer — ensure the reviewing principal has this before attempting dependency analysis. Org policy changes with deny-override can lock out even org admins from specific resources — test in a non-production folder first.",
+    "security_notes": "Cloud Asset Inventory requires roles/cloudasset.viewer \u2014 ensure the reviewing principal has this before attempting dependency analysis. Org policy changes with deny-override can lock out even org admins from specific resources \u2014 test in a non-production folder first.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-change-impact-advisor",
     "version": "0.1.0",
@@ -4380,7 +4654,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Advise on Google Cloud authentication and authorization patterns — covering ADC, service account best practices, Workload Identity Federation, human user auth, service-to-service auth, and anti-patterns like service account key downloads.",
+    "summary": "Advise on Google Cloud authentication and authorization patterns \u2014 covering ADC, service account best practices, Workload Identity Federation, human user auth, service-to-service auth, and anti-patterns like service account key downloads.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/docs/authentication",
@@ -4442,7 +4716,7 @@
       "https://cloud.google.com/artifact-registry/docs/overview",
       "https://cloud.google.com/build/docs/securing-builds/view-build-provenance"
     ],
-    "security_notes": "Cloud Build service accounts are commonly over-privileged — minimum required permissions are Cloud Run Admin + Artifact Registry Writer + GKE Developer. SLSA provenance combined with Binary Authorization prevents tampered artifacts from reaching production.",
+    "security_notes": "Cloud Build service accounts are commonly over-privileged \u2014 minimum required permissions are Cloud Run Admin + Artifact Registry Writer + GKE Developer. SLSA provenance combined with Binary Authorization prevents tampered artifacts from reaching production.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-cloudbuild-deploy-cicd-operator",
     "author": "github: Raishin",
@@ -4468,7 +4742,7 @@
       "https://cloud.google.com/security/compliance/offerings",
       "https://cloud.google.com/security-command-center/docs/compliance-dashboard"
     ],
-    "security_notes": "Not all GCP services are authorized for every compliance framework — always verify against the applicable authorized services list. HIPAA requires Google BAA coverage for PHI services. ITAR configuration restricts personnel access to US persons. Assured Workloads creates a boundary but does not replace customer-side controls.",
+    "security_notes": "Not all GCP services are authorized for every compliance framework \u2014 always verify against the applicable authorized services list. HIPAA requires Google BAA coverage for PHI services. ITAR configuration restricts personnel access to US persons. Assured Workloads creates a boundary but does not replace customer-side controls.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-compliance-assured-workloads",
     "author": "github: Raishin",
@@ -4495,7 +4769,7 @@
       "https://cloud.google.com/compute/docs/os-patch-management",
       "https://cloud.google.com/compute/docs/instances/spot"
     ],
-    "security_notes": "Spot VMs are preempted without advance notice — never use for latency-sensitive or non-fault-tolerant workloads. OS Login is preferred over metadata SSH keys for enterprise environments.",
+    "security_notes": "Spot VMs are preempted without advance notice \u2014 never use for latency-sensitive or non-fault-tolerant workloads. OS Login is preferred over metadata SSH keys for enterprise environments.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-compute-engine-operator",
     "author": "github: Raishin",
@@ -4514,7 +4788,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Detect and coordinate response to GCP cost anomalies — BigQuery on-demand query cost spikes ($5/TB scanned), Cloud Run scaling runaway, unattached Persistent Disks, idle GCE instances, budget alert → notification channel → remediation playbook.",
+    "summary": "Detect and coordinate response to GCP cost anomalies \u2014 BigQuery on-demand query cost spikes ($5/TB scanned), Cloud Run scaling runaway, unattached Persistent Disks, idle GCE instances, budget alert \u2192 notification channel \u2192 remediation playbook.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/billing/docs/how-to/budgets",
@@ -4523,7 +4797,7 @@
       "https://cloud.google.com/run/docs/configuring/max-instances",
       "https://cloud.google.com/recommender/docs/overview"
     ],
-    "security_notes": "BigQuery billing export dataset must restrict access — avoid allAuthenticatedUsers binding on the billing dataset as it exposes cost structure. Budget action to disable billing stops ALL services in the project — test on non-production projects first and use notification-only alerts for production unless willing to accept full service disruption.",
+    "security_notes": "BigQuery billing export dataset must restrict access \u2014 avoid allAuthenticatedUsers binding on the billing dataset as it exposes cost structure. Budget action to disable billing stops ALL services in the project \u2014 test on non-production projects first and use notification-only alerts for production unless willing to accept full service disruption.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-cost-anomaly-watch-coordinator",
     "version": "0.1.0",
@@ -4570,7 +4844,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Coordinate the daily GCP operations standup — cost delta from previous day, quota warning review, failed deployment detection, Security Command Center finding triage, SLO burn rate alert review, and action item assignment.",
+    "summary": "Coordinate the daily GCP operations standup \u2014 cost delta from previous day, quota warning review, failed deployment detection, Security Command Center finding triage, SLO burn rate alert review, and action item assignment.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/billing/docs/how-to/budgets",
@@ -4579,7 +4853,7 @@
       "https://cloud.google.com/deploy/docs/view-pipeline-status",
       "https://cloud.google.com/monitoring/slo-monitoring"
     ],
-    "security_notes": "Daily briefing participants may include non-security team members — sanitize SCC finding details to exclude exploit paths or unpatched CVE specifics from the general briefing. Cost delta data contains billing structure information — restrict briefing distribution to authorized personnel.",
+    "security_notes": "Daily briefing participants may include non-security team members \u2014 sanitize SCC finding details to exclude exploit paths or unpatched CVE specifics from the general briefing. Cost delta data contains billing structure information \u2014 restrict briefing distribution to authorized personnel.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-daily-operations-briefing-coordinator",
     "version": "0.1.0",
@@ -4607,7 +4881,7 @@
       "https://cloud.google.com/composer/docs/concepts/overview",
       "https://cloud.google.com/dataplex/docs/introduction"
     ],
-    "security_notes": "Dead letter topics are critical for any production Pub/Sub pipeline. Use ephemeral Dataproc clusters for cost efficiency. Pub/Sub delivers at-least-once — design consumers for idempotency.",
+    "security_notes": "Dead letter topics are critical for any production Pub/Sub pipeline. Use ephemeral Dataproc clusters for cost efficiency. Pub/Sub delivers at-least-once \u2014 design consumers for idempotency.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-data-pipeline-engineer",
     "author": "github: Raishin",
@@ -4626,7 +4900,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review GCP Pub/Sub, Eventarc, Cloud Tasks, Cloud Scheduler, and Workflows designs — dead-letter topics, message ordering, idempotency, fan-out blast radius, schema registry, and retry storm risk.",
+    "summary": "Review GCP Pub/Sub, Eventarc, Cloud Tasks, Cloud Scheduler, and Workflows designs \u2014 dead-letter topics, message ordering, idempotency, fan-out blast radius, schema registry, and retry storm risk.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/pubsub/docs/dead-letter-topics",
@@ -4636,7 +4910,7 @@
       "https://cloud.google.com/scheduler/docs/overview",
       "https://cloud.google.com/workflows/docs/overview"
     ],
-    "security_notes": "Pub/Sub topics with allUsers subscriber binding expose all messages publicly — always verify subscription IAM. Eventarc service account must follow least privilege — avoid binding roles/editor. Cloud Tasks payloads may contain sensitive data — use CMEK-encrypted queues for regulated workloads.",
+    "security_notes": "Pub/Sub topics with allUsers subscriber binding expose all messages publicly \u2014 always verify subscription IAM. Eventarc service account must follow least privilege \u2014 avoid binding roles/editor. Cloud Tasks payloads may contain sensitive data \u2014 use CMEK-encrypted queues for regulated workloads.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-event-driven-architecture-review",
     "version": "0.1.0",
@@ -4655,7 +4929,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Build, configure, and operate Firebase-powered web and mobile applications — covering Firestore, Firebase Auth, Firebase Hosting, Cloud Functions for Firebase, Firebase Storage, App Check, Remote Config, and Analytics.",
+    "summary": "Build, configure, and operate Firebase-powered web and mobile applications \u2014 covering Firestore, Firebase Auth, Firebase Hosting, Cloud Functions for Firebase, Firebase Storage, App Check, Remote Config, and Analytics.",
     "source_type": "original",
     "official_docs": [
       "https://firebase.google.com/docs",
@@ -4665,7 +4939,7 @@
       "https://firebase.google.com/docs/functions",
       "https://firebase.google.com/docs/app-check"
     ],
-    "security_notes": "Read-only skill. Do not deploy to production, modify Firestore security rules, or change Firebase project settings without explicit approval. Client config (apiKey, projectId) is public — service account keys are private and must never be embedded in client code.",
+    "security_notes": "Read-only skill. Do not deploy to production, modify Firestore security rules, or change Firebase project settings without explicit approval. Client config (apiKey, projectId) is public \u2014 service account keys are private and must never be embedded in client code.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-firebase-developer",
     "author": "github: Raishin",
@@ -4684,7 +4958,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Govern Google Cloud Storage data perimeters — uniform bucket-level access enforcement, public access prevention, VPC Service Controls perimeter coverage, IAM Conditions for time-bounded access, Object Lifecycle policies, and data residency compliance.",
+    "summary": "Govern Google Cloud Storage data perimeters \u2014 uniform bucket-level access enforcement, public access prevention, VPC Service Controls perimeter coverage, IAM Conditions for time-bounded access, Object Lifecycle policies, and data residency compliance.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/storage/docs/access-control/uniform-bucket-level-access",
@@ -4693,7 +4967,7 @@
       "https://cloud.google.com/storage/docs/lifecycle",
       "https://cloud.google.com/storage/docs/bucket-lock"
     ],
-    "security_notes": "GCS buckets with allUsers binding are indexed by search engines and data scrapers within minutes of creation — remediation must be immediate. VPC-SC perimeter around GCS requires testing in dry-run mode first — enforcement mode can break legitimate GCS access from outside the perimeter instantly.",
+    "security_notes": "GCS buckets with allUsers binding are indexed by search engines and data scrapers within minutes of creation \u2014 remediation must be immediate. VPC-SC perimeter around GCS requires testing in dry-run mode first \u2014 enforcement mode can break legitimate GCS access from outside the perimeter instantly.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-gcs-data-perimeter-governor",
     "version": "0.1.0",
@@ -4712,7 +4986,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Build, integrate, and debug Gemini API applications on Google Cloud Agent Platform using the unified google-genai SDK — covering text generation, multimodal inputs, function calling, structured output, embeddings, context caching, batch prediction, Live API, and model tuning.",
+    "summary": "Build, integrate, and debug Gemini API applications on Google Cloud Agent Platform using the unified google-genai SDK \u2014 covering text generation, multimodal inputs, function calling, structured output, embeddings, context caching, batch prediction, Live API, and model tuning.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/vertex-ai/generative-ai/docs/overview",
@@ -4746,7 +5020,7 @@
       "https://cloud.google.com/binary-authorization/docs/overview",
       "https://cloud.google.com/kubernetes-engine/docs/concepts/release-channels"
     ],
-    "security_notes": "Binary Authorization must be set to WARN mode before ENFORCE mode — enforce mode will break deployments if images are unsigned. Always prefer Workload Identity over mounted SA key files.",
+    "security_notes": "Binary Authorization must be set to WARN mode before ENFORCE mode \u2014 enforce mode will break deployments if images are unsigned. Always prefer Workload Identity over mounted SA key files.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-gke-platform-operator",
     "author": "github: Raishin",
@@ -4765,7 +5039,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Terraform and Deployment Manager changes targeting GCP — blast radius analysis, destroy-operation detection, cross-project impact, state file conflicts, org policy drift, and rollback plan completeness.",
+    "summary": "Review Terraform and Deployment Manager changes targeting GCP \u2014 blast radius analysis, destroy-operation detection, cross-project impact, state file conflicts, org policy drift, and rollback plan completeness.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/docs/terraform/best-practices-for-terraform",
@@ -4774,7 +5048,7 @@
       "https://cloud.google.com/iam/docs/org-policy-overview",
       "https://developer.hashicorp.com/terraform/cli/commands/plan"
     ],
-    "security_notes": "Terraform state files contain sensitive resource attributes — backend bucket must use CMEK and uniform bucket-level access. Org-level IAM and org policy changes via Terraform have org-wide blast radius — require dual approval and tested rollback. Force-unlocking state under an active apply causes corruption.",
+    "security_notes": "Terraform state files contain sensitive resource attributes \u2014 backend bucket must use CMEK and uniform bucket-level access. Org-level IAM and org policy changes via Terraform have org-wide blast radius \u2014 require dual approval and tested rollback. Force-unlocking state under an active apply causes corruption.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-iac-change-safety-review",
     "version": "0.1.0",
@@ -4829,7 +5103,7 @@
       "https://cloud.google.com/vpc/docs/shared-vpc",
       "https://cloud.google.com/logging/docs/audit/configure-data-access"
     ],
-    "security_notes": "Org policies applied at org node apply to ALL resources — test in non-prod folder first. Data Access audit logs must be enabled for sensitive services (KMS, IAM, BigQuery) — not enabled by default.",
+    "security_notes": "Org policies applied at org node apply to ALL resources \u2014 test in non-prod folder first. Data Access audit logs must be enabled for sensitive services (KMS, IAM, BigQuery) \u2014 not enabled by default.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-landing-zone-architect",
     "author": "github: Raishin",
@@ -4848,7 +5122,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate BigQuery dataset deletion, table truncation, and authorized view changes — irreversible data loss and downstream pipeline breakage.",
+    "summary": "Gate BigQuery dataset deletion, table truncation, and authorized view changes \u2014 irreversible data loss and downstream pipeline breakage.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/bigquery/docs/managing-tables",
@@ -4874,7 +5148,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate Cloud Run traffic percentage migrations, min-instances changes, and revision deletions — production traffic blast radius with no automatic rollback.",
+    "summary": "Gate Cloud Run traffic percentage migrations, min-instances changes, and revision deletions \u2014 production traffic blast radius with no automatic rollback.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/run/docs/rollouts-rollbacks-traffic-migration",
@@ -4900,7 +5174,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate Cloud Billing budget threshold changes, committed-use discount purchases, and quota increase requests — financial authority gate.",
+    "summary": "Gate Cloud Billing budget threshold changes, committed-use discount purchases, and quota increase requests \u2014 financial authority gate.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/billing/docs/how-to/budgets",
@@ -4953,7 +5227,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate IAM binding mutations, org policy changes, and Service Account key creation — org-wide blast radius, cannot be undone without a full audit trail.",
+    "summary": "Gate IAM binding mutations, org policy changes, and Service Account key creation \u2014 org-wide blast radius, cannot be undone without a full audit trail.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/iam/docs/manage-access-other-resources",
@@ -4979,7 +5253,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate Cloud KMS key version destruction and key ring deletion — CMEK-encrypted data becomes permanently and irrecoverably inaccessible once a key version is destroyed.",
+    "summary": "Gate Cloud KMS key version destruction and key ring deletion \u2014 CMEK-encrypted data becomes permanently and irrecoverably inaccessible once a key version is destroyed.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/kms/docs/destroy-restore",
@@ -5005,7 +5279,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Traffic engineering for GCP load balancers — Global HTTPS LB, Regional HTTPS LB, TCP/SSL Proxy LB, Network LB (passthrough), Internal TCP/UDP LB — type selection, health check configuration, Cloud Armor integration, and traffic distribution.",
+    "summary": "Traffic engineering for GCP load balancers \u2014 Global HTTPS LB, Regional HTTPS LB, TCP/SSL Proxy LB, Network LB (passthrough), Internal TCP/UDP LB \u2014 type selection, health check configuration, Cloud Armor integration, and traffic distribution.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/load-balancing/docs/load-balancing-overview",
@@ -5014,7 +5288,7 @@
       "https://cloud.google.com/load-balancing/docs/backend-service",
       "https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs"
     ],
-    "security_notes": "Global HTTPS LB with Cloud Armor is the only GCP-native L7 DDoS and WAF layer — bypassing it with Network LB or TCP Proxy eliminates WAF capability. Self-managed SSL certificates in GCP LB expose the private key during upload — use Google-managed certificates or Certificate Manager for all production workloads.",
+    "security_notes": "Global HTTPS LB with Cloud Armor is the only GCP-native L7 DDoS and WAF layer \u2014 bypassing it with Network LB or TCP Proxy eliminates WAF capability. Self-managed SSL certificates in GCP LB expose the private key during upload \u2014 use Google-managed certificates or Certificate Manager for all production workloads.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-load-balancer-traffic-engineer",
     "version": "0.1.0",
@@ -5033,7 +5307,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Route GCP tasks to the narrowest specialist or team of specialists from the 31-agent catalog. Classifies, dispatches, and synthesizes only — never answers GCP questions directly. Dispatches single agent for focused tasks, parallel team (max 4) for multi-domain tasks. Never auto-dispatches live-guard agents — requires explicit human confirmation with blast-radius and rollback before routing to any live infrastructure specialist.",
+    "summary": "Route GCP tasks to the narrowest specialist or team of specialists from the 31-agent catalog. Classifies, dispatches, and synthesizes only \u2014 never answers GCP questions directly. Dispatches single agent for focused tasks, parallel team (max 4) for multi-domain tasks. Never auto-dispatches live-guard agents \u2014 requires explicit human confirmation with blast-radius and rollback before routing to any live infrastructure specialist.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/docs/overview",
@@ -5095,7 +5369,7 @@
       "https://cloud.google.com/nat/docs/overview",
       "https://cloud.google.com/armor/docs/cloud-armor-overview"
     ],
-    "security_notes": "GCP VPCs are global — a single VPC spans all regions. Shared VPC IAM roles at subnet level control service project access. Never expose internal services through public IP without Cloud Armor or equivalent WAF protection.",
+    "security_notes": "GCP VPCs are global \u2014 a single VPC spans all regions. Shared VPC IAM roles at subnet level control service project access. Never expose internal services through public IP without Cloud Armor or equivalent WAF protection.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-network-architect",
     "author": "github: Raishin",
@@ -5169,7 +5443,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Govern GCP Artifact Registry — container image signing via Binary Authorization, vulnerability scanning via Container Analysis, repository IAM least privilege, artifact retention policies, and supply chain security posture.",
+    "summary": "Govern GCP Artifact Registry \u2014 container image signing via Binary Authorization, vulnerability scanning via Container Analysis, repository IAM least privilege, artifact retention policies, and supply chain security posture.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/artifact-registry/docs/overview",
@@ -5177,7 +5451,7 @@
       "https://cloud.google.com/container-analysis/docs/container-analysis",
       "https://cloud.google.com/artifact-registry/docs/repositories/cleanup-policy"
     ],
-    "security_notes": "Binary Authorization with 'Allow all images' is equivalent to no supply chain protection — enforce attested images from trusted build pipelines. Artifact Registry supports CMEK — enable for regulated workloads. Public repositories expose all tags and digests; use private repositories with Workload Identity Federation for CI/CD access.",
+    "security_notes": "Binary Authorization with 'Allow all images' is equivalent to no supply chain protection \u2014 enforce attested images from trusted build pipelines. Artifact Registry supports CMEK \u2014 enable for regulated workloads. Public repositories expose all tags and digests; use private repositories with Workload Identity Federation for CI/CD access.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-registry-artifact-governor",
     "version": "0.1.0",
@@ -5196,7 +5470,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review GCP workload HA and BCDR designs — multi-region architectures, Cloud SQL HA failover, Spanner global instances, GKE multi-cluster, RTO/RPO target analysis, and runbook completeness.",
+    "summary": "Review GCP workload HA and BCDR designs \u2014 multi-region architectures, Cloud SQL HA failover, Spanner global instances, GKE multi-cluster, RTO/RPO target analysis, and runbook completeness.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/architecture/disaster-recovery",
@@ -5204,7 +5478,7 @@
       "https://cloud.google.com/spanner/docs/instance-configurations",
       "https://cloud.google.com/kubernetes-engine/docs/concepts/multi-cluster-ingress"
     ],
-    "security_notes": "Cloud SQL HA is zone-redundant only — cross-region failover is manual (replica promotion). Cloud Run has no built-in multi-region failover. RTO/RPO targets without tested recovery evidence are aspirational. Require last recovery test date and result before marking BCDR as operational.",
+    "security_notes": "Cloud SQL HA is zone-redundant only \u2014 cross-region failover is manual (replica promotion). Cloud Run has no built-in multi-region failover. RTO/RPO targets without tested recovery evidence are aspirational. Require last recovery test date and result before marking BCDR as operational.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-resilience-bcdr-review",
     "author": "github: Raishin",
@@ -5230,7 +5504,7 @@
       "https://cloud.google.com/asset-inventory/docs/searching-resources",
       "https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes"
     ],
-    "security_notes": "Cloud Asset Inventory change history covers 35 days — explicitly state this limit for older investigations. Stale resources (unattached static IPs, disks, orphaned firewall rules) incur ongoing charges. Resources missing required labels cannot be attributed in billing exports.",
+    "security_notes": "Cloud Asset Inventory change history covers 35 days \u2014 explicitly state this limit for older investigations. Stale resources (unattached static IPs, disks, orphaned firewall rules) incur ongoing charges. Resources missing required labels cannot be attributed in billing exports.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-resource-inventory-analyst",
     "author": "github: Raishin",
@@ -5258,7 +5532,7 @@
       "https://cloud.google.com/kms/docs/key-rotation",
       "https://cloud.google.com/kms/docs/importing-a-key"
     ],
-    "security_notes": "Prefer read-only inspection. Do not delete key versions, disable keys, or modify CMEK bindings without explicit user approval and a confirmed rollback plan — key operations can cause irreversible data loss.",
+    "security_notes": "Prefer read-only inspection. Do not delete key versions, disable keys, or modify CMEK bindings without explicit user approval and a confirmed rollback plan \u2014 key operations can cause irreversible data loss.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-secret-kms-lifecycle-steward",
     "author": "github: Raishin",
@@ -5305,7 +5579,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Cloud Run and Cloud Functions gen2 for production readiness — min-instances cold start, memory and CPU allocation, VPC connector configuration, Secret Manager injection, CMEK encryption, concurrency limits, and traffic splitting safety.",
+    "summary": "Review Cloud Run and Cloud Functions gen2 for production readiness \u2014 min-instances cold start, memory and CPU allocation, VPC connector configuration, Secret Manager injection, CMEK encryption, concurrency limits, and traffic splitting safety.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/run/docs/configuring/min-instances",
@@ -5314,7 +5588,7 @@
       "https://cloud.google.com/run/docs/rollouts-rollbacks-traffic-migration",
       "https://cloud.google.com/functions/docs/concepts/version-comparison"
     ],
-    "security_notes": "Cloud Run service accounts must follow least privilege — avoid binding roles/editor or roles/owner. Secrets in environment variables appear in plaintext in Cloud Run revision metadata accessible to anyone with run.revisions.get — always use Secret Manager references. Cloud Run with --allow-unauthenticated is public to the internet — require authentication for all non-public endpoints.",
+    "security_notes": "Cloud Run service accounts must follow least privilege \u2014 avoid binding roles/editor or roles/owner. Secrets in environment variables appear in plaintext in Cloud Run revision metadata accessible to anyone with run.revisions.get \u2014 always use Secret Manager references. Cloud Run with --allow-unauthenticated is public to the internet \u2014 require authentication for all non-public endpoints.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-serverless-production-readiness",
     "version": "0.1.0",
@@ -5333,7 +5607,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Design GCP solutions aligned with the Google Cloud Architecture Framework — reliability, security, cost optimization, operational excellence, and performance efficiency — covering resource hierarchy design, product selection, and multi-service architecture patterns.",
+    "summary": "Design GCP solutions aligned with the Google Cloud Architecture Framework \u2014 reliability, security, cost optimization, operational excellence, and performance efficiency \u2014 covering resource hierarchy design, product selection, and multi-service architecture patterns.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/architecture/framework",
@@ -5367,7 +5641,7 @@
       "https://cloud.google.com/spanner/docs/instances",
       "https://cloud.google.com/spanner/docs/secondary-indexes"
     ],
-    "security_notes": "Monotonically increasing keys (e.g., auto-increment integers) cause all writes to hit the same split — use UUIDs or bit-reversed sequential IDs. Over-indexing in Spanner is expensive and slows writes — every indexed column is replicated.",
+    "security_notes": "Monotonically increasing keys (e.g., auto-increment integers) cause all writes to hit the same split \u2014 use UUIDs or bit-reversed sequential IDs. Over-indexing in Spanner is expensive and slows writes \u2014 every indexed column is replicated.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-spanner-architect",
     "author": "github: Raishin",
@@ -5386,7 +5660,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Coordinate GCP support incidents — case creation with correct severity, Premium/Enhanced Support SLA enforcement, TAM escalation path, status page monitoring, internal stakeholder communication, and post-incident evidence packaging.",
+    "summary": "Coordinate GCP support incidents \u2014 case creation with correct severity, Premium/Enhanced Support SLA enforcement, TAM escalation path, status page monitoring, internal stakeholder communication, and post-incident evidence packaging.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/support/docs/overview",
@@ -5394,7 +5668,7 @@
       "https://status.google.com/",
       "https://cloud.google.com/support/docs/managed-incident"
     ],
-    "security_notes": "GCP support case attachments are accessible to Google support engineers — never attach files containing customer PII, credentials, or unredacted production logs. Premium Support SLA is contractual — document SLA breach timestamps with case numbers for potential SLA credits.",
+    "security_notes": "GCP support case attachments are accessible to Google support engineers \u2014 never attach files containing customer PII, credentials, or unredacted production logs. Premium Support SLA is contractual \u2014 document SLA breach timestamps with case numbers for potential SLA credits.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-support-incident-coordinator",
     "version": "0.1.0",
@@ -5413,7 +5687,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Triage GCP operational alerts, incidents, and support tickets — P0/P1/P2/P3 classification, GCP Premium/Enhanced Support SLA enforcement, war room coordination, evidence collection from Cloud Monitoring and Cloud Logging, and safe escalation paths.",
+    "summary": "Triage GCP operational alerts, incidents, and support tickets \u2014 P0/P1/P2/P3 classification, GCP Premium/Enhanced Support SLA enforcement, war room coordination, evidence collection from Cloud Monitoring and Cloud Logging, and safe escalation paths.",
     "source_type": "original",
     "official_docs": [
       "https://cloud.google.com/support/docs/severity-definitions",
@@ -5421,7 +5695,7 @@
       "https://cloud.google.com/logging/docs/view/logs-explorer-interface",
       "https://status.google.com/"
     ],
-    "security_notes": "GCP support tickets may require sharing sanitized logs or configuration — scrub project IDs, IP addresses, and customer data before sharing with Google support. War room communication channels must be secure — use dedicated incident Slack/Meet channels, not public ones.",
+    "security_notes": "GCP support tickets may require sharing sanitized logs or configuration \u2014 scrub project IDs, IP addresses, and customer data before sharing with Google support. War room communication channels must be secure \u2014 use dedicated incident Slack/Meet channels, not public ones.",
     "last_verified": "2026-05-09",
     "path": "skills/gcp/gcp-ticket-triage-escalation-coordinator",
     "version": "0.1.0",
@@ -5448,7 +5722,7 @@
       "https://cloud.google.com/vertex-ai/docs/model-registry/introduction",
       "https://cloud.google.com/vertex-ai/docs/featurestore/overview"
     ],
-    "security_notes": "Training jobs have no automatic cost cap — always verify max_run_time is set. Feature Store writes are irreversible and can silently corrupt training data. Gemini via Vertex AI has different privacy commitments than via AI Studio.",
+    "security_notes": "Training jobs have no automatic cost cap \u2014 always verify max_run_time is set. Feature Store writes are irreversible and can silently corrupt training data. Gemini via Vertex AI has different privacy commitments than via AI Studio.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-vertex-ai-mlops-engineer",
     "author": "github: Raishin",
@@ -5476,7 +5750,7 @@
       "https://cloud.google.com/access-context-manager/docs/overview",
       "https://cloud.google.com/vpc-service-controls/docs/create-service-perimeters"
     ],
-    "security_notes": "Prefer dry-run mode before enforcement. Do not switch perimeters to enforcement mode without reviewing dry-run violations — live enforcement silently blocks API calls and can disrupt production workloads.",
+    "security_notes": "Prefer dry-run mode before enforcement. Do not switch perimeters to enforcement mode without reviewing dry-run violations \u2014 live enforcement silently blocks API calls and can disrupt production workloads.",
     "last_verified": "2026-05-08",
     "path": "skills/gcp/gcp-vpc-service-controls-architect",
     "author": "github: Raishin",
@@ -5574,7 +5848,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review a Helm chart for quality, security, and testability defects — linting gaps, insecure securityContext, missing resource limits, absent health probes, RBAC over-permission, hardcoded secrets, and missing helm test coverage — statically, without installing or contacting a cluster.",
+    "summary": "Review a Helm chart for quality, security, and testability defects \u2014 linting gaps, insecure securityContext, missing resource limits, absent health probes, RBAC over-permission, hardcoded secrets, and missing helm test coverage \u2014 statically, without installing or contacting a cluster.",
     "source_type": "original",
     "official_docs": [
       "https://helm.sh/docs/chart_best_practices/",
@@ -5585,7 +5859,7 @@
       "https://kubernetes.io/docs/concepts/security/pod-security-standards/",
       "https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
     ],
-    "security_notes": "Static review only — reads chart source files (Chart.yaml, values.yaml, templates/, tests/), never installs a chart, never connects to a Kubernetes cluster, never requests kubeconfig, cluster credentials, or cloud provider credentials. Do not accept values files containing live credentials, connection strings, or tenant IDs; ask for sanitized versions with placeholder values.",
+    "security_notes": "Static review only \u2014 reads chart source files (Chart.yaml, values.yaml, templates/, tests/), never installs a chart, never connects to a Kubernetes cluster, never requests kubeconfig, cluster credentials, or cloud provider credentials. Do not accept values files containing live credentials, connection strings, or tenant IDs; ask for sanitized versions with placeholder values.",
     "last_verified": "2026-05-17",
     "path": "skills/qa/helm-chart-quality-review",
     "version": "0.1.0",
@@ -5611,7 +5885,7 @@
       "https://docs.hetzner.com/cloud/servers/overview/",
       "https://docs.hetzner.com/general/others/contacting-support/"
     ],
-    "security_notes": "Hetzner does not offer auto-scaling — verify current resource counts via API before growth planning to avoid quota exhaustion surprises. Storage Box Snapshot Plans require both hour and minute parameters; incomplete schedules may silently fail. Do not expose project API tokens in capacity reports.",
+    "security_notes": "Hetzner does not offer auto-scaling \u2014 verify current resource counts via API before growth planning to avoid quota exhaustion surprises. Storage Box Snapshot Plans require both hour and minute parameters; incomplete schedules may silently fail. Do not expose project API tokens in capacity reports.",
     "last_verified": "2026-05-10",
     "path": "skills/hetzner/hetzner-capacity-planner",
     "author": "github: Raishin",
@@ -5637,7 +5911,7 @@
       "https://www.hetzner.com/cloud/pricing/",
       "https://docs.hetzner.com/"
     ],
-    "security_notes": "Never recommend deleting Volumes or snapshots that serve as the only recovery path. Unattached Primary IPs and Floating IPs incur cost — verify attachment state before recommending deletion. Do not expose project API tokens in cost analysis output.",
+    "security_notes": "Never recommend deleting Volumes or snapshots that serve as the only recovery path. Unattached Primary IPs and Floating IPs incur cost \u2014 verify attachment state before recommending deletion. Do not expose project API tokens in cost analysis output.",
     "last_verified": "2026-05-10",
     "path": "skills/hetzner/hetzner-cost-optimization-analyst",
     "author": "github: Raishin",
@@ -5663,7 +5937,7 @@
       "https://docs.hetzner.com/cloud/firewalls/overview/",
       "https://docs.hetzner.com/cloud/networks/overview/"
     ],
-    "security_notes": "Public IPs on Hetzner are opt-in since API v1.34 — flag servers with unnecessary public IPs. An unattached Hetzner Firewall provides zero protection — always verify attachment to servers or Label groups. Load Balancer health checks must be validated before traffic routing changes.",
+    "security_notes": "Public IPs on Hetzner are opt-in since API v1.34 \u2014 flag servers with unnecessary public IPs. An unattached Hetzner Firewall provides zero protection \u2014 always verify attachment to servers or Label groups. Load Balancer health checks must be validated before traffic routing changes.",
     "last_verified": "2026-05-10",
     "path": "skills/hetzner/hetzner-infrastructure-reviewer",
     "author": "github: Raishin",
@@ -5689,7 +5963,7 @@
       "https://docs.hetzner.com/cloud/firewalls/overview/",
       "https://docs.hetzner.com/cloud/firewalls/faq/"
     ],
-    "security_notes": "Must snapshot current Firewall rules before any mutation — Hetzner Firewall changes are immediate and affect all attached servers. Verify project-scoped API token before write operations. An unattached Firewall provides zero protection. Never proceed without explicit human approval confirming target Firewall ID, blast-radius, and rollback plan.",
+    "security_notes": "Must snapshot current Firewall rules before any mutation \u2014 Hetzner Firewall changes are immediate and affect all attached servers. Verify project-scoped API token before write operations. An unattached Firewall provides zero protection. Never proceed without explicit human approval confirming target Firewall ID, blast-radius, and rollback plan.",
     "last_verified": "2026-05-10",
     "path": "skills/hetzner/hetzner-live-firewall-rule-guard",
     "author": "github: Raishin",
@@ -5715,7 +5989,7 @@
       "https://docs.hetzner.com/cloud/servers/overview/",
       "https://docs.hetzner.com/cloud/servers/server-types/"
     ],
-    "security_notes": "Server deletion on Hetzner is irreversible — always require a confirmed snapshot before deletion. Public IPs (IPv4/IPv6) are opt-in since API v1.34 and must be explicitly requested. Server type changes require server stop — confirm downtime window. Always verify API token is project-scoped. Never proceed without server ID, region, explicit human approval, and rollback plan.",
+    "security_notes": "Server deletion on Hetzner is irreversible \u2014 always require a confirmed snapshot before deletion. Public IPs (IPv4/IPv6) are opt-in since API v1.34 and must be explicitly requested. Server type changes require server stop \u2014 confirm downtime window. Always verify API token is project-scoped. Never proceed without server ID, region, explicit human approval, and rollback plan.",
     "last_verified": "2026-05-10",
     "path": "skills/hetzner/hetzner-live-server-lifecycle-guard",
     "author": "github: Raishin",
@@ -5734,13 +6008,13 @@
       "kiro",
       "other"
     ],
-    "summary": "Route and classify Hetzner Cloud tasks to the narrowest qualified specialist — cost optimization, infrastructure review, capacity planning, firewall guard, or server lifecycle guard.",
+    "summary": "Route and classify Hetzner Cloud tasks to the narrowest qualified specialist \u2014 cost optimization, infrastructure review, capacity planning, firewall guard, or server lifecycle guard.",
     "source_type": "original",
     "official_docs": [
       "https://docs.hetzner.cloud/",
       "https://docs.hetzner.com/"
     ],
-    "security_notes": "Never attempt live Hetzner Cloud API mutations from the routing layer. Always verify API tokens are project-scoped before routing involving live data. Public IPs are opt-in since API v1.34 — do not assume servers have public IPs.",
+    "security_notes": "Never attempt live Hetzner Cloud API mutations from the routing layer. Always verify API tokens are project-scoped before routing involving live data. Public IPs are opt-in since API v1.34 \u2014 do not assume servers have public IPs.",
     "last_verified": "2026-05-10",
     "path": "skills/hetzner/hetzner-maestro",
     "author": "github: Raishin",
@@ -5750,7 +6024,7 @@
     "id": "hr-risk-triage-review",
     "name": "HR Risk Triage Review",
     "type": "skill",
-    "provider": "generic",
+    "provider": "hr",
     "harnesses": [
       "codex",
       "claude-code",
@@ -5759,7 +6033,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Adversarial HR and employment-risk triage discipline for terminations, discipline, accommodations, wage/hour, discrimination, harassment, retaliation, layoffs, and HR policy exceptions — surfaces risks, evidence gaps, and escalation paths for employment counsel. Does not give legal or HR advice.",
+    "summary": "Adversarial HR and employment-risk triage discipline for terminations, discipline, accommodations, wage/hour, discrimination, harassment, retaliation, layoffs, and HR policy exceptions \u2014 surfaces risks, evidence gaps, and escalation paths for employment counsel. Does not give legal or HR advice.",
     "source_type": "original",
     "official_docs": [
       "https://www.eeoc.gov/laws-guidance",
@@ -5769,7 +6043,7 @@
       "https://www.mom.gov.sg/employment-practices",
       "https://www.fairwork.gov.au/"
     ],
-    "security_notes": "Static review only — works from sanitized excerpts; never requests employee medical records, personal data, or protected-characteristic data beyond what the question requires. Does not issue binding employment-law conclusions; refuses pretextual or retaliatory documentation and recommends escalation to employment counsel.",
+    "security_notes": "Static review only \u2014 works from sanitized excerpts; never requests employee medical records, personal data, or protected-characteristic data beyond what the question requires. Does not issue binding employment-law conclusions; refuses pretextual or retaliatory documentation and recommends escalation to employment counsel.",
     "last_verified": "2026-05-18",
     "path": "skills/hr/hr-risk-triage-review",
     "author": "github: Raishin",
@@ -5796,7 +6070,7 @@
       "https://support.huaweicloud.com/intl/en-us/asm/index.html",
       "https://support.huaweicloud.com/intl/en-us/ief/index.html"
     ],
-    "security_notes": "CCE cluster version downgrade not supported. Node pool scale-down evicts workloads — verify PDBs. SWR image tag mutations are permanent. ASM policy changes affect all services in the mesh simultaneously.",
+    "security_notes": "CCE cluster version downgrade not supported. Node pool scale-down evicts workloads \u2014 verify PDBs. SWR image tag mutations are permanent. ASM policy changes affect all services in the mesh simultaneously.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-cce-container-platform-operator",
     "author": "github: Raishin",
@@ -5816,14 +6090,14 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Huawei Cloud SSL certificate management — SCM certificate lifecycle, ELB SSL certificate binding, DEW-managed certificate storage, renewal automation, wildcard vs SAN cert selection, certificate expiry alerting via CES, and HTTPS enforcement on ELB listeners.",
+    "summary": "Review Huawei Cloud SSL certificate management \u2014 SCM certificate lifecycle, ELB SSL certificate binding, DEW-managed certificate storage, renewal automation, wildcard vs SAN cert selection, certificate expiry alerting via CES, and HTTPS enforcement on ELB listeners.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/scm/index.html",
       "https://support.huaweicloud.com/intl/en-us/elb/index.html",
       "https://support.huaweicloud.com/intl/en-us/dew/index.html"
     ],
-    "security_notes": "Certificate private keys stored in DEW must have IAM access policies that restrict access to authorized identities only — overly permissive DEW key policies expose private key material. SCM certificates are region-scoped — verify the certificate is present in all regions where ELB listeners consume it to prevent cross-region binding failures.",
+    "security_notes": "Certificate private keys stored in DEW must have IAM access policies that restrict access to authorized identities only \u2014 overly permissive DEW key policies expose private key material. SCM certificates are region-scoped \u2014 verify the certificate is present in all regions where ELB listeners consume it to prevent cross-region binding failures.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-certificate-manager-issuer-review",
     "version": "0.1.0",
@@ -5842,7 +6116,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Pre-change blast radius analysis for Huawei Cloud — Organizations SCP cascade scope, IAM agency dependency chain, VPC route table and VPC Peering impact, GaussDB instance class change disruption, CCE node pool resize safety, and Enterprise Project boundary clarity.",
+    "summary": "Pre-change blast radius analysis for Huawei Cloud \u2014 Organizations SCP cascade scope, IAM agency dependency chain, VPC route table and VPC Peering impact, GaussDB instance class change disruption, CCE node pool resize safety, and Enterprise Project boundary clarity.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/organizations/index.html",
@@ -5851,7 +6125,7 @@
       "https://support.huaweicloud.com/intl/en-us/gaussdb_mysql/index.html",
       "https://support.huaweicloud.com/intl/en-us/cce/index.html"
     ],
-    "security_notes": "Huawei Cloud Organizations SCP deny rules have org-level blast radius — a misconfigured SCP can lock out all member accounts from critical services; test SCP changes in a sandbox member account first. IAM agency deletion is immediate and irreversible — all services using the agency lose permissions instantly.",
+    "security_notes": "Huawei Cloud Organizations SCP deny rules have org-level blast radius \u2014 a misconfigured SCP can lock out all member accounts from critical services; test SCP changes in a sandbox member account first. IAM agency deletion is immediate and irreversible \u2014 all services using the agency lose permissions instantly.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-change-impact-advisor",
     "version": "0.1.0",
@@ -5876,7 +6150,7 @@
       "https://support.huaweicloud.com/intl/en-us/codearts/index.html",
       "https://support.huaweicloud.com/intl/en-us/swr/index.html"
     ],
-    "security_notes": "Do not deploy to production without staging verification. CodeArts pipeline deletion removes audit history permanently. SWR image deletion removes all layers — verify no production dependency before deleting.",
+    "security_notes": "Do not deploy to production without staging verification. CodeArts pipeline deletion removes audit history permanently. SWR image deletion removes all layers \u2014 verify no production dependency before deleting.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-codearts-devops-operator",
     "author": "github: Raishin",
@@ -5902,7 +6176,7 @@
       "https://support.huaweicloud.com/intl/en-us/iam/index.html",
       "https://support.huaweicloud.com/intl/en-us/lts/index.html"
     ],
-    "security_notes": "MLPS Level 3 gap is regulatory risk. Cross-border data movement must be assessed before architecture approval. Flag any MLPS Level 3 workload modification that reduces security controls — mandatory incident reporting may apply.",
+    "security_notes": "MLPS Level 3 gap is regulatory risk. Cross-border data movement must be assessed before architecture approval. Flag any MLPS Level 3 workload modification that reduces security controls \u2014 mandatory incident reporting may apply.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-compliance-sovereignty",
     "author": "github: Raishin",
@@ -5922,14 +6196,14 @@
       "kiro",
       "other"
     ],
-    "summary": "Coordinate Huawei Cloud cost anomaly detection — CBC Cost Center delta analysis (>15% day-over-day threshold), budget alert configuration via Budget Management, ECS/GaussDB Yearly/Monthly vs On-Demand mode cost anomalies, OBS request cost spikes, unattached EVS volume waste, DWS idle cluster detection, and reserved instance coverage gaps.",
+    "summary": "Coordinate Huawei Cloud cost anomaly detection \u2014 CBC Cost Center delta analysis (>15% day-over-day threshold), budget alert configuration via Budget Management, ECS/GaussDB Yearly/Monthly vs On-Demand mode cost anomalies, OBS request cost spikes, unattached EVS volume waste, DWS idle cluster detection, and reserved instance coverage gaps.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/billing/index.html",
       "https://support.huaweicloud.com/intl/en-us/costcenter/index.html",
       "https://support.huaweicloud.com/intl/en-us/ces/index.html"
     ],
-    "security_notes": "CBC Cost Center exports contain billing data — restrict export access to authorized IAM identities using least-privilege policies. Budget alert actions may trigger FunctionGraph functions — verify the function IAM execution role has only the permissions needed to respond to the alert action.",
+    "security_notes": "CBC Cost Center exports contain billing data \u2014 restrict export access to authorized IAM identities using least-privilege policies. Budget alert actions may trigger FunctionGraph functions \u2014 verify the function IAM execution role has only the permissions needed to respond to the alert action.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-cost-anomaly-watch-coordinator",
     "version": "0.1.0",
@@ -5954,7 +6228,7 @@
       "https://support.huaweicloud.com/intl/en-us/usermanual-billing/index.html",
       "https://support.huaweicloud.com/intl/en-us/eps/index.html"
     ],
-    "security_notes": "RI/CUD purchases are committed spend — verify coverage analysis before purchase. Budget threshold reduction below current spend may suspend services. Enterprise project cost transfer requires approval.",
+    "security_notes": "RI/CUD purchases are committed spend \u2014 verify coverage analysis before purchase. Budget threshold reduction below current spend may suspend services. Enterprise project cost transfer requires approval.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-cost-finops-analyst",
     "author": "github: Raishin",
@@ -5973,7 +6247,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Coordinate the daily Huawei Cloud operations standup — CBC cost delta by Enterprise Project, AOM anomaly alert review, CCE pod failure triage, CES quota utilization warnings, LTS log error spike detection, SecMaster security finding triage, and action item assignment.",
+    "summary": "Coordinate the daily Huawei Cloud operations standup \u2014 CBC cost delta by Enterprise Project, AOM anomaly alert review, CCE pod failure triage, CES quota utilization warnings, LTS log error spike detection, SecMaster security finding triage, and action item assignment.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/cbc/index.html",
@@ -5983,7 +6257,7 @@
       "https://support.huaweicloud.com/intl/en-us/secmaster/index.html",
       "https://support.huaweicloud.com/intl/en-us/lts/index.html"
     ],
-    "security_notes": "Huawei Cloud SecMaster finding details may contain vulnerability exploit paths — restrict SecMaster report distribution to security team members only in daily briefings. CBC Enterprise Project cost data reveals workload architecture details — distribute cost briefing only to authorized engineering and finance leads.",
+    "security_notes": "Huawei Cloud SecMaster finding details may contain vulnerability exploit paths \u2014 restrict SecMaster report distribution to security team members only in daily briefings. CBC Enterprise Project cost data reveals workload architecture details \u2014 distribute cost briefing only to authorized engineering and finance leads.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-daily-operations-briefing-coordinator",
     "version": "0.1.0",
@@ -6032,7 +6306,7 @@
       "https://support.huaweicloud.com/intl/en-us/drs/index.html",
       "https://support.huaweicloud.com/intl/en-us/dms/index.html"
     ],
-    "security_notes": "DRS task deletion during sync stops replication permanently. CDM job retry without deduplication may cause duplicates. DMS Kafka partition count can only increase — plan final partition count upfront.",
+    "security_notes": "DRS task deletion during sync stops replication permanently. CDM job retry without deduplication may cause duplicates. DMS Kafka partition count can only increase \u2014 plan final partition count upfront.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-drs-data-replication-operator",
     "author": "github: Raishin",
@@ -6083,7 +6357,7 @@
       "https://support.huaweicloud.com/intl/en-us/ecs/index.html",
       "https://support.huaweicloud.com/intl/en-us/ims/index.html"
     ],
-    "security_notes": "ECS deletion without CSBS backup is permanently destructive. AS scale-in terminates instances — verify stateless before enabling. DeH migration to shared host requires explicit approval and compliance review.",
+    "security_notes": "ECS deletion without CSBS backup is permanently destructive. AS scale-in terminates instances \u2014 verify stateless before enabling. DeH migration to shared host requires explicit approval and compliance review.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-ecs-compute-operator",
     "author": "github: Raishin",
@@ -6103,7 +6377,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Huawei Cloud event-driven architecture designs — DMS Kafka dead-letter configuration, ROMA Connect integration flow capacity, FunctionGraph event trigger idempotency, SMN delivery retry policy, consumer group lag monitoring, cross-region event replication, and retry storm prevention.",
+    "summary": "Review Huawei Cloud event-driven architecture designs \u2014 DMS Kafka dead-letter configuration, ROMA Connect integration flow capacity, FunctionGraph event trigger idempotency, SMN delivery retry policy, consumer group lag monitoring, cross-region event replication, and retry storm prevention.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/dms/index.html",
@@ -6111,7 +6385,7 @@
       "https://support.huaweicloud.com/intl/en-us/fg/index.html",
       "https://support.huaweicloud.com/intl/en-us/smn/index.html"
     ],
-    "security_notes": "DMS Kafka instances without SSL/TLS encryption transmit messages in plaintext — enable SSL for all production Kafka instances. ROMA Connect integration flows may process sensitive data — verify ROMA instance security group rules restrict access to authorized callers only.",
+    "security_notes": "DMS Kafka instances without SSL/TLS encryption transmit messages in plaintext \u2014 enable SSL for all production Kafka instances. ROMA Connect integration flows may process sensitive data \u2014 verify ROMA instance security group rules restrict access to authorized callers only.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-event-driven-architecture-review",
     "version": "0.1.0",
@@ -6162,7 +6436,7 @@
       "https://support.huaweicloud.com/intl/en-us/rds/index.html",
       "https://support.huaweicloud.com/intl/en-us/dds/index.html"
     ],
-    "security_notes": "Database deletion without CBR backup is permanently destructive. GaussDB for Oracle PL/SQL gaps can break migration — test all procedures before cutover. Failover testing must be coordinated with application teams.",
+    "security_notes": "Database deletion without CBR backup is permanently destructive. GaussDB for Oracle PL/SQL gaps can break migration \u2014 test all procedures before cutover. Failover testing must be coordinated with application teams.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-gaussdb-rds-dba",
     "author": "github: Raishin",
@@ -6181,7 +6455,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Terraform and RFS (Resource Formation Service) changes targeting Huawei Cloud — blast radius analysis, resource deletion detection, Organizations SCP cascade scope, cross-stack dependency impact, state file security, and rollback plan completeness.",
+    "summary": "Review Terraform and RFS (Resource Formation Service) changes targeting Huawei Cloud \u2014 blast radius analysis, resource deletion detection, Organizations SCP cascade scope, cross-stack dependency impact, state file security, and rollback plan completeness.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/rfs/index.html",
@@ -6189,7 +6463,7 @@
       "https://support.huaweicloud.com/intl/en-us/organizations/index.html",
       "https://support.huaweicloud.com/intl/en-us/obs/index.html"
     ],
-    "security_notes": "Huawei Cloud Terraform provider state files contain resource attribute details — OBS backend bucket must deny public access and use SSE-KMS CMEK. RFS stacks without termination protection can be deleted with a single API call — always enable termination protection on production stacks.",
+    "security_notes": "Huawei Cloud Terraform provider state files contain resource attribute details \u2014 OBS backend bucket must deny public access and use SSE-KMS CMEK. RFS stacks without termination protection can be deleted with a single API call \u2014 always enable termination protection on production stacks.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-iac-change-safety-review",
     "version": "0.1.0",
@@ -6263,7 +6537,7 @@
       "https://support.huaweicloud.com/intl/en-us/eps/index.html",
       "https://support.huaweicloud.com/intl/en-us/organizations/index.html"
     ],
-    "security_notes": "SCP deny at org level cannot be overridden by member account IAM. Test SCP in simulation before enforcement. Enterprise project deletion removes all resource associations — enumerate first.",
+    "security_notes": "SCP deny at org level cannot be overridden by member account IAM. Test SCP in simulation before enforcement. Enterprise project deletion removes all resource associations \u2014 enumerate first.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-landing-zone-architect",
     "author": "github: Raishin",
@@ -6307,7 +6581,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Gate Huawei Cloud CBC budget threshold changes, Reserved Instance purchases, and CUD commitments — RI/CUD are non-refundable and budget threshold reduction can trigger service suspension.",
+    "summary": "Gate Huawei Cloud CBC budget threshold changes, Reserved Instance purchases, and CUD commitments \u2014 RI/CUD are non-refundable and budget threshold reduction can trigger service suspension.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/usermanual-billing/index.html"
@@ -6331,7 +6605,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Gate GaussDB/RDS instance deletion, spec downgrade, and backup policy removal — database deletion is permanently destructive and MLPS Level 3 data destruction triggers mandatory incident reporting.",
+    "summary": "Gate GaussDB/RDS instance deletion, spec downgrade, and backup policy removal \u2014 database deletion is permanently destructive and MLPS Level 3 data destruction triggers mandatory incident reporting.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/gaussdb_mysql/index.html",
@@ -6356,7 +6630,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Gate IAM fine-grained policy and SCP mutations — account-wide blast radius, privilege escalation, and potential full access denial.",
+    "summary": "Gate IAM fine-grained policy and SCP mutations \u2014 account-wide blast radius, privilege escalation, and potential full access denial.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/iam/index.html",
@@ -6381,7 +6655,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Gate DEW/KMS key deletion and disable operations — all CSMS secrets and DBSS-encrypted database data become permanently unrecoverable once the key deletion window passes.",
+    "summary": "Gate DEW/KMS key deletion and disable operations \u2014 all CSMS secrets and DBSS-encrypted database data become permanently unrecoverable once the key deletion window passes.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/dew/index.html"
@@ -6405,7 +6679,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Gate OBS bucket ACL and policy mutations — public-read/write ACL exposes data immediately and CN-* cross-border replication may violate MLPS 2.0/CSL data localization requirements.",
+    "summary": "Gate OBS bucket ACL and policy mutations \u2014 public-read/write ACL exposes data immediately and CN-* cross-border replication may violate MLPS 2.0/CSL data localization requirements.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/obs/index.html"
@@ -6430,13 +6704,13 @@
       "kiro",
       "other"
     ],
-    "summary": "Engineer and review Huawei Cloud ELB traffic configurations — dedicated vs shared ELB type selection, HTTP/HTTPS/TCP/UDP protocol listener setup, health check configuration, WAF integration on ELB, backend server group routing, connection draining, and TLS policy enforcement on Dedicated ELB.",
+    "summary": "Engineer and review Huawei Cloud ELB traffic configurations \u2014 dedicated vs shared ELB type selection, HTTP/HTTPS/TCP/UDP protocol listener setup, health check configuration, WAF integration on ELB, backend server group routing, connection draining, and TLS policy enforcement on Dedicated ELB.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/elb/index.html",
       "https://support.huaweicloud.com/intl/en-us/waf/index.html"
     ],
-    "security_notes": "ELB HTTPS listeners should enforce TLS-1-2 or TLS-1-2-Strict policy to disable TLSv1.0 and TLSv1.1 — weaker TLS policies expose traffic to known downgrade attacks. WAF integration on ELB adds a security inspection hop; verify WAF security policy is tuned for the application before enabling block mode to avoid service disruption from false positives.",
+    "security_notes": "ELB HTTPS listeners should enforce TLS-1-2 or TLS-1-2-Strict policy to disable TLSv1.0 and TLSv1.1 \u2014 weaker TLS policies expose traffic to known downgrade attacks. WAF integration on ELB adds a security inspection hop; verify WAF security policy is tuned for the application before enabling block mode to avoid service disruption from false positives.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-load-balancer-traffic-engineer",
     "version": "0.1.0",
@@ -6455,7 +6729,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Route Huawei Cloud tasks to the narrowest specialist or team of specialists from the 27-agent catalog. MLPS 2.0 and sovereignty-aware — flags MLPS Level 3 control gaps and data residency obligations for China workloads. Understands Huawei's enterprise-project model and SCP-based org governance. Never auto-dispatches live-guard agents.",
+    "summary": "Route Huawei Cloud tasks to the narrowest specialist or team of specialists from the 27-agent catalog. MLPS 2.0 and sovereignty-aware \u2014 flags MLPS Level 3 control gaps and data residency obligations for China workloads. Understands Huawei's enterprise-project model and SCP-based org governance. Never auto-dispatches live-guard agents.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/iam/index.html",
@@ -6463,7 +6737,7 @@
       "https://support.huaweicloud.com/intl/en-us/ecs/index.html",
       "https://support.huaweicloud.com/intl/en-us/secmaster/index.html"
     ],
-    "security_notes": "Maestro must never auto-dispatch live-guard agents. SCP deny statements and DEW key deletion are irreversible with org-wide or permanent data-loss blast radius. MLPS 2.0 Level 3 workloads have mandatory incident reporting obligations — flag data destruction and security breaches immediately.",
+    "security_notes": "Maestro must never auto-dispatch live-guard agents. SCP deny statements and DEW key deletion are irreversible with org-wide or permanent data-loss blast radius. MLPS 2.0 Level 3 workloads have mandatory incident reporting obligations \u2014 flag data destruction and security breaches immediately.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-maestro",
     "author": "github: Raishin",
@@ -6489,7 +6763,7 @@
       "https://support.huaweicloud.com/intl/en-us/sms/index.html",
       "https://support.huaweicloud.com/intl/en-us/drs/index.html"
     ],
-    "security_notes": "DRS replication user needs REPLICATION privilege on source — least privilege on source system. Never cut over without verifying DRS lag and backup integrity. SMS agent requires network path from source to Huawei Cloud.",
+    "security_notes": "DRS replication user needs REPLICATION privilege on source \u2014 least privilege on source system. Never cut over without verifying DRS lag and backup integrity. SMS agent requires network path from source to Huawei Cloud.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-migration-architect",
     "author": "github: Raishin",
@@ -6513,7 +6787,7 @@
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/modelarts/index.html"
     ],
-    "security_notes": "ModelArts training jobs have no automatic cost cap — always set resource quotas before large GPU/NPU training runs. Ascend NPU OOM patterns differ from Nvidia CUDA OOM. Pangu model deployment endpoint has no default rate limiting.",
+    "security_notes": "ModelArts training jobs have no automatic cost cap \u2014 always set resource quotas before large GPU/NPU training runs. Ascend NPU OOM patterns differ from Nvidia CUDA OOM. Pangu model deployment endpoint has no default rate limiting.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-modelarts-mlops-engineer",
     "author": "github: Raishin",
@@ -6532,7 +6806,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Design Huawei Cloud network architecture — VPC, ELB type selection (dedicated/shared), VPN and DC Gateway (Direct Connect), Cloud Connect for inter-VPC, CFW (Cloud Firewall), Anti-DDoS, DNS.",
+    "summary": "Design Huawei Cloud network architecture \u2014 VPC, ELB type selection (dedicated/shared), VPN and DC Gateway (Direct Connect), Cloud Connect for inter-VPC, CFW (Cloud Firewall), Anti-DDoS, DNS.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/vpc/index.html",
@@ -6559,14 +6833,14 @@
       "kiro",
       "other"
     ],
-    "summary": "Govern Huawei Cloud OBS (Object Storage Service) data perimeters — bucket policy and ACL public exposure, Block Public Access configuration, VPC endpoint binding for private access, WORM (Object Lock), cross-region replication compliance, and MLPS 2.0 data residency enforcement.",
+    "summary": "Govern Huawei Cloud OBS (Object Storage Service) data perimeters \u2014 bucket policy and ACL public exposure, Block Public Access configuration, VPC endpoint binding for private access, WORM (Object Lock), cross-region replication compliance, and MLPS 2.0 data residency enforcement.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/obs/index.html",
       "https://support.huaweicloud.com/intl/en-us/vpcep/index.html",
       "https://support.huaweicloud.com/intl/en-us/obs/obs_03_0086.html"
     ],
-    "security_notes": "Huawei Cloud OBS presigned URLs can expose objects publicly for the URL validity period — audit presigned URL generation in application code and set maximum validity to the shortest acceptable window. OBS cross-region replication of MLPS 2.0 Level 3 classified data to international regions violates Chinese data sovereignty regulations and carries regulatory penalty risk.",
+    "security_notes": "Huawei Cloud OBS presigned URLs can expose objects publicly for the URL validity period \u2014 audit presigned URL generation in application code and set maximum validity to the shortest acceptable window. OBS cross-region replication of MLPS 2.0 Level 3 classified data to international regions violates Chinese data sovereignty regulations and carries regulatory penalty risk.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-obs-data-perimeter-governor",
     "version": "0.1.0",
@@ -6637,14 +6911,14 @@
       "kiro",
       "other"
     ],
-    "summary": "Govern Huawei Cloud SWR (Software Repository for Container) — image retention policy, vulnerability scanning via VSS (Vulnerability Scan Service) integration, namespace permission least privilege, cross-region image replication, and supply chain security posture.",
+    "summary": "Govern Huawei Cloud SWR (Software Repository for Container) \u2014 image retention policy, vulnerability scanning via VSS (Vulnerability Scan Service) integration, namespace permission least privilege, cross-region image replication, and supply chain security posture.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/swr/index.html",
       "https://support.huaweicloud.com/intl/en-us/vss/index.html",
       "https://support.huaweicloud.com/intl/en-us/cce/index.html"
     ],
-    "security_notes": "Public SWR namespaces expose images to Huawei Cloud's global network — an attacker can enumerate public namespaces and pull all images without authentication. SWR image signing is not natively supported — use third-party image signing (Notary v2/cosign) for supply chain attestation on sensitive production images.",
+    "security_notes": "Public SWR namespaces expose images to Huawei Cloud's global network \u2014 an attacker can enumerate public namespaces and pull all images without authentication. SWR image signing is not natively supported \u2014 use third-party image signing (Notary v2/cosign) for supply chain attestation on sensitive production images.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-registry-artifact-governor",
     "version": "0.1.0",
@@ -6663,7 +6937,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Huawei Cloud workload HA and BCDR designs — GaussDB High Availability (HA) instance failover, CBR (Cloud Backup and Recovery) cross-region vault, CCE multi-AZ deployment, DRS (Data Replication Service) for DR, RTO/RPO target analysis, and runbook completeness.",
+    "summary": "Review Huawei Cloud workload HA and BCDR designs \u2014 GaussDB High Availability (HA) instance failover, CBR (Cloud Backup and Recovery) cross-region vault, CCE multi-AZ deployment, DRS (Data Replication Service) for DR, RTO/RPO target analysis, and runbook completeness.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/gaussdb_mysql/index.html",
@@ -6672,7 +6946,7 @@
       "https://support.huaweicloud.com/intl/en-us/drs/index.html",
       "https://support.huaweicloud.com/intl/en-us/elb/index.html"
     ],
-    "security_notes": "Huawei Cloud CBR vaults use default encryption — enable KMS CMEK for vaults containing sensitive production data. GaussDB cross-region read replicas involve data leaving the source region — verify this is compliant with MLPS 2.0 Level 3 data residency requirements before enabling.",
+    "security_notes": "Huawei Cloud CBR vaults use default encryption \u2014 enable KMS CMEK for vaults containing sensitive production data. GaussDB cross-region read replicas involve data leaving the source region \u2014 verify this is compliant with MLPS 2.0 Level 3 data residency requirements before enabling.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-resilience-bcdr-review",
     "version": "0.1.0",
@@ -6698,7 +6972,7 @@
       "https://support.huaweicloud.com/intl/en-us/hss/index.html",
       "https://support.huaweicloud.com/intl/en-us/cfw/index.html"
     ],
-    "security_notes": "CFW rule changes affect all instances in scope simultaneously. HSS agent uninstall removes MLPS-required host detection visibility — flag immediately. SecMaster SOAR playbook dry-run required before live execution. WAF bypass via IP whitelist requires documented business justification.",
+    "security_notes": "CFW rule changes affect all instances in scope simultaneously. HSS agent uninstall removes MLPS-required host detection visibility \u2014 flag immediately. SecMaster SOAR playbook dry-run required before live execution. WAF bypass via IP whitelist requires documented business justification.",
     "last_verified": "2026-05-08",
     "path": "skills/huawei/huawei-secmaster-security-operations",
     "author": "github: Raishin",
@@ -6718,14 +6992,14 @@
       "kiro",
       "other"
     ],
-    "summary": "Review FunctionGraph production readiness on Huawei Cloud — VPC access configuration, concurrency limits and reserved instances, cold-start optimization, observability via LTS and AOM, timeout configuration, dependency package size, custom vs managed runtimes, and ServiceStage application lifecycle.",
+    "summary": "Review FunctionGraph production readiness on Huawei Cloud \u2014 VPC access configuration, concurrency limits and reserved instances, cold-start optimization, observability via LTS and AOM, timeout configuration, dependency package size, custom vs managed runtimes, and ServiceStage application lifecycle.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/fg/index.html",
       "https://support.huaweicloud.com/intl/en-us/servicestage/index.html",
       "https://support.huaweicloud.com/intl/en-us/aom/index.html"
     ],
-    "security_notes": "FunctionGraph function environment variables may contain secrets — use DEW (Data Encryption Workshop) or Secret Manager references instead of plaintext values in environment variables. Custom runtimes require the function author to maintain runtime security patch lifecycle — document a patching cadence if custom runtimes are used in production.",
+    "security_notes": "FunctionGraph function environment variables may contain secrets \u2014 use DEW (Data Encryption Workshop) or Secret Manager references instead of plaintext values in environment variables. Custom runtimes require the function author to maintain runtime security patch lifecycle \u2014 document a patching cadence if custom runtimes are used in production.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-serverless-production-readiness",
     "version": "0.1.0",
@@ -6744,7 +7018,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Design Huawei Cloud solutions — product selection, enterprise-project model design, region selection for MLPS/sovereignty requirements, architecture patterns, multi-zone and multi-region HA.",
+    "summary": "Design Huawei Cloud solutions \u2014 product selection, enterprise-project model design, region selection for MLPS/sovereignty requirements, architecture patterns, multi-zone and multi-region HA.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/ecs/index.html",
@@ -6770,14 +7044,14 @@
       "kiro",
       "other"
     ],
-    "summary": "Coordinate Huawei Cloud support incidents — case creation with correct severity (紧急/高/中/低), Premium Support SLA enforcement, Account Manager and TAM escalation path, status page monitoring, internal stakeholder communication, and post-incident evidence packaging.",
+    "summary": "Coordinate Huawei Cloud support incidents \u2014 case creation with correct severity (\u7d27\u6025/\u9ad8/\u4e2d/\u4f4e), Premium Support SLA enforcement, Account Manager and TAM escalation path, status page monitoring, internal stakeholder communication, and post-incident evidence packaging.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/",
       "https://status.huaweicloud.com/",
       "https://support.huaweicloud.com/intl/en-us/usermanual-ticket/topic_0065264094.html"
     ],
-    "security_notes": "Huawei Cloud support case attachments are stored on Huawei Cloud infrastructure — never attach files with customer financial data, health records, or unredacted credentials. Premium Support SLA breach timestamps must be logged with case numbers for contractual credit claims.",
+    "security_notes": "Huawei Cloud support case attachments are stored on Huawei Cloud infrastructure \u2014 never attach files with customer financial data, health records, or unredacted credentials. Premium Support SLA breach timestamps must be logged with case numbers for contractual credit claims.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-support-incident-coordinator",
     "version": "0.1.0",
@@ -6796,7 +7070,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Triage Huawei Cloud operational alerts, incidents, and support tickets — P0/P1/P2/P3 classification, Huawei Cloud Premium Support SLA enforcement, Account Manager escalation, AOM alert routing, war room coordination, evidence collection from CES and LTS, and safe escalation paths.",
+    "summary": "Triage Huawei Cloud operational alerts, incidents, and support tickets \u2014 P0/P1/P2/P3 classification, Huawei Cloud Premium Support SLA enforcement, Account Manager escalation, AOM alert routing, war room coordination, evidence collection from CES and LTS, and safe escalation paths.",
     "source_type": "original",
     "official_docs": [
       "https://support.huaweicloud.com/intl/en-us/",
@@ -6805,7 +7079,7 @@
       "https://support.huaweicloud.com/intl/en-us/ces/index.html",
       "https://support.huaweicloud.com/intl/en-us/lts/index.html"
     ],
-    "security_notes": "Huawei Cloud support ticket attachments are accessible to Huawei support engineers — scrub AK/SK values, account IDs, customer PII, and unredacted log data before sharing. War room communication must use secure channels — avoid sharing incident details in public or uncontrolled messaging platforms.",
+    "security_notes": "Huawei Cloud support ticket attachments are accessible to Huawei support engineers \u2014 scrub AK/SK values, account IDs, customer PII, and unredacted log data before sharing. War room communication must use secure channels \u2014 avoid sharing incident details in public or uncontrolled messaging platforms.",
     "last_verified": "2026-05-09",
     "path": "skills/huawei/huawei-ticket-triage-escalation-coordinator",
     "version": "0.1.0",
@@ -6905,7 +7179,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review influencer campaign audit packs — brief, contract, post descriptions, and disclosure placement specs — for FTC Endorsement Guide violations: undisclosed material connections, inadequate disclosure placement, and brand liability exposure.",
+    "summary": "Review influencer campaign audit packs \u2014 brief, contract, post descriptions, and disclosure placement specs \u2014 for FTC Endorsement Guide violations: undisclosed material connections, inadequate disclosure placement, and brand liability exposure.",
     "source_type": "original",
     "official_docs": [
       "https://www.ftc.gov/legal-library/browse/rules/endorsement-guides",
@@ -6914,7 +7188,7 @@
       "https://www.ftc.gov/legal-library/browse/statutes/federal-trade-commission-act",
       "https://www.ftc.gov/business-guidance/resources/ftcs-endorsement-guides-what-people-are-asking"
     ],
-    "security_notes": "Review works from a structured influencer campaign audit pack only — brief, contract excerpt, post descriptions, and disclosure spec. Never accept raw personal data about creators, unpublished negotiations, or brand financial terms beyond what is needed to assess disclosure adequacy. This is a static compliance review; it does not generate campaign content or creator instructions.",
+    "security_notes": "Review works from a structured influencer campaign audit pack only \u2014 brief, contract excerpt, post descriptions, and disclosure spec. Never accept raw personal data about creators, unpublished negotiations, or brand financial terms beyond what is needed to assess disclosure adequacy. This is a static compliance review; it does not generate campaign content or creator instructions.",
     "last_verified": "2026-05-17",
     "path": "skills/marketing/influencer-disclosure-compliance-review",
     "author": "github: Raishin",
@@ -7049,7 +7323,7 @@
       "https://api.ionos.com/docs/",
       "https://registry.terraform.io/providers/ionos-cloud/ionoscloud/latest/docs"
     ],
-    "security_notes": "Never attempt live IONOS Cloud API mutations from the routing layer. DCD topology changes have infrastructure-wide blast radius — routing must stay read-only and hand off to approval-gated specialists. Do not expose bearer tokens or customer credentials in routing output.",
+    "security_notes": "Never attempt live IONOS Cloud API mutations from the routing layer. DCD topology changes have infrastructure-wide blast radius \u2014 routing must stay read-only and hand off to approval-gated specialists. Do not expose bearer tokens or customer credentials in routing output.",
     "last_verified": "2026-05-10",
     "path": "skills/ionos/ionos-maestro",
     "author": "github: Raishin",
@@ -7106,7 +7380,7 @@
       "https://istio.io/latest/docs/reference/config/security/peer_authentication/",
       "https://istio.io/latest/docs/reference/config/security/authorization-policy/"
     ],
-    "security_notes": "L7 AuthorizationPolicy rules in ambient mode are silently ignored when no waypoint is deployed — ztunnel only enforces L4. PeerAuthentication PERMISSIVE or DISABLE in production breaks mesh zero-trust. Mesh-wide root-namespace PeerAuthentication change has cluster-wide blast radius.",
+    "security_notes": "L7 AuthorizationPolicy rules in ambient mode are silently ignored when no waypoint is deployed \u2014 ztunnel only enforces L4. PeerAuthentication PERMISSIVE or DISABLE in production breaks mesh zero-trust. Mesh-wide root-namespace PeerAuthentication change has cluster-wide blast radius.",
     "last_verified": "2026-05-01",
     "path": "skills/istio/istio-ambient-mesh-review",
     "author": "github: Raishin",
@@ -7135,7 +7409,7 @@
       "https://docs.kubecost.com/using-kubecost/navigating-the-kubecost-ui/savings",
       "https://docs.kubecost.com/apis/apis-overview"
     ],
-    "security_notes": "Kubecost cost allocation API without authentication exposes team-level spend data to any pod in the cluster. Multi-cluster Kubecost aggregation requires cross-cluster network access — review whether the aggregation network path is private or exposed.",
+    "security_notes": "Kubecost cost allocation API without authentication exposes team-level spend data to any pod in the cluster. Multi-cluster Kubecost aggregation requires cross-cluster network access \u2014 review whether the aggregation network path is private or exposed.",
     "last_verified": "2026-05-02",
     "path": "skills/kubernetes/kubecost-chargeback-allocation-review",
     "version": "0.1.0",
@@ -7221,7 +7495,7 @@
       "https://kubernetes.io/docs/reference/kubectl/generated/kubectl_auth/",
       "https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/"
     ],
-    "security_notes": "Capture current RBAC state before every mutation — no built-in rollback. Block escalate, bind, and impersonate verbs without platform-team approval. Never approve wildcard grants. Cached tokens remain valid after binding deletion until expiry.",
+    "security_notes": "Capture current RBAC state before every mutation \u2014 no built-in rollback. Block escalate, bind, and impersonate verbs without platform-team approval. Never approve wildcard grants. Cached tokens remain valid after binding deletion until expiry.",
     "last_verified": "2026-05-01",
     "path": "skills/kubernetes/kubernetes-live-rbac-mutation-guard",
     "author": "github: Raishin",
@@ -7268,7 +7542,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review raw Kubernetes YAML manifests for security, quality, and policy defects — deprecated APIs, missing securityContext, absent resource limits, missing health probes, RBAC over-permission, plaintext secrets, and network exposure — statically, without applying manifests or contacting a cluster.",
+    "summary": "Review raw Kubernetes YAML manifests for security, quality, and policy defects \u2014 deprecated APIs, missing securityContext, absent resource limits, missing health probes, RBAC over-permission, plaintext secrets, and network exposure \u2014 statically, without applying manifests or contacting a cluster.",
     "source_type": "original",
     "official_docs": [
       "https://kubernetes.io/docs/concepts/security/pod-security-standards/",
@@ -7279,7 +7553,7 @@
       "https://github.com/yannh/kubeconform",
       "https://github.com/zegl/kube-score"
     ],
-    "security_notes": "Static review only — reads manifest YAML files, never applies manifests to a cluster, never connects to the Kubernetes API, and never requests kubeconfig, service account tokens, or cloud credentials. Do not accept manifests containing real secret values or connection strings decoded from base64; ask for sanitized versions with placeholder values.",
+    "security_notes": "Static review only \u2014 reads manifest YAML files, never applies manifests to a cluster, never connects to the Kubernetes API, and never requests kubeconfig, service account tokens, or cloud credentials. Do not accept manifests containing real secret values or connection strings decoded from base64; ask for sanitized versions with placeholder values.",
     "last_verified": "2026-05-17",
     "path": "skills/qa/kubernetes-manifest-quality-review",
     "author": "github: Raishin",
@@ -7298,7 +7572,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Kubernetes cluster network architecture: CNI and dataplane selection, kube-proxy mode and replacement, IPAM and CIDR sizing, MTU and encapsulation, dual-stack and IPv6, Service surface (EndpointSlices, internalTrafficPolicy, externalTrafficPolicy, topology-aware routing), Ingress to Gateway API migration, CoreDNS and NodeLocal DNSCache, multi-cluster topology, and connectivity observability and troubleshooting. Excludes NetworkPolicy content review and live mutations — those are delegated to cilium-network-policy-review and the live-guard agents.",
+    "summary": "Review Kubernetes cluster network architecture: CNI and dataplane selection, kube-proxy mode and replacement, IPAM and CIDR sizing, MTU and encapsulation, dual-stack and IPv6, Service surface (EndpointSlices, internalTrafficPolicy, externalTrafficPolicy, topology-aware routing), Ingress to Gateway API migration, CoreDNS and NodeLocal DNSCache, multi-cluster topology, and connectivity observability and troubleshooting. Excludes NetworkPolicy content review and live mutations \u2014 those are delegated to cilium-network-policy-review and the live-guard agents.",
     "source_type": "original",
     "official_docs": [
       "https://kubernetes.io/docs/concepts/services-networking/",
@@ -7313,7 +7587,7 @@
       "https://docs.cilium.io/en/stable/network/kube-proxy-replacement/",
       "https://coredns.io/plugins/kubernetes/"
     ],
-    "security_notes": "CNI and Pod CIDR are one-way architectural choices on most stacks — resizing requires cluster rebuild. kube-proxy mode swap can break in-flight connections. MTU mismatch between underlay and overlay is a silent payload-stall failure. externalTrafficPolicy: Local preserves source IP but black-holes traffic when no local endpoint exists. NodeLocal DNSCache OOM produces a node-wide DNS outage via stale packet-filter redirect. Multi-cluster pod CIDR collisions break any cross-cluster scheme regardless of policy correctness. ndots:5 plus search path is the dominant cluster DNS load on most installations.",
+    "security_notes": "CNI and Pod CIDR are one-way architectural choices on most stacks \u2014 resizing requires cluster rebuild. kube-proxy mode swap can break in-flight connections. MTU mismatch between underlay and overlay is a silent payload-stall failure. externalTrafficPolicy: Local preserves source IP but black-holes traffic when no local endpoint exists. NodeLocal DNSCache OOM produces a node-wide DNS outage via stale packet-filter redirect. Multi-cluster pod CIDR collisions break any cross-cluster scheme regardless of policy correctness. ndots:5 plus search path is the dominant cluster DNS load on most installations.",
     "last_verified": "2026-05-07",
     "path": "skills/kubernetes/kubernetes-network-architecture-review",
     "author": "github: Raishin",
@@ -7466,7 +7740,7 @@
     "id": "legal-counsel-review",
     "name": "Legal Counsel Review",
     "type": "skill",
-    "provider": "generic",
+    "provider": "legal",
     "harnesses": [
       "codex",
       "claude-code",
@@ -7475,7 +7749,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Adversarial legal-risk review discipline for contracts, privacy, regulatory, litigation, compliance, and policy-exception questions — surfaces risks, evidence gaps, decision options, and escalation paths for qualified counsel. Does not give legal advice.",
+    "summary": "Adversarial legal-risk review discipline for contracts, privacy, regulatory, litigation, compliance, and policy-exception questions \u2014 surfaces risks, evidence gaps, decision options, and escalation paths for qualified counsel. Does not give legal advice.",
     "source_type": "original",
     "official_docs": [
       "https://eur-lex.europa.eu/eli/reg/2016/679/oj",
@@ -7485,7 +7759,7 @@
       "https://www.oaic.gov.au/privacy/the-privacy-act",
       "https://www.law.cornell.edu/wex"
     ],
-    "security_notes": "Static review only — works from sanitized excerpts; never requests secrets, credentials, personal data, employee medical detail, or trade secrets. Does not issue binding legal conclusions; flags privileged material and recommends escalation to qualified counsel.",
+    "security_notes": "Static review only \u2014 works from sanitized excerpts; never requests secrets, credentials, personal data, employee medical detail, or trade secrets. Does not issue binding legal conclusions; flags privileged material and recommends escalation to qualified counsel.",
     "last_verified": "2026-05-18",
     "path": "skills/legal/legal-counsel-review",
     "author": "github: Raishin",
@@ -7504,7 +7778,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Shared, auditable handoff contract for Legal and HR agents — a redacted case capsule carrying facts, uncertainty, evidence quality, risk labels, privilege and privacy posture, a named decision owner, and an explicit do-not-do list. Does not give legal or HR advice.",
+    "summary": "Shared, auditable handoff contract for Legal and HR agents \u2014 a redacted case capsule carrying facts, uncertainty, evidence quality, risk labels, privilege and privacy posture, a named decision owner, and an explicit do-not-do list. Does not give legal or HR advice.",
     "source_type": "original",
     "official_docs": [
       "https://www.nist.gov/privacy-framework",
@@ -7530,7 +7804,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Shared risk vocabulary for the Legal and HR agent ecosystem — severity ratings, privilege and privacy sensitivity labels, matter-type classes, escalation-gate triggers, and the audit-log schema. Does not give legal or HR advice and never concludes a matter is safe or compliant.",
+    "summary": "Shared risk vocabulary for the Legal and HR agent ecosystem \u2014 severity ratings, privilege and privacy sensitivity labels, matter-type classes, escalation-gate triggers, and the audit-log schema. Does not give legal or HR advice and never concludes a matter is safe or compliant.",
     "source_type": "original",
     "official_docs": [
       "https://www.nist.gov/privacy-framework",
@@ -7556,7 +7830,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Classification and routing discipline for Legal and HR matters — routing rules, the cross-domain overlap handoff matrix, controlled-handoff communication principles, and the Legal-HR conflict-resolution protocol. Does not give legal or HR advice and never makes a binding routing decision.",
+    "summary": "Classification and routing discipline for Legal and HR matters \u2014 routing rules, the cross-domain overlap handoff matrix, controlled-handoff communication principles, and the Legal-HR conflict-resolution protocol. Does not give legal or HR advice and never makes a binding routing decision.",
     "source_type": "original",
     "official_docs": [
       "https://www.nist.gov/privacy-framework",
@@ -7582,7 +7856,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review an LLM or AI pipeline's evaluation setup for test-quality defects — missing hallucination, relevancy, faithfulness, bias, toxicity, and tool-correctness metrics; absent golden datasets; unthresholded or single-shot evals; and no regression gate across model versions. Static review only.",
+    "summary": "Review an LLM or AI pipeline's evaluation setup for test-quality defects \u2014 missing hallucination, relevancy, faithfulness, bias, toxicity, and tool-correctness metrics; absent golden datasets; unthresholded or single-shot evals; and no regression gate across model versions. Static review only.",
     "source_type": "original",
     "official_docs": [
       "https://docs.confident-ai.com/",
@@ -7593,7 +7867,7 @@
       "https://docs.confident-ai.com/docs/metrics-tool-correctness",
       "https://www.istqb.org/certifications/certified-tester-foundation-level"
     ],
-    "security_notes": "Static review only — reads eval configuration and test source; never calls LLM APIs, never runs evaluations, never requests model API keys or inference endpoints. Do not accept eval fixtures containing real user PII, private prompt chains, or model weights; ask for sanitized configurations.",
+    "security_notes": "Static review only \u2014 reads eval configuration and test source; never calls LLM APIs, never runs evaluations, never requests model API keys or inference endpoints. Do not accept eval fixtures containing real user PII, private prompt chains, or model weights; ask for sanitized configurations.",
     "last_verified": "2026-05-17",
     "path": "skills/qa/llm-ai-pipeline-test-review",
     "version": "0.1.0",
@@ -7612,7 +7886,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review custom-audience and lookalike-audience upload specifications for hashing adequacy, PII field scope, consent-basis validity, and platform data-sharing restrictions before upload to Meta, Google, LinkedIn, or TikTok — catching underhashed identifiers, consent-scope mismatches, and re-identification surfaces.",
+    "summary": "Review custom-audience and lookalike-audience upload specifications for hashing adequacy, PII field scope, consent-basis validity, and platform data-sharing restrictions before upload to Meta, Google, LinkedIn, or TikTok \u2014 catching underhashed identifiers, consent-scope mismatches, and re-identification surfaces.",
     "source_type": "original",
     "official_docs": [
       "https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679",
@@ -7640,7 +7914,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review marketing consent and data-collection posture — CMP banner config, tag-manager containers, Consent Mode wiring, and cookie policy — for GDPR/ePrivacy/CCPA correctness, dark patterns, and undisclosed trackers.",
+    "summary": "Review marketing consent and data-collection posture \u2014 CMP banner config, tag-manager containers, Consent Mode wiring, and cookie policy \u2014 for GDPR/ePrivacy/CCPA correctness, dark patterns, and undisclosed trackers.",
     "source_type": "original",
     "official_docs": [
       "https://eur-lex.europa.eu/eli/reg/2016/679/oj",
@@ -7668,7 +7942,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review marketing conversion flow specifications — subscription sign-up, upsell interstitial, free-trial enrollment, and cancellation path — for dark-pattern practices that invalidate consent or constitute unfair or deceptive acts under FTC Section 5, the FTC Negative Option Rule, CPRA, and EU AI Act Article 5(1)(b).",
+    "summary": "Review marketing conversion flow specifications \u2014 subscription sign-up, upsell interstitial, free-trial enrollment, and cancellation path \u2014 for dark-pattern practices that invalidate consent or constitute unfair or deceptive acts under FTC Section 5, the FTC Negative Option Rule, CPRA, and EU AI Act Article 5(1)(b).",
     "source_type": "original",
     "official_docs": [
       "https://www.ftc.gov/legal-library/browse/rules/negative-option-rule",
@@ -7677,7 +7951,7 @@
       "https://oag.ca.gov/privacy/ccpa",
       "https://eur-lex.europa.eu/eli/reg/2024/1689/oj/eng"
     ],
-    "security_notes": "Read-only static review of sanitized UX flow specifications and annotated wireframes only. Never request real payment credentials, live user-session data, or production A/B-test results. Findings may indicate violations of FTC rules carrying civil penalties — route remediation and enforcement-risk assessment to qualified legal counsel before acting on findings.",
+    "security_notes": "Read-only static review of sanitized UX flow specifications and annotated wireframes only. Never request real payment credentials, live user-session data, or production A/B-test results. Findings may indicate violations of FTC rules carrying civil penalties \u2014 route remediation and enforcement-risk assessment to qualified legal counsel before acting on findings.",
     "last_verified": "2026-05-17",
     "path": "skills/marketing/marketing-conversion-flow-dark-pattern-review",
     "author": "github: Raishin",
@@ -7706,7 +7980,7 @@
       "https://oag.ca.gov/privacy/ccpa",
       "https://www.canada.ca/en/radio-television-telecommunications/news/2014/07/compliance-and-enforcement-information-bulletin-crtc-2014-326.html"
     ],
-    "security_notes": "Review works from sanitized CRM/ESP exports only — placeholder values for email addresses, subscriber IDs, and timestamps. Never accept real subscriber PII, live CRM credentials, or ESP API keys. Findings of missing consent records or absent suppression-list sync may constitute an ongoing GDPR or CASL violation requiring legal escalation.",
+    "security_notes": "Review works from sanitized CRM/ESP exports only \u2014 placeholder values for email addresses, subscriber IDs, and timestamps. Never accept real subscriber PII, live CRM credentials, or ESP API keys. Findings of missing consent records or absent suppression-list sync may constitute an ongoing GDPR or CASL violation requiring legal escalation.",
     "last_verified": "2026-05-17",
     "path": "skills/marketing/marketing-email-list-retention-review",
     "author": "github: Raishin",
@@ -7735,7 +8009,7 @@
       "https://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=202520260AB566",
       "https://oag.ca.gov/privacy/ccpa"
     ],
-    "security_notes": "GPC honoring reviews work from sanitized tag-manager container exports and CMP configuration exports only. Never request live CMP consent logs, visitor opt-out records, or ad-platform credentials. Findings of non-compliance may constitute evidence in an enforcement proceeding — route legal determinations to qualified privacy counsel, not to this skill.",
+    "security_notes": "GPC honoring reviews work from sanitized tag-manager container exports and CMP configuration exports only. Never request live CMP consent logs, visitor opt-out records, or ad-platform credentials. Findings of non-compliance may constitute evidence in an enforcement proceeding \u2014 route legal determinations to qualified privacy counsel, not to this skill.",
     "last_verified": "2026-05-17",
     "path": "skills/marketing/marketing-gpc-signal-honoring-review",
     "author": "github: Raishin",
@@ -7781,7 +8055,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review advertising pixels and conversion event tracking for personal-data leakage to ad networks — PII in payloads, form-field auto-capture, pixels on sensitive pages, and unhashed identifier transmission.",
+    "summary": "Review advertising pixels and conversion event tracking for personal-data leakage to ad networks \u2014 PII in payloads, form-field auto-capture, pixels on sensitive pages, and unhashed identifier transmission.",
     "source_type": "original",
     "official_docs": [
       "https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/hipaa-online-tracking/index.html",
@@ -7790,7 +8064,7 @@
       "https://support.google.com/google-ads/answer/9888656",
       "https://owasp.org/www-project-top-ten/"
     ],
-    "security_notes": "Advertising pixels that capture email, phone, health, or financial data transmit personal data to third-party ad networks with no contract, no consent scope, and no breach visibility — a pattern behind major HIPAA settlements, FTC Health Breach Notification Rule actions, and wiretap class actions. Review works from sanitized payloads and container exports only; never request real visitor data or ad-platform credentials.",
+    "security_notes": "Advertising pixels that capture email, phone, health, or financial data transmit personal data to third-party ad networks with no contract, no consent scope, and no breach visibility \u2014 a pattern behind major HIPAA settlements, FTC Health Breach Notification Rule actions, and wiretap class actions. Review works from sanitized payloads and container exports only; never request real visitor data or ad-platform credentials.",
     "last_verified": "2026-05-17",
     "path": "skills/marketing/marketing-pixel-data-leakage-review",
     "author": "github: Raishin",
@@ -7809,7 +8083,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review access governance across a marketing technology stack — OAuth connected apps, API keys, CRM and marketing-automation roles, and integration scopes — for least-privilege violations, shared and stale credentials, and missing ownership.",
+    "summary": "Review access governance across a marketing technology stack \u2014 OAuth connected apps, API keys, CRM and marketing-automation roles, and integration scopes \u2014 for least-privilege violations, shared and stale credentials, and missing ownership.",
     "source_type": "original",
     "official_docs": [
       "https://datatracker.ietf.org/doc/html/rfc6749",
@@ -7837,7 +8111,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Review agentic-AI platforms built on the NVIDIA stack per NCP-AAI — NeMo Agent Toolkit, NIM-as-tool, retrieval pipelines, tool-use safety, agent memory boundaries, and audit logging.",
+    "summary": "Review agentic-AI platforms built on the NVIDIA stack per NCP-AAI \u2014 NeMo Agent Toolkit, NIM-as-tool, retrieval pipelines, tool-use safety, agent memory boundaries, and audit logging.",
     "source_type": "original",
     "official_docs": [
       "https://www.nvidia.com/en-us/learn/certification/",
@@ -7867,7 +8141,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Review NVIDIA GPU infrastructure (DGX/HGX/MGX) against NVIDIA reference architectures, the AI Enterprise support matrix, and the NCA-AIIO and NCP-AII certification bodies of knowledge — driver/firmware/CUDA alignment, BMC segmentation, ECC, persistence, and MIG posture.",
+    "summary": "Review NVIDIA GPU infrastructure (DGX/HGX/MGX) against NVIDIA reference architectures, the AI Enterprise support matrix, and the NCA-AIIO and NCP-AII certification bodies of knowledge \u2014 driver/firmware/CUDA alignment, BMC segmentation, ECC, persistence, and MIG posture.",
     "source_type": "original",
     "official_docs": [
       "https://www.nvidia.com/en-us/learn/certification/",
@@ -7897,7 +8171,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Review NVIDIA AI fabric posture per NCP-AIN — Spectrum-X / InfiniBand topology, NCCL collective tuning, RoCEv2 lossless config, congestion control, and east-west isolation between training jobs.",
+    "summary": "Review NVIDIA AI fabric posture per NCP-AIN \u2014 Spectrum-X / InfiniBand topology, NCCL collective tuning, RoCEv2 lossless config, congestion control, and east-west isolation between training jobs.",
     "source_type": "original",
     "official_docs": [
       "https://www.nvidia.com/en-us/learn/certification/",
@@ -7927,7 +8201,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Review day-2 operational posture of NVIDIA GPU fleets per NCP-AIO — DCGM exporter coverage, MIG lifecycle, Xid signature to runbook mapping, and gated driver/firmware upgrade discipline.",
+    "summary": "Review day-2 operational posture of NVIDIA GPU fleets per NCP-AIO \u2014 DCGM exporter coverage, MIG lifecycle, Xid signature to runbook mapping, and gated driver/firmware upgrade discipline.",
     "source_type": "original",
     "official_docs": [
       "https://www.nvidia.com/en-us/learn/certification/",
@@ -7957,7 +8231,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Doc-anchored static review of CUDA C/C++ kernel sources against the NVIDIA CUDA C++ Programming Guide, CUDA Best Practices Guide, and Nsight Compute documentation — memory coalescing, shared-memory bank conflicts, occupancy, register pressure, stream concurrency, kernel launch parameters.",
+    "summary": "Doc-anchored static review of CUDA C/C++ kernel sources against the NVIDIA CUDA C++ Programming Guide, CUDA Best Practices Guide, and Nsight Compute documentation \u2014 memory coalescing, shared-memory bank conflicts, occupancy, register pressure, stream concurrency, kernel launch parameters.",
     "source_type": "original",
     "official_docs": [
       "https://docs.nvidia.com/cuda/cuda-c-programming-guide/",
@@ -7966,7 +8240,7 @@
       "https://docs.nvidia.com/nsight-systems/",
       "https://docs.nvidia.com/cuda/profiler-users-guide/"
     ],
-    "security_notes": "Static review only — the skill never executes nvcc, nsight-compute, or nsight-systems. It outputs the recommended invocation as text for the user to run on their own GPU host. Treat CUDA samples that disable bounds checking, copy host pointers across context boundaries, or use `cudaMallocManaged` without prefetch hints as findings rather than as patterns to imitate.",
+    "security_notes": "Static review only \u2014 the skill never executes nvcc, nsight-compute, or nsight-systems. It outputs the recommended invocation as text for the user to run on their own GPU host. Treat CUDA samples that disable bounds checking, copy host pointers across context boundaries, or use `cudaMallocManaged` without prefetch hints as findings rather than as patterns to imitate.",
     "last_verified": "2026-05-10",
     "path": "skills/nvidia/nvidia-cuda-kernel-performance-review/",
     "category": "platform",
@@ -7987,7 +8261,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Review NVIDIA generative-AI platforms per NCA-GENL / NCA-GENM / NCP-GENL — NeMo training and customization, NIM inference microservices, model card and weights provenance, evaluation harness, and guardrails posture.",
+    "summary": "Review NVIDIA generative-AI platforms per NCA-GENL / NCA-GENM / NCP-GENL \u2014 NeMo training and customization, NIM inference microservices, model card and weights provenance, evaluation harness, and guardrails posture.",
     "source_type": "original",
     "official_docs": [
       "https://www.nvidia.com/en-us/learn/certification/",
@@ -8017,7 +8291,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Review NVIDIA GPU Operator on Kubernetes — device plugin, MIG manager, node feature discovery, time-sliced GPUs, container toolkit, securityContext posture, and namespace tenancy boundaries.",
+    "summary": "Review NVIDIA GPU Operator on Kubernetes \u2014 device plugin, MIG manager, node feature discovery, time-sliced GPUs, container toolkit, securityContext posture, and namespace tenancy boundaries.",
     "source_type": "original",
     "official_docs": [
       "https://www.nvidia.com/en-us/learn/certification/",
@@ -8082,7 +8356,7 @@
       "https://oras.land/docs/category/oras-commands",
       "https://github.com/anchore/grype"
     ],
-    "security_notes": "Live-execution skill. Allowlist locks every Bash invocation to nvcr.io/* targets and to a fixed argv shape (no shell metacharacters). Egress restricted to nvcr.io and Sigstore endpoints (rekor, fulcio, tuf). Reads $NGC_API_KEY from environment but never echoes it. Default mode is static (no egress); runtime mode is per-session opt-in. Rekor unreachable degrades to manual-review rather than auto-pass to prevent quiet bypass in air-gapped environments. Read-only — no docker pull, no kubectl, no registry write.",
+    "security_notes": "Live-execution skill. Allowlist locks every Bash invocation to nvcr.io/* targets and to a fixed argv shape (no shell metacharacters). Egress restricted to nvcr.io and Sigstore endpoints (rekor, fulcio, tuf). Reads $NGC_API_KEY from environment but never echoes it. Default mode is static (no egress); runtime mode is per-session opt-in. Rekor unreachable degrades to manual-review rather than auto-pass to prevent quiet bypass in air-gapped environments. Read-only \u2014 no docker pull, no kubectl, no registry write.",
     "last_verified": "2026-05-11",
     "path": "skills/nvidia/nvidia-model-promotion-gatekeeper/",
     "category": "security",
@@ -8105,7 +8379,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Review NGC and NIM supply chain posture — NGC org/team boundaries, API key scope and rotation, NIM container cosign verification, model card and weights provenance, AI Enterprise license posture, and air-gap mirror integrity.",
+    "summary": "Review NGC and NIM supply chain posture \u2014 NGC org/team boundaries, API key scope and rotation, NIM container cosign verification, model card and weights provenance, AI Enterprise license posture, and air-gap mirror integrity.",
     "source_type": "original",
     "official_docs": [
       "https://www.nvidia.com/en-us/learn/certification/",
@@ -8135,7 +8409,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Doc-anchored static review of TensorRT and TensorRT-LLM deployment pipelines against the NVIDIA TensorRT Developer Guide and TensorRT-LLM documentation — ONNX/PyTorch export, precision selection, calibration integrity, dynamic shapes, plugin trust boundaries, engine cache provenance.",
+    "summary": "Doc-anchored static review of TensorRT and TensorRT-LLM deployment pipelines against the NVIDIA TensorRT Developer Guide and TensorRT-LLM documentation \u2014 ONNX/PyTorch export, precision selection, calibration integrity, dynamic shapes, plugin trust boundaries, engine cache provenance.",
     "source_type": "original",
     "official_docs": [
       "https://docs.nvidia.com/deeplearning/tensorrt/developer-guide/",
@@ -8144,7 +8418,7 @@
       "https://docs.nvidia.com/deeplearning/tensorrt-llm/",
       "https://docs.nvidia.com/deeplearning/tensorrt/api/"
     ],
-    "security_notes": "TensorRT custom plugins load arbitrary native code into the inference process; any plugin pulled from a non-vetted source is an RCE primitive. Serialized TensorRT engines (`.engine`, `.plan`) are not signed by default — silent substitution of an engine yields silent model substitution. INT8 calibration data is unredacted production traffic by definition and is a confidentiality risk if it leaks. The skill never executes `trtexec`, `polygraphy`, or `tensorrt_llm/build.py` — it outputs the recommended invocation as text.",
+    "security_notes": "TensorRT custom plugins load arbitrary native code into the inference process; any plugin pulled from a non-vetted source is an RCE primitive. Serialized TensorRT engines (`.engine`, `.plan`) are not signed by default \u2014 silent substitution of an engine yields silent model substitution. INT8 calibration data is unredacted production traffic by definition and is a confidentiality risk if it leaks. The skill never executes `trtexec`, `polygraphy`, or `tensorrt_llm/build.py` \u2014 it outputs the recommended invocation as text.",
     "last_verified": "2026-05-10",
     "path": "skills/nvidia/nvidia-tensorrt-llm-deployment-review/",
     "category": "platform",
@@ -8165,7 +8439,7 @@
       "gemini",
       "kiro"
     ],
-    "summary": "Doc-anchored static review of Triton Inference Server deployments against the NVIDIA Triton Inference Server documentation — model repository layout, dynamic batching, ensemble pipelines, custom backend trust, gRPC/HTTP auth, response cache, rate-limit and metrics endpoints.",
+    "summary": "Doc-anchored static review of Triton Inference Server deployments against the NVIDIA Triton Inference Server documentation \u2014 model repository layout, dynamic batching, ensemble pipelines, custom backend trust, gRPC/HTTP auth, response cache, rate-limit and metrics endpoints.",
     "source_type": "original",
     "official_docs": [
       "https://docs.nvidia.com/deeplearning/triton-inference-server/user-guide/docs/",
@@ -8174,7 +8448,7 @@
       "https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/inference_protocols.md",
       "https://github.com/triton-inference-server/server/blob/main/docs/user_guide/architecture.md"
     ],
-    "security_notes": "Triton custom Python and C++ backends execute arbitrary code in the server process — any backend pulled from a non-vetted source is an RCE primitive. Default gRPC and HTTP endpoints are anonymous; auth is the operator's responsibility via reverse-proxy or `--grpc-restricted-protocol`. Model files in `model_repository/` are unsigned at rest. The response cache, when enabled, can be poisoned across tenants if requests are not partitioned. The skill never starts `tritonserver` or sends inference requests — it outputs `tritonserver` and `perf_analyzer` invocations as text.",
+    "security_notes": "Triton custom Python and C++ backends execute arbitrary code in the server process \u2014 any backend pulled from a non-vetted source is an RCE primitive. Default gRPC and HTTP endpoints are anonymous; auth is the operator's responsibility via reverse-proxy or `--grpc-restricted-protocol`. Model files in `model_repository/` are unsigned at rest. The response cache, when enabled, can be poisoned across tenants if requests are not partitioned. The skill never starts `tritonserver` or sends inference requests \u2014 it outputs `tritonserver` and `perf_analyzer` invocations as text.",
     "last_verified": "2026-05-10",
     "path": "skills/nvidia/nvidia-triton-inference-serving-review/",
     "category": "platform",
@@ -8230,7 +8504,7 @@
       "https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengusingworkloadidentity.htm",
       "https://github.com/oracle/oci-native-ingress-controller"
     ],
-    "security_notes": "Instance Principal auth for cert-manager on OKE means ANY pod on the node can call the OCI Certificates API using the instance metadata endpoint — not just cert-manager. Use OKE Workload Identity to scope cert-issuance permissions to the cert-manager ServiceAccount only. IAM policy with 'manage certificate-authorities' grants delete and update CA permissions, which is excessive for cert-manager.",
+    "security_notes": "Instance Principal auth for cert-manager on OKE means ANY pod on the node can call the OCI Certificates API using the instance metadata endpoint \u2014 not just cert-manager. Use OKE Workload Identity to scope cert-issuance permissions to the cert-manager ServiceAccount only. IAM policy with 'manage certificate-authorities' grants delete and update CA permissions, which is excessive for cert-manager.",
     "last_verified": "2026-05-02",
     "path": "skills/oci/oci-certificates-issuer-review",
     "version": "0.1.0",
@@ -8602,7 +8876,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Guard Autonomous Database lifecycle changes — scale, start, stop, clone, terminate — with protection-tag enforcement, backup verification, and connection-string impact analysis before any mutation.",
+    "summary": "Guard Autonomous Database lifecycle changes \u2014 scale, start, stop, clone, terminate \u2014 with protection-tag enforcement, backup verification, and connection-string impact analysis before any mutation.",
     "source_type": "original",
     "official_docs": [
       "https://docs.oracle.com/en-us/iaas/Content/Database/Tasks/adbscaling.htm",
@@ -8610,7 +8884,7 @@
       "https://docs.oracle.com/en-us/iaas/Content/Database/Tasks/adbcloning.htm",
       "https://docs.oracle.com/en-us/iaas/Content/Database/Tasks/adbbackingup.htm"
     ],
-    "security_notes": "ADB termination is permanent — the database and all backups are deleted. Always verify protection tags before any terminate operation. ADB storage scale-up cannot be reversed. Termination blocked by defined-tag protection requires explicit tag removal approval.",
+    "security_notes": "ADB termination is permanent \u2014 the database and all backups are deleted. Always verify protection tags before any terminate operation. ADB storage scale-up cannot be reversed. Termination blocked by defined-tag protection requires explicit tag removal approval.",
     "last_verified": "2026-04-30",
     "path": "skills/oci/oci-live-autonomous-db-lifecycle-guard",
     "author": "github: Raishin",
@@ -8637,7 +8911,7 @@
       "https://docs.oracle.com/en-us/iaas/Content/Tagging/Tasks/managingtagsandtagnamespaces.htm",
       "https://docs.oracle.com/en-us/iaas/Content/General/Concepts/resourcequotas.htm"
     ],
-    "security_notes": "GPU/HPC shapes (BM.GPU4.8, A100, BM.HPC2.36) can generate six-figure monthly costs when left running. Never approve quota increases or budget threshold raises without explicit financial-authority approval. Emergency stop requires Compute operator rights — escalate if not held.",
+    "security_notes": "GPU/HPC shapes (BM.GPU4.8, A100, BM.HPC2.36) can generate six-figure monthly costs when left running. Never approve quota increases or budget threshold raises without explicit financial-authority approval. Emergency stop requires Compute operator rights \u2014 escalate if not held.",
     "last_verified": "2026-04-30",
     "path": "skills/oci/oci-live-cost-budget-runaway-guard",
     "author": "github: Raishin",
@@ -8692,7 +8966,7 @@
       "https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/update-securitylist.htm",
       "https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/path_analyzer.htm"
     ],
-    "security_notes": "oci network security-list update is a full replace — always capture complete current rules before writing. Never approve 0.0.0.0/0 ingress on database subnets. Enable VCN Flow Logs before any rule change. Prefer NSGs over Security Lists for database VNICs.",
+    "security_notes": "oci network security-list update is a full replace \u2014 always capture complete current rules before writing. Never approve 0.0.0.0/0 ingress on database subnets. Enable VCN Flow Logs before any rule change. Prefer NSGs over Security Lists for database VNICs.",
     "last_verified": "2026-05-01",
     "path": "skills/oci/oci-live-network-security-rule-guard",
     "author": "github: Raishin",
@@ -8719,7 +8993,7 @@
       "https://docs.oracle.com/en-us/iaas/Content/devops/using/canaryoke_deploy.htm",
       "https://docs.oracle.com/en-us/iaas/Content/ContEng/Concepts/contengoverview.htm"
     ],
-    "security_notes": "Never advance an OKE rollout past an approval stage without rollout status and PDB health evidence. kubectl rollout undo is irreversible in the sense that the prior version may not be identical to the deployed artifact — confirm target revision before undo.",
+    "security_notes": "Never advance an OKE rollout past an approval stage without rollout status and PDB health evidence. kubectl rollout undo is irreversible in the sense that the prior version may not be identical to the deployed artifact \u2014 confirm target revision before undo.",
     "last_verified": "2026-04-30",
     "path": "skills/oci/oci-live-oke-rollout-guard",
     "author": "github: Raishin",
@@ -9389,7 +9663,7 @@
       "https://api.ovh.com/console/",
       "https://registry.terraform.io/providers/ovh/ovh/latest/docs"
     ],
-    "security_notes": "Routing layer must stay read-only; never attempt live OVHcloud API mutations from the classification layer — hand off to approval-gated specialists.",
+    "security_notes": "Routing layer must stay read-only; never attempt live OVHcloud API mutations from the classification layer \u2014 hand off to approval-gated specialists.",
     "last_verified": "2026-05-10",
     "path": "skills/ovhcloud/ovhcloud-maestro",
     "version": "0.1.0",
@@ -9430,7 +9704,7 @@
       "claude-code",
       "cursor"
     ],
-    "summary": "Execute an existing Playwright E2E suite against an operator-confirmed non-production target and emit a structured run attestation — pass/fail/flaky counts, slowest tests, and trace artifact locations. Live-execution counterpart to playwright-e2e-suite-review.",
+    "summary": "Execute an existing Playwright E2E suite against an operator-confirmed non-production target and emit a structured run attestation \u2014 pass/fail/flaky counts, slowest tests, and trace artifact locations. Live-execution counterpart to playwright-e2e-suite-review.",
     "source_type": "original",
     "official_docs": [
       "https://playwright.dev/docs/test-cli",
@@ -9439,7 +9713,7 @@
       "https://playwright.dev/docs/trace-viewer",
       "https://playwright.dev/docs/ci"
     ],
-    "security_notes": "Live-execution skill, read-only-runtime tier. Default mode is static and runs nothing; runtime execution is a per-session opt-in requiring explicit operator confirmation of a non-production target. The Bash allowlist locks invocations to `npx playwright test`, `npx playwright install`, and `npx playwright show-report` — no deploy, migration, seed, or registry commands. Refuses production targets. Never accepts or echoes credentials, tokens, or storageState; test credentials come from the operator-controlled environment. Egress limited to the operator-confirmed target host and the Playwright browser CDN; blocked CDN egress degrades to manual-review rather than a false fail.",
+    "security_notes": "Live-execution skill, read-only-runtime tier. Default mode is static and runs nothing; runtime execution is a per-session opt-in requiring explicit operator confirmation of a non-production target. The Bash allowlist locks invocations to `npx playwright test`, `npx playwright install`, and `npx playwright show-report` \u2014 no deploy, migration, seed, or registry commands. Refuses production targets. Never accepts or echoes credentials, tokens, or storageState; test credentials come from the operator-controlled environment. Egress limited to the operator-confirmed target host and the Playwright browser CDN; blocked CDN egress degrades to manual-review rather than a false fail.",
     "last_verified": "2026-05-17",
     "path": "skills/qa/playwright-e2e-execution-run",
     "category": "delivery",
@@ -9461,7 +9735,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review a Playwright end-to-end test suite for flakiness, selector brittleness, test isolation defects, retry masking, and CI reliability — statically, without executing the suite.",
+    "summary": "Review a Playwright end-to-end test suite for flakiness, selector brittleness, test isolation defects, retry masking, and CI reliability \u2014 statically, without executing the suite.",
     "source_type": "original",
     "official_docs": [
       "https://playwright.dev/docs/best-practices",
@@ -9472,7 +9746,7 @@
       "https://playwright.dev/docs/test-sharding",
       "https://playwright.dev/docs/trace-viewer"
     ],
-    "security_notes": "Static review only — reads test specs and config, never executes the suite, launches browsers, or contacts a target application. Never request or accept live application URLs with embedded credentials, auth tokens, real storageState files, or .env secrets; ask for sanitized snippets.",
+    "security_notes": "Static review only \u2014 reads test specs and config, never executes the suite, launches browsers, or contacts a target application. Never request or accept live application URLs with embedded credentials, auth tokens, real storageState files, or .env secrets; ask for sanitized snippets.",
     "last_verified": "2026-05-17",
     "path": "skills/qa/playwright-e2e-suite-review",
     "author": "github: Raishin",
@@ -9491,7 +9765,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Statically review exported IEC 61131-3 PLC program logic (LD, ST, FBD, SFC) for safety and reliability defects — E-stop implementation, output fail-safe paths, latch integrity, memory-write races, forced I/O, interlock bypass governance, timer determinism, and watchdog coverage — without connecting to a live controller.",
+    "summary": "Statically review exported IEC 61131-3 PLC program logic (LD, ST, FBD, SFC) for safety and reliability defects \u2014 E-stop implementation, output fail-safe paths, latch integrity, memory-write races, forced I/O, interlock bypass governance, timer determinism, and watchdog coverage \u2014 without connecting to a live controller.",
     "source_type": "original",
     "official_docs": [
       "https://plcopen.org/iec-61131-3",
@@ -9500,7 +9774,7 @@
       "https://webstore.iec.ch/publication/26037",
       "https://content.helpme-codesys.com/en/CODESYS%20Development%20System/_cds_structure_application_objects.html"
     ],
-    "security_notes": "Static review only — reads exported program logic, never connects to a live PLC, never writes to a controller, and never advises modifying running logic or bypassing a safety function. Never request or accept live controller IP addresses, plant network credentials, historian credentials, or any identifier that maps to a production asset. Ask for sanitized, anonymized exports only.",
+    "security_notes": "Static review only \u2014 reads exported program logic, never connects to a live PLC, never writes to a controller, and never advises modifying running logic or bypassing a safety function. Never request or accept live controller IP addresses, plant network credentials, historian credentials, or any identifier that maps to a production asset. Ask for sanitized, anonymized exports only.",
     "last_verified": "2026-05-17",
     "path": "skills/qa/plc-control-logic-safety-review",
     "author": "github: Raishin",
@@ -9604,7 +9878,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review exported RPA workflow definitions (UiPath XAML, Automation Anywhere, Power Automate Desktop, Blue Prism) for resilience and security defects — hardcoded credentials, brittle selectors, missing exception handling, non-idempotent logic, fixed delays, and invisible failures — statically, without connecting to a live orchestrator.",
+    "summary": "Review exported RPA workflow definitions (UiPath XAML, Automation Anywhere, Power Automate Desktop, Blue Prism) for resilience and security defects \u2014 hardcoded credentials, brittle selectors, missing exception handling, non-idempotent logic, fixed delays, and invisible failures \u2014 statically, without connecting to a live orchestrator.",
     "source_type": "original",
     "official_docs": [
       "https://docs.uipath.com/studio/standalone/latest/user-guide/about-workflow-analyzer",
@@ -9614,17 +9888,17 @@
       "https://learn.microsoft.com/en-us/power-automate/guidance/coding-guidelines/overview",
       "https://learn.microsoft.com/en-us/power-automate/guidance/coding-guidelines/error-handling"
     ],
-    "security_notes": "Static review only — reads exported workflow definitions, never connects to a live orchestrator, never executes a bot, and never requests runner credentials, orchestrator URLs, or production queue data. Never accept workflow exports containing live PII, real customer data, or production connection strings; ask for sanitized snippets.",
+    "security_notes": "Static review only \u2014 reads exported workflow definitions, never connects to a live orchestrator, never executes a bot, and never requests runner credentials, orchestrator URLs, or production queue data. Never accept workflow exports containing live PII, real customer data, or production connection strings; ask for sanitized snippets.",
     "last_verified": "2026-05-17",
     "path": "skills/qa/rpa-workflow-resilience-review",
     "author": "github: Raishin",
     "version": "0.1.0"
   },
   {
-    "id": "scaleway-cost-optimizer",
-    "name": "Scaleway Cost Optimizer",
+    "id": "salesforce-agentforce-risk-review-skill",
+    "name": "Salesforce Agentforce Risk Review Skill",
     "type": "skill",
-    "provider": "scaleway",
+    "provider": "salesforce",
     "harnesses": [
       "codex",
       "claude-code",
@@ -9633,25 +9907,23 @@
       "kiro",
       "other"
     ],
-    "summary": "Review and optimize Scaleway cost posture: Instance rightsizing, reserved instance utilization, idle Object Storage and SBS volumes, Serverless function cost, RDB sizing, and Cockpit observability spend.",
+    "summary": "Reviews Agentforce and Salesforce AI agent configurations for grounding quality, retrieval scope, action allowlist safety, human handoff design, hallucination containment, prompt injection surface, autonomous action boundary, audit logging, and model-risk controls. All Agentforce and Einstein feature names carry.",
     "source_type": "original",
     "official_docs": [
-      "https://www.scaleway.com/en/pricing/",
-      "https://www.scaleway.com/en/docs/billing/",
-      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/instance_server",
-      "https://www.scaleway.com/en/docs/observability/cockpit/"
+      "https://help.salesforce.com/",
+      "https://developer.salesforce.com/docs"
     ],
-    "security_notes": "Do not recommend cost cuts that remove Cockpit observability, RDB automated backups, snapshot retention, or multi-zone placement group coverage without explicit risk acceptance. Reserved instance commitments are non-refundable.",
-    "last_verified": "2026-05-10",
-    "path": "skills/scaleway/scaleway-cost-optimizer",
+    "security_notes": "Read-only static configuration review; sanitized exports only; never executes agent actions or requests live org credentials. Autonomous action boundary violations always escalation-grade. All Agentforce product names require verification against current Salesforce documentation.",
+    "last_verified": "2026-05-20",
+    "path": "skills/salesforce/salesforce-agentforce-risk-review-skill",
     "author": "github: Raishin",
     "version": "0.1.0"
   },
   {
-    "id": "scaleway-iam-policy-review",
-    "name": "Scaleway IAM Policy Review",
+    "id": "salesforce-apex-lwc-code-review-skill",
+    "name": "Salesforce Apex and LWC Code Review Skill",
     "type": "skill",
-    "provider": "scaleway",
+    "provider": "salesforce",
     "harnesses": [
       "codex",
       "claude-code",
@@ -9660,25 +9932,23 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Scaleway IAM bindings, API key scopes and expiry, service account permissions, and organization vs project-level access control posture for least-privilege compliance.",
+    "summary": "Reviews Salesforce Apex classes, triggers, LWC components, and async jobs (Queueable, Batch, Future, Schedulable) for SOQL and DML inside loops, missing test coverage patterns, WITH SECURITY_ENFORCED and stripInaccessible usage, sharing keyword omission, governor-limit risk, LWC XSS surface, and Locker Service issues.",
     "source_type": "original",
     "official_docs": [
-      "https://www.scaleway.com/en/docs/iam/",
-      "https://www.scaleway.com/en/docs/iam/concepts/",
-      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/iam_policy",
-      "https://www.scaleway.com/en/developers/api/iam/"
+      "https://help.salesforce.com/",
+      "https://developer.salesforce.com/docs"
     ],
-    "security_notes": "Scaleway API keys with organization-level scope grant access to all projects; always prefer project-scoped keys with expiry. IAM key sprawl — long-lived keys with broad scopes — is the top Scaleway access control risk.",
-    "last_verified": "2026-05-10",
-    "path": "skills/scaleway/scaleway-iam-policy-review",
+    "security_notes": "Read-only static code review; sanitized code only; never executes code or requests live org credentials. Refuses inputs with hardcoded credentials or customer data. without-sharing usage on PII classes always escalated for human review.",
+    "last_verified": "2026-05-20",
+    "path": "skills/salesforce/salesforce-apex-lwc-code-review-skill",
     "author": "github: Raishin",
     "version": "0.1.0"
   },
   {
-    "id": "scaleway-kapsule-platform-operator",
-    "name": "Scaleway Kapsule Platform Operator",
+    "id": "salesforce-case-capsule",
+    "name": "Salesforce Case Capsule",
     "type": "skill",
-    "provider": "scaleway",
+    "provider": "generic",
     "harnesses": [
       "codex",
       "claude-code",
@@ -9687,25 +9957,24 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Scaleway Kapsule managed Kubernetes cluster readiness: node pool strategy, CNI selection (Cilium, Calico, Kilo), placement group policies, version upgrades, PDB coverage, and workload scheduling posture.",
+    "summary": "Shared, auditable handoff contract for Salesforce specialist agents \u2014 a redacted case capsule carrying facts, uncertainty, evidence quality, risk labels, privilege and privacy posture, a named decision owner, and an explicit do-not-do list. Does not give Salesforce or business advice and does not authorize any action.",
     "source_type": "original",
     "official_docs": [
-      "https://www.scaleway.com/en/docs/kubernetes/",
-      "https://www.scaleway.com/en/developers/api/kubernetes/",
-      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_cluster",
-      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_pool"
+      "https://help.salesforce.com/",
+      "https://trailhead.salesforce.com/",
+      "https://developer.salesforce.com/docs"
     ],
-    "security_notes": "Kapsule control-plane upgrades are irreversible — no downgrade path exists. CNI choice is immutable after cluster creation. Placement group enforced policy may block instance scheduling under capacity pressure.",
-    "last_verified": "2026-05-10",
-    "path": "skills/scaleway/scaleway-kapsule-platform-operator",
+    "security_notes": "Defines a minimum-necessary handoff record; never carries org credentials, session IDs, OAuth tokens, customer PII, or regulated data beyond what the matter requires. Never authorizes action; flags privilege and privacy posture and routes decisions to a named human owner.",
+    "last_verified": "2026-05-20",
+    "path": "skills/cross-functional/salesforce-case-capsule",
     "author": "github: Raishin",
     "version": "0.1.0"
   },
   {
-    "id": "scaleway-live-kapsule-rollout-guard",
-    "name": "Scaleway Live Kapsule Rollout Guard",
+    "id": "salesforce-data-exposure-escalation-protocol",
+    "name": "Salesforce Data Exposure Escalation Protocol",
     "type": "skill",
-    "provider": "scaleway",
+    "provider": "generic",
     "harnesses": [
       "codex",
       "claude-code",
@@ -9714,26 +9983,24 @@
       "kiro",
       "other"
     ],
-    "summary": "Gate Scaleway Kapsule live mutations (version upgrades, node pool changes, cluster config) with mandatory PDB audit, cluster health evidence, approval token, and rollback plan. Hard-stops when any pre-flight condition is missing.",
+    "summary": "Immediate escalation-response protocol for Salesforce data exposure events \u2014 fires on guest-user exposure, cross-org sync without DPA, regulated-data Marketing Cloud sync without consent map, Experience Cloud sharing-set widening, and Data Cloud cross-org sharing. Required path: pause, preserve evidence, name controllers and processors, escalate to privacy counsel and security, and document.",
     "source_type": "original",
     "official_docs": [
-      "https://www.scaleway.com/en/docs/kubernetes/",
-      "https://www.scaleway.com/en/developers/api/kubernetes/",
-      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_cluster",
-      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_pool",
-      "https://kubernetes.io/docs/concepts/workloads/pods/disruptions/"
+      "https://help.salesforce.com/",
+      "https://trailhead.salesforce.com/",
+      "https://developer.salesforce.com/docs"
     ],
-    "security_notes": "Kapsule control-plane version upgrades are irreversible — no downgrade path exists. CNI type is immutable after cluster creation. Node pool deletion evicts all workloads immediately. Hard-stop mandatory when target, approval, or rollback plan is absent or ambiguous.",
-    "last_verified": "2026-05-10",
-    "path": "skills/scaleway/scaleway-live-kapsule-rollout-guard",
+    "security_notes": "Hard escalation protocol \u2014 never determines regulatory notification obligations (legal determination only); never authorizes self-remediation; always requires human authorization. Evidence must be preserved and not deleted. Sanitized inputs only; never accepts real credentials, PII, or customer data.",
+    "last_verified": "2026-05-20",
+    "path": "skills/cross-functional/salesforce-data-exposure-escalation-protocol",
     "author": "github: Raishin",
     "version": "0.1.0"
   },
   {
-    "id": "scaleway-maestro",
-    "name": "Scaleway Maestro",
+    "id": "salesforce-devsecops-pipeline-skill",
+    "name": "Salesforce DevSecOps Pipeline Skill",
     "type": "skill",
-    "provider": "scaleway",
+    "provider": "salesforce",
     "harnesses": [
       "codex",
       "claude-code",
@@ -9742,24 +10009,24 @@
       "kiro",
       "other"
     ],
-    "summary": "Classify and route Scaleway tasks to the narrowest qualified specialist agent for IAM, cost, Kapsule, networking, or live-guard domains.",
+    "summary": "Structured DevSecOps review workflow for Salesforce pipelines covering SCA finding triage, sandbox data governance and PII masking, change impact analysis across metadata dependencies, CI/CD security gate compliance, and DevOps Center deployment governance.",
     "source_type": "original",
     "official_docs": [
-      "https://www.scaleway.com/en/docs/",
-      "https://www.scaleway.com/en/developers/api/",
-      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs"
+      "https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/index.html",
+      "https://help.salesforce.com/s/articleView?id=sf.data_masking_intro.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_develop.htm"
     ],
-    "security_notes": "Never route to the live-guard agent without explicit user intent for a live mutation. Classification must stay read-only; do not infer project or zone identity from context alone.",
-    "last_verified": "2026-05-10",
-    "path": "skills/scaleway/scaleway-maestro",
+    "security_notes": "Read-only static review; sanitized inputs only; never requests live org credentials, session tokens, or API access. Risk register is advisory; remediation requires human authorization.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-devsecops-pipeline-skill",
     "author": "github: Raishin",
     "version": "0.1.0"
   },
   {
-    "id": "scaleway-network-architect",
-    "name": "Scaleway Network Architect",
+    "id": "salesforce-flow-automation-review-skill",
+    "name": "Salesforce Flow Automation Review Skill",
     "type": "skill",
-    "provider": "scaleway",
+    "provider": "salesforce",
     "harnesses": [
       "codex",
       "claude-code",
@@ -9768,25 +10035,23 @@
       "kiro",
       "other"
     ],
-    "summary": "Review and design Scaleway VPC topology, Private Network attachment, security group rules, Load Balancer configuration, placement group HA policy, and multi-zone resilience patterns.",
+    "summary": "Reviews Salesforce Flow XML, validation rules, approval processes, and record-triggered automation for recursion, ungoverned bypass flags, brittle null handling, missing fault paths, hardcoded recipients, before-save vs after-save misuse, and mixed Process Builder plus Flow plus Apex on the same object.",
     "source_type": "original",
     "official_docs": [
-      "https://www.scaleway.com/en/docs/network/vpc/",
-      "https://www.scaleway.com/en/docs/compute/instances/how-to/use-placement-groups/",
-      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/vpc",
-      "https://www.scaleway.com/en/docs/network/load-balancer/"
+      "https://help.salesforce.com/",
+      "https://developer.salesforce.com/docs"
     ],
-    "security_notes": "Placement group enforced policy may block instance scheduling under zone capacity pressure — prefer max_availability for production HA. Security groups are zone-scoped; cross-zone traffic must be reviewed for unintended public exposure via flexible IPs.",
-    "last_verified": "2026-05-10",
-    "path": "skills/scaleway/scaleway-network-architect",
+    "security_notes": "Read-only static review; sanitized exports only; never requests live org credentials or API access. Hardcoded recipient values not repeated in output. Automation activation decisions require human-authorized change management.",
+    "last_verified": "2026-05-20",
+    "path": "skills/salesforce/salesforce-flow-automation-review-skill",
     "author": "github: Raishin",
     "version": "0.1.0"
   },
   {
-    "id": "sigstore-cosign-supply-chain-review",
-    "name": "Sigstore Cosign Supply Chain Review",
+    "id": "salesforce-infrastructure-audit-skill",
+    "name": "Salesforce Infrastructure Audit Skill",
     "type": "skill",
-    "provider": "sigstore",
+    "provider": "salesforce",
     "harnesses": [
       "codex",
       "claude-code",
@@ -9795,27 +10060,24 @@
       "kiro",
       "other"
     ],
-    "summary": "Review Sigstore Cosign image signing, Kyverno imageVerify policy, SBOM attestations, SLSA provenance, Rekor transparency log posture, and keyless vs key-based signing configuration for Kubernetes workload supply chain security.",
+    "summary": "Structured audit workflow for Salesforce infrastructure security posture covering network policies, IP allowlisting, session settings, CSP Trusted Sites, sandbox isolation and data masking, and Hyperforce deployment controls and data residency commitments.",
     "source_type": "original",
     "official_docs": [
-      "https://docs.sigstore.dev/cosign/overview/",
-      "https://docs.sigstore.dev/policy-controller/overview/",
-      "https://slsa.dev/spec/v1.0/requirements",
-      "https://kyverno.io/docs/writing-policies/verify-images/",
-      "https://docs.github.com/en/actions/security-guides/using-artifact-attestations",
-      "https://rekor.sigstore.dev/"
+      "https://help.salesforce.com/s/articleView?id=sf.security_networkaccess.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.security_session_settings.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.hyperforce_overview.htm"
     ],
-    "security_notes": "Kyverno imageVerify policy without subject/issuer constraints accepts any Sigstore-signed image regardless of signer identity. Long-lived Cosign keys in CI secrets allow retroactive signing of malicious images if the secret is compromised.",
-    "last_verified": "2026-05-02",
-    "path": "skills/sigstore/sigstore-cosign-supply-chain-review",
-    "version": "0.1.0",
-    "author": "github: Raishin"
+    "security_notes": "Read-only static review; sanitized inputs only; never requests live org credentials, session tokens, or API access. Risk register is advisory; remediation requires human authorization.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-infrastructure-audit-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
   },
   {
-    "id": "terraform-maestro",
-    "name": "Terraform Maestro",
+    "id": "salesforce-integration-review-skill",
+    "name": "Salesforce Integration Review Skill",
     "type": "skill",
-    "provider": "terraform",
+    "provider": "salesforce",
     "harnesses": [
       "codex",
       "claude-code",
@@ -9824,16 +10086,488 @@
       "kiro",
       "other"
     ],
-    "summary": "Route Terraform and IaC tasks to the right specialist from the cross-cloud IaC catalog. Classifies by domain (review, aws-iac, azure-iac, oci-iac, live-guard), dispatches single or parallel (max 4), and enforces live-guard gate for live apply, destroy, or stack mutations.",
-    "source_type": "adapted",
+    "summary": "Reviews Salesforce integration designs for API choice (REST, SOAP, Bulk, Streaming, CDC, Platform Events), middleware position, retry and idempotency, error queue design, observability, secret handling, OAuth scope minimization, named credential vs callout patterns, and MuleSoft vs point-to-point architecture.",
+    "source_type": "original",
     "official_docs": [
-      "https://developer.hashicorp.com/terraform/docs",
-      "https://developer.hashicorp.com/terraform/language",
-      "https://developer.hashicorp.com/terraform/cli/commands/plan",
-      "https://developer.hashicorp.com/terraform/cli/commands/apply",
-      "https://registry.terraform.io/providers/hashicorp/aws/latest/docs",
-      "https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs",
-      "https://registry.terraform.io/providers/oracle/oci/latest/docs"
+      "https://help.salesforce.com/",
+      "https://developer.salesforce.com/docs"
+    ],
+    "security_notes": "Read-only static design review; sanitized design documents only; never tests endpoints or requests live credentials. Full OAuth scope is always a Critical finding. Cross-org regulated-data transfers require DPA verification with legal counsel.",
+    "last_verified": "2026-05-20",
+    "path": "skills/salesforce/salesforce-integration-review-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-live-change-approval-protocol",
+    "name": "Salesforce Live Change Approval Protocol",
+    "type": "skill",
+    "provider": "generic",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Refusal-by-default advisory gate for proposed live Salesforce production org mutations \u2014 verifies ten required preconditions (org identity, environment type, user identity, permission scope, change ticket, approval state, dry-run preview, rollback plan, test evidence, post-change verification) and outputs STOP if any is missing. Advisory only; all live mutations require human authorization.",
+    "source_type": "original",
+    "official_docs": [
+      "https://help.salesforce.com/",
+      "https://trailhead.salesforce.com/",
+      "https://developer.salesforce.com/docs"
+    ],
+    "security_notes": "Refusal-by-default gate; never issues authorization for live org mutations; advisory checklist only. Never accepts or repeats real credentials, session tokens, or production org IDs. All live mutation decisions require human authorization through the organization's change management process.",
+    "last_verified": "2026-05-20",
+    "path": "skills/cross-functional/salesforce-live-change-approval-protocol",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-marketing-consent-review-skill",
+    "name": "Salesforce Marketing Consent Review Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Reviews Salesforce marketing data flows (Marketing Cloud, Account Engagement, Data Cloud) for consent capture, lawful basis, purpose limitation, preference center coverage, suppression list integrity, subscriber-key collision risk, deliverability authentication (SPF, DKIM, DMARC), and unsubscribe link integrity.",
+    "source_type": "original",
+    "official_docs": [
+      "https://help.salesforce.com/",
+      "https://developer.salesforce.com/docs"
+    ],
+    "security_notes": "Read-only static review; sanitized design documents only; never accesses live Marketing Cloud accounts or APIs. Lawful basis findings require verification by qualified privacy counsel. Regulated-data marketing flows escalated to compliance review.",
+    "last_verified": "2026-05-20",
+    "path": "skills/salesforce/salesforce-marketing-consent-review-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-metadata-review-skill",
+    "name": "Salesforce Metadata Review Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Reviews pasted or exported Salesforce metadata (objects, fields, layouts, Lightning record pages, profiles, permission sets, sharing rules) for over-customization, unused fields, hardcoded IDs, and deprecated metadata types, producing a structured findings report.",
+    "source_type": "original",
+    "official_docs": [
+      "https://help.salesforce.com/",
+      "https://developer.salesforce.com/docs"
+    ],
+    "security_notes": "Read-only static review; sanitized metadata exports only; never requests live org credentials or API access. Hardcoded ID values not repeated in output. Regulated-vertical findings escalated to compliance specialist.",
+    "last_verified": "2026-05-20",
+    "path": "skills/salesforce/salesforce-metadata-review-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-org-assessment-skill",
+    "name": "Salesforce Org Assessment Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Structured workflow for assessing a Salesforce org's overall posture from sanitized exports \u2014 object model, automation inventory, permission topology, integration map, and technical debt indicators \u2014 producing a risk register and remediation backlog.",
+    "source_type": "original",
+    "official_docs": [
+      "https://help.salesforce.com/",
+      "https://developer.salesforce.com/docs"
+    ],
+    "security_notes": "Read-only static review; sanitized exports only; never requests live org credentials, session tokens, or API access. Risk register is advisory; remediation requires human authorization. Regulated-vertical findings escalated to compliance counsel.",
+    "last_verified": "2026-05-20",
+    "path": "skills/salesforce/salesforce-org-assessment-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-permission-model-review-skill",
+    "name": "Salesforce Permission Model Review Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Reviews Salesforce profiles, permission sets, permission set groups, muting, sharing rules, OWD, role hierarchy, IP restrictions, and session policies for toxic combinations and over-privilege, flagging ModifyAllData, ViewAllData on PII, API Enabled without IP restriction, guest-user exposure, and Customize Application outside admins.",
+    "source_type": "original",
+    "official_docs": [
+      "https://help.salesforce.com/",
+      "https://developer.salesforce.com/docs"
+    ],
+    "security_notes": "Read-only static review; sanitized exports only; never requests live org credentials or API access. Guest-user PII exposure always triggers escalation-protocol. Toxic combinations are objective findings requiring human-authorized remediation.",
+    "last_verified": "2026-05-20",
+    "path": "skills/salesforce/salesforce-permission-model-review-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-release-readiness-skill",
+    "name": "Salesforce Release Readiness Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Pre-release checklist assessment for Salesforce deployments \u2014 covers sandbox refresh strategy, source tracking state, package version diff, destructiveChanges.xml review, test coverage threshold, post-deploy steps, rollback plan, comms plan, and approval matrix. Advisory only; never executes deployments.",
+    "source_type": "original",
+    "official_docs": [
+      "https://help.salesforce.com/",
+      "https://developer.salesforce.com/docs"
+    ],
+    "security_notes": "Read-only advisory assessment; sanitized release artifacts only; never requests live org credentials or executes deployments. Irreversible destructive changes always require documented rollback plan. Regulated-data field deletions escalated to compliance review.",
+    "last_verified": "2026-05-20",
+    "path": "skills/salesforce/salesforce-release-readiness-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-risk-taxonomy",
+    "name": "Salesforce Risk Taxonomy",
+    "type": "skill",
+    "provider": "generic",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Shared classification vocabulary for Salesforce matters \u2014 matter types, risk tiers (Critical/High/Medium/Low/Unknown), and escalation gates (production data exposure, guest-user expansion, autonomous AI action, finance/revenue logic, regulated-vertical, mass change, irreversible deploy). Does not assess compliance or authorize any action.",
+    "source_type": "original",
+    "official_docs": [
+      "https://help.salesforce.com/",
+      "https://trailhead.salesforce.com/",
+      "https://developer.salesforce.com/docs"
+    ],
+    "security_notes": "Classification only \u2014 never authorizes action; escalation gates are hard stops requiring human review. Classifies from sanitized descriptions only and refuses inputs containing live credentials, session tokens, or unredacted PII.",
+    "last_verified": "2026-05-20",
+    "path": "skills/cross-functional/salesforce-risk-taxonomy",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-routing-protocol",
+    "name": "Salesforce Routing Protocol",
+    "type": "skill",
+    "provider": "generic",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Classification and routing discipline for Salesforce matters \u2014 routing rules per matter type, the cross-domain overlap matrix (admin \u00d7 dev \u00d7 security \u00d7 revops \u00d7 marketing \u00d7 compliance), and the conflict-resolution protocol. Does not give Salesforce or business advice; routing is a recommendation only.",
+    "source_type": "original",
+    "official_docs": [
+      "https://help.salesforce.com/",
+      "https://trailhead.salesforce.com/",
+      "https://developer.salesforce.com/docs"
+    ],
+    "security_notes": "Routing is a recommendation, never an authorization; never approves, denies, or directs deployment or configuration actions. Classifies matters from sanitized signals only and never requests org credentials, session IDs, OAuth tokens, or production org IDs.",
+    "last_verified": "2026-05-20",
+    "path": "skills/cross-functional/salesforce-routing-protocol",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-soql-explorer-skill",
+    "name": "Salesforce SOQL Explorer Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Executes read-only SOQL queries against a connected Salesforce org via the sf CLI under T1 least-privilege scope. Returns sanitized JSON output with a structured audit envelope. Live operational counterpart to the static-review skills. No DML. No metadata mutation. Sanitized output only.",
+    "source_type": "original",
+    "official_docs": [
+      "https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_data_commands_unified.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.soql_sosl.meta/soql_sosl/sforce_api_calls_soql.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.connected_app_overview.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_calls_query.htm"
+    ],
+    "security_notes": "T1 read-only operational scope only. No DML permitted. OAuth scopes restricted to api + refresh_token. Run As service account has no ModifyAllData, ViewAllData, ViewEncryptedData, ModifyMetadata, AuthorApex, or ManageConnectedApps permissions. Org allowlist enforced by Connected App. Every execution emits a structured audit envelope. All Salesforce IDs, user IDs, and PII fields are redacted before output. Refresh token rotation immediately revokes access.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-soql-explorer-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-zero-trust-maturity-skill",
+    "name": "Salesforce Zero Trust Maturity Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Evaluates Salesforce deployment zero-trust readiness against NIST SP 800-207 ZTA principles, scoring five pillars (User, Device, Network, Application, Automation) and reviewing continuous verification, certificate lifecycle, mTLS enforcement, Transaction Security Policies, and Event Monitoring coverage.",
+    "source_type": "original",
+    "official_docs": [
+      "https://help.salesforce.com/s/articleView?id=sf.security_keys_about.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.transaction_security_policy_events.htm",
+      "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf"
+    ],
+    "security_notes": "Read-only static review; sanitized inputs only; never requests live org credentials, session tokens, or API access. Risk register is advisory; remediation requires human authorization.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-zero-trust-maturity-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "scaleway-cost-optimizer",
+    "name": "Scaleway Cost Optimizer",
+    "type": "skill",
+    "provider": "scaleway",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Review and optimize Scaleway cost posture: Instance rightsizing, reserved instance utilization, idle Object Storage and SBS volumes, Serverless function cost, RDB sizing, and Cockpit observability spend.",
+    "source_type": "original",
+    "official_docs": [
+      "https://www.scaleway.com/en/pricing/",
+      "https://www.scaleway.com/en/docs/billing/",
+      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/instance_server",
+      "https://www.scaleway.com/en/docs/observability/cockpit/"
+    ],
+    "security_notes": "Do not recommend cost cuts that remove Cockpit observability, RDB automated backups, snapshot retention, or multi-zone placement group coverage without explicit risk acceptance. Reserved instance commitments are non-refundable.",
+    "last_verified": "2026-05-10",
+    "path": "skills/scaleway/scaleway-cost-optimizer",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "scaleway-iam-policy-review",
+    "name": "Scaleway IAM Policy Review",
+    "type": "skill",
+    "provider": "scaleway",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Review Scaleway IAM bindings, API key scopes and expiry, service account permissions, and organization vs project-level access control posture for least-privilege compliance.",
+    "source_type": "original",
+    "official_docs": [
+      "https://www.scaleway.com/en/docs/iam/",
+      "https://www.scaleway.com/en/docs/iam/concepts/",
+      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/iam_policy",
+      "https://www.scaleway.com/en/developers/api/iam/"
+    ],
+    "security_notes": "Scaleway API keys with organization-level scope grant access to all projects; always prefer project-scoped keys with expiry. IAM key sprawl \u2014 long-lived keys with broad scopes \u2014 is the top Scaleway access control risk.",
+    "last_verified": "2026-05-10",
+    "path": "skills/scaleway/scaleway-iam-policy-review",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "scaleway-kapsule-platform-operator",
+    "name": "Scaleway Kapsule Platform Operator",
+    "type": "skill",
+    "provider": "scaleway",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Review Scaleway Kapsule managed Kubernetes cluster readiness: node pool strategy, CNI selection (Cilium, Calico, Kilo), placement group policies, version upgrades, PDB coverage, and workload scheduling posture.",
+    "source_type": "original",
+    "official_docs": [
+      "https://www.scaleway.com/en/docs/kubernetes/",
+      "https://www.scaleway.com/en/developers/api/kubernetes/",
+      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_cluster",
+      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_pool"
+    ],
+    "security_notes": "Kapsule control-plane upgrades are irreversible \u2014 no downgrade path exists. CNI choice is immutable after cluster creation. Placement group enforced policy may block instance scheduling under capacity pressure.",
+    "last_verified": "2026-05-10",
+    "path": "skills/scaleway/scaleway-kapsule-platform-operator",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "scaleway-live-kapsule-rollout-guard",
+    "name": "Scaleway Live Kapsule Rollout Guard",
+    "type": "skill",
+    "provider": "scaleway",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Gate Scaleway Kapsule live mutations (version upgrades, node pool changes, cluster config) with mandatory PDB audit, cluster health evidence, approval token, and rollback plan. Hard-stops when any pre-flight condition is missing.",
+    "source_type": "original",
+    "official_docs": [
+      "https://www.scaleway.com/en/docs/kubernetes/",
+      "https://www.scaleway.com/en/developers/api/kubernetes/",
+      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_cluster",
+      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_pool",
+      "https://kubernetes.io/docs/concepts/workloads/pods/disruptions/"
+    ],
+    "security_notes": "Kapsule control-plane version upgrades are irreversible \u2014 no downgrade path exists. CNI type is immutable after cluster creation. Node pool deletion evicts all workloads immediately. Hard-stop mandatory when target, approval, or rollback plan is absent or ambiguous.",
+    "last_verified": "2026-05-10",
+    "path": "skills/scaleway/scaleway-live-kapsule-rollout-guard",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "scaleway-maestro",
+    "name": "Scaleway Maestro",
+    "type": "skill",
+    "provider": "scaleway",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Classify and route Scaleway tasks to the narrowest qualified specialist agent for IAM, cost, Kapsule, networking, or live-guard domains.",
+    "source_type": "original",
+    "official_docs": [
+      "https://www.scaleway.com/en/docs/",
+      "https://www.scaleway.com/en/developers/api/",
+      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs"
+    ],
+    "security_notes": "Never route to the live-guard agent without explicit user intent for a live mutation. Classification must stay read-only; do not infer project or zone identity from context alone.",
+    "last_verified": "2026-05-10",
+    "path": "skills/scaleway/scaleway-maestro",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "scaleway-network-architect",
+    "name": "Scaleway Network Architect",
+    "type": "skill",
+    "provider": "scaleway",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Review and design Scaleway VPC topology, Private Network attachment, security group rules, Load Balancer configuration, placement group HA policy, and multi-zone resilience patterns.",
+    "source_type": "original",
+    "official_docs": [
+      "https://www.scaleway.com/en/docs/network/vpc/",
+      "https://www.scaleway.com/en/docs/compute/instances/how-to/use-placement-groups/",
+      "https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/vpc",
+      "https://www.scaleway.com/en/docs/network/load-balancer/"
+    ],
+    "security_notes": "Placement group enforced policy may block instance scheduling under zone capacity pressure \u2014 prefer max_availability for production HA. Security groups are zone-scoped; cross-zone traffic must be reviewed for unintended public exposure via flexible IPs.",
+    "last_verified": "2026-05-10",
+    "path": "skills/scaleway/scaleway-network-architect",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "sigstore-cosign-supply-chain-review",
+    "name": "Sigstore Cosign Supply Chain Review",
+    "type": "skill",
+    "provider": "sigstore",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Review Sigstore Cosign image signing, Kyverno imageVerify policy, SBOM attestations, SLSA provenance, Rekor transparency log posture, and keyless vs key-based signing configuration for Kubernetes workload supply chain security.",
+    "source_type": "original",
+    "official_docs": [
+      "https://docs.sigstore.dev/cosign/overview/",
+      "https://docs.sigstore.dev/policy-controller/overview/",
+      "https://slsa.dev/spec/v1.0/requirements",
+      "https://kyverno.io/docs/writing-policies/verify-images/",
+      "https://docs.github.com/en/actions/security-guides/using-artifact-attestations",
+      "https://rekor.sigstore.dev/"
+    ],
+    "security_notes": "Kyverno imageVerify policy without subject/issuer constraints accepts any Sigstore-signed image regardless of signer identity. Long-lived Cosign keys in CI secrets allow retroactive signing of malicious images if the secret is compromised.",
+    "last_verified": "2026-05-02",
+    "path": "skills/sigstore/sigstore-cosign-supply-chain-review",
+    "version": "0.1.0",
+    "author": "github: Raishin"
+  },
+  {
+    "id": "terraform-maestro",
+    "name": "Terraform Maestro",
+    "type": "skill",
+    "provider": "terraform",
+    "harnesses": [
+      "codex",
+      "claude-code",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Route Terraform and IaC tasks to the right specialist from the cross-cloud IaC catalog. Classifies by domain (review, aws-iac, azure-iac, oci-iac, live-guard), dispatches single or parallel (max 4), and enforces live-guard gate for live apply, destroy, or stack mutations.",
+    "source_type": "adapted",
+    "official_docs": [
+      "https://developer.hashicorp.com/terraform/docs",
+      "https://developer.hashicorp.com/terraform/language",
+      "https://developer.hashicorp.com/terraform/cli/commands/plan",
+      "https://developer.hashicorp.com/terraform/cli/commands/apply",
+      "https://registry.terraform.io/providers/hashicorp/aws/latest/docs",
+      "https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs",
+      "https://registry.terraform.io/providers/oracle/oci/latest/docs"
     ],
     "security_notes": "Live-guard gate is non-negotiable: never auto-dispatch live apply, destroy, or stack mutation agents without explicit human confirmation, blast-radius assessment, and rollback path. Terraform destroy is irreversible without state backup.",
     "last_verified": "2026-04-30",
@@ -9854,7 +10588,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Review a test suite for assertion quality over coverage percentage — detecting coverage theater, assertion-free and tautological tests, mock over-specification, and untested branches, and recommending a meaningful coverage gate. Static review only.",
+    "summary": "Review a test suite for assertion quality over coverage percentage \u2014 detecting coverage theater, assertion-free and tautological tests, mock over-specification, and untested branches, and recommending a meaningful coverage gate. Static review only.",
     "source_type": "original",
     "official_docs": [
       "https://martinfowler.com/bliki/TestCoverage.html",
@@ -9863,7 +10597,7 @@
       "https://jestjs.io/docs/configuration",
       "https://docs.pytest.org/en/stable/how-to/assert.html"
     ],
-    "security_notes": "Static review only — reads test source and coverage reports, never executes tests or runs a coverage tool. Never request or accept credentials, fixtures containing real customer data, or production database snapshots; ask for sanitized test code.",
+    "security_notes": "Static review only \u2014 reads test source and coverage reports, never executes tests or runs a coverage tool. Never request or accept credentials, fixtures containing real customer data, or production database snapshots; ask for sanitized test code.",
     "last_verified": "2026-05-17",
     "path": "skills/qa/test-coverage-quality-review",
     "author": "github: Raishin",
@@ -9882,7 +10616,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Triage flaky tests across any framework into root-cause categories, assign a quarantine or fix path per test, and assess quarantine policy and CI retry configuration — statically, without re-running tests.",
+    "summary": "Triage flaky tests across any framework into root-cause categories, assign a quarantine or fix path per test, and assess quarantine policy and CI retry configuration \u2014 statically, without re-running tests.",
     "source_type": "original",
     "official_docs": [
       "https://playwright.dev/docs/test-retries",
@@ -9891,7 +10625,7 @@
       "https://docs.pytest.org/en/stable/how-to/flaky.html",
       "https://martinfowler.com/articles/nonDeterminism.html"
     ],
-    "security_notes": "Static review only — analyzes failure logs, rerun history, and test source; never executes or re-runs tests. Never request or accept CI credentials, dashboard API tokens, or production data embedded in failure logs; ask for sanitized excerpts.",
+    "security_notes": "Static review only \u2014 analyzes failure logs, rerun history, and test source; never executes or re-runs tests. Never request or accept CI credentials, dashboard API tokens, or production data embedded in failure logs; ask for sanitized excerpts.",
     "last_verified": "2026-05-17",
     "path": "skills/qa/test-flakiness-triage",
     "author": "github: Raishin",
@@ -9910,7 +10644,7 @@
       "kiro",
       "other"
     ],
-    "summary": "Live-guard skill for Velero backup schedules, restore operations, BackupStorageLocation changes, and volume snapshots — requiring explicit platform-team sign-off before any mutation.",
+    "summary": "Live-guard skill for Velero backup schedules, restore operations, BackupStorageLocation changes, and volume snapshots \u2014 requiring explicit platform-team sign-off before any mutation.",
     "source_type": "original",
     "official_docs": [
       "https://velero.io/docs/latest/",
@@ -9919,10 +10653,530 @@
       "https://velero.io/docs/latest/locations/",
       "https://velero.io/docs/latest/hooks/"
     ],
-    "security_notes": "Velero restore with existingResourcePolicy:update can overwrite live RBAC resources, Secrets, and ServiceAccounts — equivalent to a partial cluster wipe. BSL credentials with write-only access prevent listing/deleting old backups, causing runaway storage costs. Never proceed with cluster-wide restores without explicit platform-team sign-off.",
+    "security_notes": "Velero restore with existingResourcePolicy:update can overwrite live RBAC resources, Secrets, and ServiceAccounts \u2014 equivalent to a partial cluster wipe. BSL credentials with write-only access prevent listing/deleting old backups, causing runaway storage costs. Never proceed with cluster-wide restores without explicit platform-team sign-off.",
     "last_verified": "2026-05-02",
     "path": "skills/velero/velero-backup-restore-guard",
     "version": "0.1.0",
     "author": "github: Raishin"
+  },
+  {
+    "id": "salesforce-metadata-fetcher-skill",
+    "name": "Salesforce Metadata Fetcher Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Fetches Salesforce metadata (objects, fields, flows, validation rules, permission sets, profiles, Apex classes/triggers, Lightning components) live from a connected org under T1 least-privilege scope (api + refresh_token only). Sanitizes output and routes to downstream review skills \u2014 eliminates the hand-paste requirement across all 17 static-review skills.",
+    "source_type": "original",
+    "execution_tier": "read-only-runtime",
+    "oauth_scopes": [
+      "api",
+      "refresh_token"
+    ],
+    "mcp_servers": [],
+    "run_as_permissions": {
+      "required": [
+        "View Setup and Configuration"
+      ],
+      "denied": [
+        "ModifyAllData",
+        "ViewAllData",
+        "ViewEncryptedData",
+        "ModifyMetadata",
+        "AuthorApex",
+        "ManageConnectedApps",
+        "Customize Application"
+      ]
+    },
+    "official_docs": [
+      "https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_project_retrieve_start.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_org_list_metadata.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/resources_sobject_describe.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.api_tooling.meta/api_tooling/tooling_api_objects_apexclass.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.api_tooling.meta/api_tooling/tooling_api_objects_flow.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.api_meta.meta/api_meta/meta_types_list.htm"
+    ],
+    "security_notes": "T1 read-only-runtime tier. Run As service account requires View Setup and Configuration only; ModifyAllData, ViewAllData, ViewEncryptedData, ModifyMetadata, AuthorApex, ManageConnectedApps, and Customize Application must be explicitly denied. Org IDs and user IDs never appear verbatim in output \u2014 always replaced with placeholders. REST describe paths preferred over sf project retrieve start to minimize permission footprint. Encrypted field values (Shield PE, PMLE) skipped entirely. URL-embedded credentials and Named Credential headers trigger immediate stop. Hardcoded session ID literals in Apex escalate to Critical before handoff. Regulated-vertical production orgs require explicit operator confirmation before any retrieval.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-metadata-fetcher-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0",
+    "companion_review_skills": [
+      "salesforce-metadata-review-skill",
+      "salesforce-flow-automation-review-skill",
+      "salesforce-permission-model-review-skill",
+      "salesforce-apex-lwc-code-review-skill",
+      "salesforce-integration-review-skill"
+    ],
+    "feeds_skills": [
+      "salesforce-metadata-review-skill",
+      "salesforce-flow-automation-review-skill",
+      "salesforce-permission-model-review-skill",
+      "salesforce-apex-lwc-code-review-skill"
+    ]
+  },
+  {
+    "id": "salesforce-agentforce-stdm-observer-skill",
+    "name": "Salesforce Agentforce STDM Observer Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Queries Salesforce Telemetry and Data Management (STDM) and Data Cloud for live Agentforce session traces, faithfulness scores, answer relevance scores, action invocation telemetry, and quality metrics under T1 least-privilege scope. Answers the Fortune 50 CISO question: is the Agentforce agent working correctly in production? Emits aggregate metrics only \u2014 never session content.",
+    "source_type": "adapted",
+    "source_attribution": "Adapted from the observing-agentforce skill published by Salesforce in the forcedotcom/sf-skills repository (Apache-2.0). Vanguard-specific additions: T1 least-privilege contract, structured audit envelope, aggregate-only output policy, and handoff routing model.",
+    "execution_tier": "read-only-runtime",
+    "oauth_scopes": [
+      "api",
+      "refresh_token",
+      "cdp_query_api"
+    ],
+    "run_as_permissions": {
+      "required": [
+        "View Setup and Configuration",
+        "Data Cloud Query API access"
+      ],
+      "denied": [
+        "ModifyAllData",
+        "ViewAllData",
+        "ViewEncryptedData",
+        "ModifyMetadata",
+        "AuthorApex",
+        "ManageConnectedApps",
+        "Customize Application",
+        "Manage Agentforce"
+      ]
+    },
+    "official_docs": [
+      "https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_aiagenttagassociation.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_aiagenttagdefinition.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_aievaluationdefinition.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.dataapiref.meta/dataapiref/data_api_query.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.data_cloud_admin_setup.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.agentforce_manage_agents.htm",
+      "https://developer.salesforce.com/docs/einstein/genai/guide/agentforce-overview.html"
+    ],
+    "security_notes": "T1 read-only runtime. Aggregate-only output \u2014 session text content (user messages, agent responses, LLM prompts) is never emitted under any circumstance. All Salesforce record IDs are replaced with placeholders; record IDs in action invocations are hashed. User IDs and session participant IDs are replaced with placeholders. The cdp_query_api OAuth scope grants read-only Data Cloud query access only \u2014 no write access to Data Cloud. The Run As service account must have Manage Agentforce permission explicitly denied. Structured audit envelope emitted on every execution. Regulated-vertical orgs trigger mandatory escalation to salesforce-compliance-privacy-agent.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-agentforce-stdm-observer-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0",
+    "companion_skills": [
+      "salesforce-agentforce-risk-review-skill"
+    ],
+    "verify_before_merge": "All Agentforce, STDM, Data Cloud, and Einstein AI feature names, DMO field names, object names, and API structures evolve rapidly. Validate all references against current official Salesforce documentation before production use. AiAgentTagAssociation, AiEvaluationDefinition, GenAiPlannerDefinition, and STDM DMO names are particularly prone to changes across releases."
+  },
+  {
+    "id": "salesforce-soql-generator-skill",
+    "name": "Salesforce SOQL Generator Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Generates SOQL queries from plain-English requirements without executing them. T0 static-review skill \u2014 emits ready-to-paste SOQL with selectivity analysis, governor-limit guidance, and a 100-point quality score. Pairs with salesforce-soql-explorer-skill for live execution. No org connection required.",
+    "source_type": "original",
+    "category": "generation",
+    "execution_tier": "static-review",
+    "oauth_scopes": [],
+    "mcp_servers": [],
+    "run_as_permissions": {},
+    "official_docs": [
+      "https://developer.salesforce.com/docs/atlas.en-us.soql_sosl.meta/soql_sosl/sforce_api_calls_soql.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.soql_sosl.meta/soql_sosl/sforce_api_calls_soql_select.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.soql_sosl.meta/soql_sosl/sforce_api_calls_soql_select_conditionexpression.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/langCon_apex_SOQL_govlimits.htm"
+    ],
+    "security_notes": "T0 static-review only. No org connection, no OAuth, no MCP calls. Purely generative \u2014 emits query text for human review before any live execution. No secrets, credentials, or org data handled. Handoff to salesforce-soql-explorer-skill for live execution under T1 least-privilege scope.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-soql-generator-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-deployment-validator-skill",
+    "name": "Salesforce Deployment Validator Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Runs sf project deploy validate against a SANDBOX org to surface deployment issues, test failures, and metadata dependency problems WITHOUT committing changes. T2 sandbox-mutating but reversible dry-run. Production org targets are hard-refused. Feeds salesforce-change-impact-analyst-agent.",
+    "source_type": "original",
+    "category": "operational",
+    "execution_tier": "sandbox-mutating",
+    "oauth_scopes": [
+      "api",
+      "refresh_token"
+    ],
+    "mcp_servers": [],
+    "run_as_permissions": {
+      "required": [
+        "Deploy (Metadata API)",
+        "View All Data (sandbox-only)"
+      ],
+      "denied": [
+        "ModifyAllData (production)",
+        "Customize Application (production)",
+        "Manage Connected Apps"
+      ]
+    },
+    "sandbox_only": true,
+    "production_allowed": false,
+    "official_docs": [
+      "https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_project_commands_unified.htm#cli_reference_project_deploy_validate_unified",
+      "https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_apex_commands_unified.htm#cli_reference_apex_run_test_unified",
+      "https://developer.salesforce.com/docs/atlas.en-us.api_meta.meta/api_meta/meta_deploy.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_testing_code_coverage.htm"
+    ],
+    "security_notes": "T2 sandbox-mutating but reversible. sf project deploy validate makes no persistent changes \u2014 no commit path exists in this skill. Production org targets are hard-refused before any API call. Connected App allowlist enforces sandbox-only targeting. Every execution emits a structured audit envelope including on refusals. OAuth scopes restricted to api + refresh_token. Run As service account has Deploy (Metadata API) permission but is denied ModifyAllData (production), Customize Application (production), and Manage Connected Apps. Validated deployment IDs are transient \u2014 no metadata is altered in the target org.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-deployment-validator-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-apex-generator-skill",
+    "name": "Salesforce Apex Generator Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Generates production-grade Apex classes with Service-Selector-Domain layering, correct sharing models (with sharing / without sharing / inherited sharing per class type), async patterns (Queueable, Batchable, Schedulable), governor-limit awareness, and security defaults. T0 static generation \u2014 no org connection required. Emits .cls + .cls-meta.xml with a 100-point quality score and an explicit test class recommendation.",
+    "source_type": "adapted",
+    "source_attribution": "Adapted from forcedotcom/sf-skills generating-apex (Apache-2.0). Vanguard-specific additions: T0 tier declaration, 100-point scoring rubric, sharing model correctness gate, security-defaults enforcement, and handoff routing model.",
+    "category": "generation",
+    "execution_tier": "static-review",
+    "oauth_scopes": [],
+    "mcp_servers": [],
+    "run_as_permissions": {},
+    "official_docs": [
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_intro.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_sharing_with_sharing.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_gov_limits.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_security_stripInaccessible.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_interface_queueable.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_batch_interface.htm"
+    ],
+    "security_notes": "T0 static generation only. No org connection, no OAuth, no secrets. All generated Apex uses with sharing by default; without sharing only where required by class type and documented with justification. Generated code applies WITH USER_MODE and Security.stripInaccessible() for user-data-touching classes. No hardcoded credentials, org IDs, or session tokens are ever generated. Output is draft code requiring human review before deployment.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-apex-generator-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-apex-test-generator-skill",
+    "name": "Salesforce Apex Test Generator Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Generates Apex test classes with TestDataFactory patterns, Assert class usage, bulkification (200+ records), positive/negative/bulk test method separation, async test patterns (Test.startTest/stopTest), and proper @TestSetup usage. T0 static generation \u2014 no org connection required. Emits @isTest .cls + .cls-meta.xml with a 100-point quality score. Pairs with salesforce-apex-test-runner-skill for live execution.",
+    "source_type": "adapted",
+    "source_attribution": "Adapted from forcedotcom/sf-skills generating-apex-test (Apache-2.0). Vanguard-specific additions: T0 tier declaration, 100-point scoring rubric with bulkification gate, Assert class enforcement, SeeAllData refusal policy, and handoff routing model.",
+    "category": "generation",
+    "execution_tier": "static-review",
+    "oauth_scopes": [],
+    "mcp_servers": [],
+    "run_as_permissions": {},
+    "official_docs": [
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_testing.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_testing_testsetup_annotation.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_testing_assert_class.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_testing_data_factory.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_testing_tools_start_stop_test.htm"
+    ],
+    "security_notes": "T0 static generation only. No org connection, no OAuth, no secrets. Generated test classes use SeeAllData=false by default to ensure test isolation. No hardcoded credentials, org IDs, session tokens, or record IDs are generated. All test data created via factory methods. Output is draft code requiring human review before deployment.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-apex-test-generator-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-apex-test-runner-skill",
+    "name": "Salesforce Apex Test Runner Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Executes Apex tests against a connected sandbox org via sf apex run test, parses results and coverage delta, identifies failures with stack traces, and suggests fixes. T1 read-only runtime (sandbox-only). Production org targets are hard-refused before any API call. View All Data permission is required by sf apex run test and must exist only on the sandbox-only Run As service account.",
+    "source_type": "adapted",
+    "source_attribution": "Adapted from forcedotcom/sf-skills running-apex-tests (Apache-2.0). Vanguard-specific additions: T1 tier declaration, sandbox-only hard refusal, View All Data sandbox-account isolation note, structured audit envelope, redaction rules, and handoff routing model.",
+    "category": "operational",
+    "execution_tier": "read-only-runtime",
+    "oauth_scopes": [
+      "api",
+      "refresh_token"
+    ],
+    "mcp_servers": [],
+    "run_as_permissions": {
+      "required": [
+        "View Setup and Configuration",
+        "View All Data (sandbox-only)"
+      ],
+      "denied": [
+        "ModifyAllData",
+        "ViewEncryptedData",
+        "ModifyMetadata",
+        "AuthorApex",
+        "ManageConnectedApps"
+      ]
+    },
+    "sandbox_only": true,
+    "production_allowed": false,
+    "official_docs": [
+      "https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_apex_commands_unified.htm#cli_reference_apex_run_test_unified",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_testing_code_coverage.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_testing.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.connected_app_overview.htm"
+    ],
+    "security_notes": "T1 read-only runtime. Sandbox-only \u2014 production org targets are hard-refused before any API call. The View All Data system permission required by sf apex run test must exist exclusively on the sandbox-only Run As service account and never on a production-eligible account. OAuth scopes restricted to api + refresh_token. No DML, no metadata mutation, no code deployment. All Salesforce IDs, user IDs, and OAuth tokens are redacted before output. Structured audit envelope emitted on every execution including refusals. Rotating the Run As sandbox account's refresh token immediately revokes all access.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-apex-test-runner-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-apex-log-analyzer-skill",
+    "name": "Salesforce Apex Log Analyzer Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Retrieves Apex debug logs from a connected Salesforce org and analyzes them for governor-limit hits, SOQL N+1 patterns, unhandled exceptions, CPU hotspots, and async job failures. T1 read-only runtime \u2014 retrieves logs only, never executes code or mutates data. Does NOT require View All Data (unlike test runner). Emits sanitized findings with root-cause traces and a structured audit envelope.",
+    "source_type": "adapted",
+    "source_attribution": "Adapted from forcedotcom/sf-skills debugging-apex-logs (Apache-2.0). Vanguard-specific additions: T1 tier declaration, structured audit envelope, PII redaction rules, No View All Data distinction vs test-runner-skill, and handoff routing model.",
+    "category": "operational",
+    "execution_tier": "read-only-runtime",
+    "oauth_scopes": [
+      "api",
+      "refresh_token"
+    ],
+    "mcp_servers": [],
+    "run_as_permissions": {
+      "required": [
+        "View Setup and Configuration"
+      ],
+      "denied": [
+        "ModifyAllData",
+        "ViewAllData",
+        "ViewEncryptedData",
+        "ModifyMetadata",
+        "AuthorApex",
+        "ManageConnectedApps"
+      ]
+    },
+    "official_docs": [
+      "https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_apex_commands_unified.htm#cli_reference_apex_get_log_unified",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_debugging_debug_log.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_gov_limits.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_debugging_log_levels.htm"
+    ],
+    "security_notes": "T1 read-only runtime. Log retrieval only \u2014 no code execution, no DML, no metadata mutation. Does not require View All Data (unlike salesforce-apex-test-runner-skill). OAuth scopes restricted to api + refresh_token. Apex debug logs may contain field values and PII; mandatory redaction of record IDs, user IDs, email addresses, and other PII fields before output. Session tokens and access tokens stripped from any log content. Structured audit envelope with pii_risk_assessed and redactions_applied fields emitted on every execution. Production org logs permitted but trigger maximum PII redaction scrutiny. Rotating the Run As account's refresh token immediately revokes all access.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-apex-log-analyzer-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-validation-rule-writer-skill",
+    "name": "Salesforce Validation Rule Writer Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Converts plain-English business rules into deployable Salesforce validation rule formula syntax. Outputs the formula, error message copy, profile bypass logic, null-handling guards, and a compilation safety checklist. T0 static generation only \u2014 no org connection required.",
+    "source_type": "original",
+    "category": "generation",
+    "execution_tier": "static-review",
+    "oauth_scopes": [],
+    "mcp_servers": [],
+    "run_as_permissions": {
+      "required": [],
+      "denied": []
+    },
+    "official_docs": [
+      "https://help.salesforce.com/s/articleView?id=sf.fields_about_field_validation.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.customize_functions.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.salesforce_formula_size_limits.meta/salesforce_formula_size_limits/formula_size_limits.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.fields_validation_example.htm"
+    ],
+    "security_notes": "T0 static-review only. No org connection, no CLI execution, no MCP calls. Profile bypass via $Profile.Name is included by default to prevent admin lockout during deployments. Formula logic correctness is verified against a compilation checklist before emission. No credential handling.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-validation-rule-writer-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-field-mapping-skill",
+    "name": "Salesforce Field Mapping Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Maps CSV and spreadsheet column headers to Salesforce field API names with type mismatch detection, missing-field flagging, picklist value normalization, and API name collision detection. Used during data migration from HubSpot, Pipedrive, Excel exports, and legacy CRMs. T0 static generation only \u2014 no org connection required.",
+    "source_type": "original",
+    "category": "generation",
+    "execution_tier": "static-review",
+    "oauth_scopes": [],
+    "mcp_servers": [],
+    "run_as_permissions": {
+      "required": [],
+      "denied": []
+    },
+    "official_docs": [
+      "https://help.salesforce.com/s/articleView?id=sf.data_loader.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_objects_contact.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_objects_lead.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_objects_opportunity.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.fields_about_field_type.htm"
+    ],
+    "security_notes": "T0 static-review only. No org connection, no CLI execution, no MCP calls. PII in user-provided sample data rows is not included in output \u2014 headers only. Upsert external ID fields must have the External ID attribute set in Salesforce Setup.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-field-mapping-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-flow-debugger-skill",
+    "name": "Salesforce Flow Debugger Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Diagnoses Salesforce Flow failures from pasted error messages (T0) or live FlowInterviewLog records fetched via sf CLI (T1 optional). Identifies the failing node, root cause, fault path gaps, and provides specific fix recommendations for UNHANDLED_FAULT, NullPointerException, DML exceptions, governor limit errors, and type mismatches.",
+    "source_type": "original",
+    "category": "operational",
+    "execution_tier": "read-only-runtime",
+    "oauth_scopes": [
+      "api",
+      "refresh_token"
+    ],
+    "mcp_servers": [],
+    "run_as_permissions": {
+      "required": [
+        "View Setup and Configuration",
+        "View Setup"
+      ],
+      "denied": [
+        "ModifyAllData",
+        "ViewAllData",
+        "ViewEncryptedData",
+        "ModifyMetadata",
+        "AuthorApex"
+      ]
+    },
+    "official_docs": [
+      "https://help.salesforce.com/s/articleView?id=sf.flow_troubleshoot.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.flow_ref_elements_fault.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.flow.meta/flow/flow_concepts_fault.htm",
+      "https://help.salesforce.com/s/articleView?id=sf.flow_debug.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_objects_flowinterviewlog.htm"
+    ],
+    "security_notes": "Hybrid T0/T1 skill. T0 mode requires no org connection. T1 mode queries FlowInterviewLog read-only via sf data query under api + refresh_token scopes. Denied: ModifyAllData, ViewAllData, ViewEncryptedData, ModifyMetadata, AuthorApex. T1 mode prefers sandbox \u2014 production requires explicit acknowledgment. All record IDs, user IDs, and variable values are redacted before output. Structured audit envelope emitted on every T1 execution.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-flow-debugger-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
+  },
+  {
+    "id": "salesforce-bulk-data-ops-skill",
+    "name": "Salesforce Bulk Data Ops Skill",
+    "type": "skill",
+    "provider": "salesforce",
+    "harnesses": [
+      "claude-code",
+      "codex",
+      "cursor",
+      "gemini",
+      "kiro",
+      "other"
+    ],
+    "summary": "Generates scripts for bulk Salesforce data operations: mass owner reassignment, record deduplication, mass field update, batch close stale records, contact deactivation, and lead conversion. Outputs Data Loader CSV templates and Anonymous Apex scripts with bulkification, error queues, audit logging, and rollback guidance. T0 generation only \u2014 sandbox dry-run via salesforce-deployment-validator-skill; production approval via salesforce-live-guard-agent.",
+    "source_type": "original",
+    "category": "generation",
+    "execution_tier": "static-review",
+    "oauth_scopes": [],
+    "mcp_servers": [],
+    "run_as_permissions": {
+      "required": [],
+      "denied": []
+    },
+    "official_docs": [
+      "https://help.salesforce.com/s/articleView?id=sf.data_loader.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_methods_system_database.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_batch_interface.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_dml_merge.htm",
+      "https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_gov_limits.htm"
+    ],
+    "security_notes": "T0 static-review only. No org connection, no CLI execution, no MCP calls. Hard-deletes are T3 prohibited \u2014 this skill only generates soft-delete patterns. All scripts use allOrNone=false for partial success. Sandbox dry-run via salesforce-deployment-validator-skill is required before production. Production execution requires human approval via salesforce-live-guard-agent. No hardcoded record IDs in generated scripts \u2014 dynamic SOQL lookup pattern used.",
+    "last_verified": "2026-05-21",
+    "path": "skills/salesforce/salesforce-bulk-data-ops-skill",
+    "author": "github: Raishin",
+    "version": "0.1.0"
   }
 ]